Tag
high
advisory
BPFDoor Lock File Access
2 rules 2 TTPsBPFDoor, an evasive Linux backdoor, is detected via the unusual access of process ID and lock files in the /var/run/ directory, indicating potential malicious activity.
bpfdoor
linux
backdoor
ebpf
2r
2t
medium
advisory
Inner Warden Security Agent Capabilities
2 rules 1 TTPThe open-source Inner Warden project is a security agent leveraging eBPF for kernel-level monitoring and autonomous response actions like IP blocking and process termination, aiming to create a distributed security mesh.
ebpf
security-agent
autonomous-response
privilege-escalation
c2-blocking
linux
2r
1t