Rootkits
Sandfly 5.3.1 - Video Overview
Sandfly 5.3.1 features new licensing tier options, including an affordable Home User Edition. We've also added SELinux tamper detection and more stealth rootkit decloaking. Please watch the video…
Sandfly 5.3.1 - New License Tiers and SELinux Support
Sandfly 5.3.1 features new licensing tier options, including an affordable Home User Edition. We've also added SELinux support and more stealth rootkit detection. New features include just some of…
Sandfly 5.3 - Detailed Host Forensics and Microsoft Sentinel Integration
Sandfly 5.3.0 features a major UI overhaul with our new Linux host forensics and data views. We’ve not only brought critical host data front and center for rapid incident investigation, but expanded…
Detecting Melofee Stealth Backdoor Targeting Red Hat Linux
A new report from Qianxin's X Lab was released detailing new stealth malware targeting Red Hat 7.9 and similar systems: New Zero-Detection Variant of Melofee Backdoor from Winnti Strikes RHEL…
De-Cloaking Linux Stealth Malware and Rootkits: sedexp, Diamorphine, and Reptile
In this video we demonstrate Sandfly's new file and directory stealth rootkit de-cloaking feature on the sedexp malware targeting Linux. We also show how it works for the Diamorpine and Reptile…
Sandfly 5.2 - Linux Stealth Rootkit File and Directory De-Cloaking
Sandfly 5.2 has a powerful new way to detect Linux stealth rootkits: Hidden file and directory de-cloaking. This feature will make files and directories hidden by many types of stealth rootkits…