September 2025

Part2: Kernel protection preventive mechanisms in Linux systems and methods for monitoring them

28 September 2025 - Posted in Hardenings by Jok3r

Background: In our previous article, I described one method to prevent or monitor harmful activities that can be carried out against the Linux kernel, focusing on the research of SELinux [...] Read more

Part1: Kernel protection preventive mechanisms in Linux systems and methods for monitoring them

21 September 2025 - Posted in Hardenings by Jok3r

The Linux kernel implements several protection mechanisms, including: Lockdown mode (Kernel, kernel security feature) SLUB/SLAB hardening (Kernel, kernel security feature) Kernel Address Space Layout [...] Read more

Investigating Malicious Activity in WSL Environments

13 September 2025 - Posted in Threat Analyze by Jok3r

Background: Some XDR and EDR solutions are not effective when dealing with threats hidden inside WSL. In certain cases, it can also be challenging for digital forensic specialists to detect threats [...] Read more

Supply Chain Risk: Exploiting Abandoned Domains of Linux Package Maintainers

06 September 2025 - Posted in Other by Jok3r

Background: In my recent articles, we discussed a lot various supply chain attack scenarios. This led me to think about a new type of supply chain attack, specifically targeting Linux package [...] Read more