{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/file-integrity/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["medium"],"_cs_tags":["file-integrity","privilege-escalation","persistence","linux"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eAttackers often target sensitive and critical files on Linux systems to maintain persistence, escalate privileges, or disrupt system operations. These files include system configuration files, authentication files, and critical application files. Monitoring changes to these files is crucial for detecting malicious activity. This brief focuses on identifying suspicious process executions that could indicate unauthorized modification of sensitive files. The detection strategy covers processes…\u003c/p\u003e\n","date_modified":"2024-01-03T15:00:00Z","date_published":"2024-01-03T15:00:00Z","id":"/briefs/2024-01-sensitive-file-modification/","summary":"This threat brief covers the detection of suspicious processes modifying sensitive files on Linux systems, potentially indicating malicious attempts to persist, escalate privileges, or disrupt system operations.","title":"Suspicious Modification of Sensitive Linux Files","url":"https://feed.craftedsignal.io/briefs/2024-01-sensitive-file-modification/"}],"language":"en","title":"CraftedSignal Threat Feed — File-Integrity","version":"https://jsonfeed.org/version/1.1"}