March 2022
Intermediate to advanced
304 pages
5h 58m
English
Under most circumstances, the main goal of a memory forensic investigation is to look for malicious activity. According to recent TrendMicro (https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/a-look-at-linux-threats-risks-and-recommendations) and Group-IB (https://www.group-ib.com/media/ransomware-empire-2021/, https://blog.group-ib.com/blackmatter) research, attacks on Linux-based systems are on the rise, and many threat actors have added specialized software targeting Linux-based systems to their arsenal. For example, ransomware operators such as BlackMatter, RansomExx, and Hive have added corresponding versions to their arsenal. Furthermore, post-exploitation frameworks ...