Product
high
advisory
Linux Dynamic Linker Copy and Shared Object Creation
2 rules 1 TTPThis brief outlines detection strategies for Linux systems where the dynamic linker binary is copied and a shared object file is created, a technique used by malware to inject malicious shared objects by patching the dynamic linker.
Linux operating system
persistence
linux
dynamic-linker
shared-object
2r
1t
medium
advisory
Potential Defense Evasion via Symbolic Link of Common Linux Binaries to Writable Directories
2 rules 1 TTPAn adversary may create symbolic links of legitimate system binaries in world-writable directories to potentially bypass security restrictions or execute malicious code with elevated privileges by masquerading as a trusted process.
Linux Operating System
defense_evasion
symlink
linux
2r
1t