Linux Forensics
Risky Business Snake Oilers Interview with Sandfly Security
Join us for an interview on the Risky Business Snake Oilers segment where we talk about agentless Linux security and Sandfly. We cover the problem of Linux security monitoring with traditional EDR…
Default User SSH Authorized Key Risks on Linux
Default Linux users with SSH authorized keys are a way for attackers to hide backdoor accounts that can avoid detection for some time. In this video we discuss and demonstrate the threat, why it's…
Unsecured and Unencrypted SSH Private Key Threats on Linux
Unsecured and unencrypted SSH private keys are a major security threat on Linux. In this video we go over how easy unsecured SSH private keys can be stolen by intruders to use for lateral movement.…
Linux Obsolete Password Hash Risks
Obsolete password hashes on Linux expose users to brute force attack. Legacy password hashes have included MD5 which can have billions of attempts a second tried against it by GPU based crackers.…
Linux nologin Shell Rename Backdoor Attack Detection and Forensics
Ever wondered what would happen if you replaced the Linux /sbin/nologin with a valid shell? Attackers have and it gives them a persistent backdoor on supposedly disabled accounts. In this video we go…
Linux Default User Password Attack Detection and Forensics
Linux ships with default users disabled. But, attackers can activate these accounts to allow backdoor access that can hide for a long time. In this video we discuss this threat, how to find it with…