Linux Malware Cryptominer Detection and Forensics

July 26, 2018

Computer Forensics, Linux Forensics, Sandfly

This year we have seen a huge uptick in cryptomining malware against Linux servers. The usual attack vector is the following: A brute force…

Sandfly 1.3 Update

July 23, 2018

Sandfly, Sandfly Update, Update

A new version of Sandfly has been released. Version 1.3 has the following changes: Container OS was switched from Alpine to Ubuntu Minimal…

Linux File Masquerading and Malicious PIDs – Sandfly 1.2.6 Update

July 05, 2018

Linux Forensics, Sandfly, Sandfly Update

Sandfly 1.2.6 Released This version of Sandfly has many internal performance improvements. Some sandfly checks have been sped up over 5…

Vodafone Selects Sandfly Security for the Xone

June 27, 2018

Sandfly, Vodafone

Sandfly has been to participate in their highly regarded . The Xone accelerator selects high potential startups to work directly with…

The Pyramid of Pain and Sandfly

June 21, 2018

Linux Forensics, Philosophy, Sandfly, Security

There is a great post called by David Blanco that details the six ways to cause adversaries the most trouble when attacking your network…

Detecting Linux Binary File Poisoning

June 14, 2018

Binary Poisoning, Computer Forensics, Linux Forensics, Masquerading, Sandfly, Sandfly Update

Let’s talk about Linux binary poisoning. Binary poisoning is tampering with a system command and replacing it with a malicious version. This…