Linux Forensics

Why You Should Be Searching for Linux Anti-Forensics

February 10, 2019

Linux Forensics, Videos

In this video Sandfly founder Craig Rowland discusses the importance of searching for Linux anti-forensic techniques on hosts you are…

Linux Cryptomining Malware Podcast Interview

October 19, 2018

Interview, Linux Forensics, Malware

Sandfly founder Craig Rowland discusses Linux cryptomining malware on the with host Michael. They go over what this class of malware does…

Linux Malware Cryptominer Detection and Forensics

July 26, 2018

Computer Forensics, Linux Forensics, Sandfly

This year we have seen a huge uptick in cryptomining malware against Linux servers. The usual attack vector is the following: A brute force…

Linux File Masquerading and Malicious PIDs – Sandfly 1.2.6 Update

July 05, 2018

Linux Forensics, Sandfly, Sandfly Update

Sandfly 1.2.6 Released This version of Sandfly has many internal performance improvements. Some sandfly checks have been sped up over 5…

The Pyramid of Pain and Sandfly

June 21, 2018

Linux Forensics, Philosophy, Sandfly, Security

There is a great post called by David Blanco that details the six ways to cause adversaries the most trouble when attacking your network…

Detecting Linux Binary File Poisoning

June 14, 2018

Binary Poisoning, Computer Forensics, Linux Forensics, Masquerading, Sandfly, Sandfly Update

Let’s talk about Linux binary poisoning. Binary poisoning is tampering with a system command and replacing it with a malicious version. This…