Malware

Linux Default User Password Attack Detection and Forensics

Videos
Linux Forensics
Malware
Education
December 03, 2024

Linux ships with default users disabled. But, attackers can activate these accounts to allow backdoor access that can hide for a long time. In this video we discuss this threat, how to find it with…

Linux Duplicate User Password Hash Attack

Videos
Linux Forensics
Malware
Education
December 02, 2024

Duplicate password hashes on Linux are a tactic for attackers to drop backdoor accounts in an automated way. In this video we explain what a duplicate password hash attack is, and how you can find it…

Detecting Melofee Stealth Backdoor Targeting Red Hat Linux

Linux Security
Rootkits
Malware
November 13, 2024

A new report from Qianxin's X Lab was released detailing new stealth malware targeting Red Hat 7.9 and similar systems: New Zero-Detection Variant of Melofee Backdoor from Winnti Strikes RHEL…

Rob Joyce Interview - Linux Critical Infrastructure Threats

Videos
Linux Security
Malware
Education
October 15, 2024

Watch as Rob Joyce, former head of the NSA Cybersecurity Directorate, discusses threats against Linux critical infrastructure with Sandfly founder Craig Rowland. This video will help security teams…

De-Cloaking Linux Stealth Malware and Rootkits: sedexp, Diamorphine, and Reptile

Linux Security
Videos
Rootkits
Malware
October 13, 2024

In this video we demonstrate Sandfly's new file and directory stealth rootkit de-cloaking feature on the sedexp malware targeting Linux. We also show how it works for the Diamorpine and Reptile…

Sandfly 5.2 - Linux Stealth Rootkit File and Directory De-Cloaking

Product Update
Linux Forensics
Rootkits
Malware
October 06, 2024

Sandfly 5.2 has a powerful new way to detect Linux stealth rootkits: Hidden file and directory de-cloaking. This feature will make files and directories hidden by many types of stealth rootkits…