Computer Forensics

Detecting and Investigating OpenSSL Backdoors on Linux

April 19, 2021

Computer Forensics, Forensics, Linux Forensics

A nightmare for security personnel on Linux is to find a backdoor operating. This means an attacker is interacting with the host in real…

Detecting Linux Kernel Process Masquerading with Command Line Forensics

March 31, 2020

Computer Forensics, Forensics, Linux Forensics

Linux kernel process masquerading is sometimes used by malware to hide when it is running. Let’s go over how you can unmask a piece of Linux…

Linux Malware Cryptominer Detection and Forensics

July 26, 2018

Computer Forensics, Linux Forensics, Sandfly

This year we have seen a huge uptick in cryptomining malware against Linux servers. The usual attack vector is the following: A brute force…

Linux Malware Persistence with Cron

May 02, 2018

Computer Forensics, Linux Forensics, Malware, Persistence, Sandfly

If malware is anything at all, it’s persistent. On Linux, just like Windows, malware once loaded wants to stay loaded. On Windows systems…

Christchurch Hacker Con Linux Digital Forensics Video

April 19, 2018

Computer Forensics, Linux, Linux Forensics, Security

The video of Craig’s talk at the Christchurch Hacker Con has been posted to YouTube. This video covers on the blog which includes using…