Malware
Detecting Bincrypter Linux Malware Obfuscation
A new Linux script from THC will encrypt and obfuscate any executable or script to hide from on-disk detection. It then launches the code in a way to not leave traces on the disk as a fileless…
Sandfly 5.3.1 - Video Overview
Sandfly 5.3.1 features new licensing tier options, including an affordable Home User Edition. We've also added SELinux tamper detection and more stealth rootkit decloaking. Please watch the video…
Sandfly 5.3.1 - New License Tiers and SELinux Support
Sandfly 5.3.1 features new licensing tier options, including an affordable Home User Edition. We've also added SELinux support and more stealth rootkit detection. New features include just some of…
Sandfly 5.3 - Detailed Host Forensics and Microsoft Sentinel Integration
Sandfly 5.3.0 features a major UI overhaul with our new Linux host forensics and data views. We’ve not only brought critical host data front and center for rapid incident investigation, but expanded…
Linux Obsolete Password Hash Risks
Obsolete password hashes on Linux expose users to brute force attack. Legacy password hashes have included MD5 which can have billions of attempts a second tried against it by GPU based crackers.…
Linux nologin Shell Rename Backdoor Attack Detection and Forensics
Ever wondered what would happen if you replaced the Linux /sbin/nologin with a valid shell? Attackers have and it gives them a persistent backdoor on supposedly disabled accounts. In this video we go…