Treceți offline cu aplicația Player FM !
DFSP # 421 - Memory Lane: Fileless Linux Attacks Unraveled
Manage episode 405973110 series 166409
In this podcast episode, we talk about Linux's `memfd` – a virtual file system allowing the creation of anonymous memory areas for shared memory or temporary data storage. Threat actors exploit `memfd` for fileless malware attacks, as its memory areas exist only in RAM, evading traditional file-based detection methods. Join me as I `memfd` as a forensic artifact, its implications in DFIR, and strategies for detecting its abuse.
434 episoade
Manage episode 405973110 series 166409
In this podcast episode, we talk about Linux's `memfd` – a virtual file system allowing the creation of anonymous memory areas for shared memory or temporary data storage. Threat actors exploit `memfd` for fileless malware attacks, as its memory areas exist only in RAM, evading traditional file-based detection methods. Join me as I `memfd` as a forensic artifact, its implications in DFIR, and strategies for detecting its abuse.
434 episoade
Toate episoadele
×Bun venit la Player FM!
Player FM scanează web-ul pentru podcast-uri de înaltă calitate pentru a vă putea bucura acum. Este cea mai bună aplicație pentru podcast și funcționează pe Android, iPhone și pe web. Înscrieți-vă pentru a sincroniza abonamentele pe toate dispozitivele.