Artwork

Content provided by Michael and Digital Forensic Survival Podcast. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Michael and Digital Forensic Survival Podcast or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ro.player.fm/legal.
Player FM - Aplicație Podcast
Treceți offline cu aplicația Player FM !

DFSP # 421 - Memory Lane: Fileless Linux Attacks Unraveled

25:42
 
Distribuie
 

Manage episode 405973110 series 166409
Content provided by Michael and Digital Forensic Survival Podcast. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Michael and Digital Forensic Survival Podcast or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ro.player.fm/legal.

In this podcast episode, we talk about Linux's `memfd` – a virtual file system allowing the creation of anonymous memory areas for shared memory or temporary data storage. Threat actors exploit `memfd` for fileless malware attacks, as its memory areas exist only in RAM, evading traditional file-based detection methods. Join me as I `memfd` as a forensic artifact, its implications in DFIR, and strategies for detecting its abuse.

  continue reading

434 episoade

Artwork
iconDistribuie
 
Manage episode 405973110 series 166409
Content provided by Michael and Digital Forensic Survival Podcast. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Michael and Digital Forensic Survival Podcast or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ro.player.fm/legal.

In this podcast episode, we talk about Linux's `memfd` – a virtual file system allowing the creation of anonymous memory areas for shared memory or temporary data storage. Threat actors exploit `memfd` for fileless malware attacks, as its memory areas exist only in RAM, evading traditional file-based detection methods. Join me as I `memfd` as a forensic artifact, its implications in DFIR, and strategies for detecting its abuse.

  continue reading

434 episoade

Toate episoadele

×
 
Loading …

Bun venit la Player FM!

Player FM scanează web-ul pentru podcast-uri de înaltă calitate pentru a vă putea bucura acum. Este cea mai bună aplicație pentru podcast și funcționează pe Android, iPhone și pe web. Înscrieți-vă pentru a sincroniza abonamentele pe toate dispozitivele.

 

Ghid rapid de referință