New developments in the WSL attack.
Research Saturday · N2K Networks
Audio is streamed directly from the publisher (pdst.fm) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Danny Adamitis from Lumen's Black Lotus Labs, joins Dave to discuss new developments in the WSL attack surface. Since September 2021, Black Lotus Labs have been monitoring malware repositories as a part of their proactive threat hunting process. Danny shares how researchers discovered a series of suspicious ELF files compiled for Debian Linux .
The research states how the team identified a series of samples that target the WSL environment, they were uploaded every two to three weeks and started as early as May 3, 2021 and go until August 22, 2021.
The research can be found here:
- Windows Subsystem For Linux (WSL): Threats Still Lurk Below The (Sub)Surface
- No Longer Just Theory: Black Lotus Labs Uncovers Linux Executables Deployed As Stealth Windows Loaders
Learn more about your ad choices. Visit megaphone.fm/adchoices