Tim Brown

### Area Breach reports ### Parent threat Persistence ### Finding https://bitbucket.org/workspacespain/i-s00n-translated ### Industry reference _No response_ ### Malware reference Reptile ### Actor reference APT41 ### Component Linux, AIX, Solaris, HP-UX...

Updated GitHub actions workflow

### Area Offensive tools ### Parent threat Command and Control ### Finding _No response_ ### Industry reference _No response_ ### Malware reference _No response_ ### Actor reference _No response_ ###...

### Area Supply chain attacks ### Parent threat Credential Access ### Finding https://github.com/SecurityFail/kompromat ### Industry reference attack:T1552.004:Private Keys ### Malware reference _No response_ ### Actor reference _No response_ ### Component...

### Area Defensive tools ### Parent threat Execution, Persistence, Privilege Escalation, Defense Evasion ### Finding https://github.com/stratosphereips/StratosphereLinuxIPS ### Industry reference _No response_ ### Malware reference _No response_ ### Actor reference _No...

### Area Supply chain attacks ### Parent threat _No response_ ### Finding https://www.rapid7.com/db/modules/exploit/unix/irc/unreal_ircd_3281_backdoor/ ### Industry reference UnrealIRCd ### Malware reference _No response_ ### Actor reference _No response_ ### Component _No...

### Area Press/academia ### Parent threat _No response_ ### Finding https://github.com/CiscoCXSecurity/presentations/raw/master/The%20UNIX%20malware%20landscape%20-%20Reviewing%20the%20goods%20at%20MALWAREbazaar%20v5.pdf ### Industry reference _No response_ ### Malware reference _No response_ ### Actor reference _No response_ ### Component _No response_...

### Area Malware reports ### Parent threat _No response_ ### Finding https://www.securonix.com/blog/detecting-the-enemybot-botnet-advisory/ ### Industry reference _No response_ ### Malware reference EnemyBot ### Actor reference _No response_ ### Component Linux ###...

### Area Supply chain attacks ### Parent threat _No response_ ### Finding https://www.aldeid.com/wiki/Exploits/proftpd-1.3.3c-backdoor ### Industry reference ProFTPd ### Malware reference _No response_ ### Actor reference _No response_ ### Component _No...

### Area Supply chain attacks ### Parent threat _No response_ ### Finding https://www.webmin.com/exploit.html ### Industry reference Webmin ### Malware reference _No response_ ### Actor reference _No response_ ### Component _No...