APT Encounters of the Third Kind

posted by Fnord666 on Monday March 29, @08:02AM   Printer-friendly [Skip to comment(s)]
Security

An Anonymous Coward writes:

APT Encounters of the Third Kind:

A few weeks ago an ordinary security assessment turned into an incident response whirlwind. It was definitely a first for me, and I was kindly granted permission to outline the events in this blog post. This investigation started scary but turned out be quite fun, and I hope reading it will be informative to you too. I'll be back to posting about my hardware research soon.

  • How it started
  • What hell is this?
  • The NFS Server
  • 2nd malicious binary
  • Further forensics
  • Eureka Moment
  • The GOlang thingy
  • How the kernel got patched? and why not the golang app?
  • What we have so far
  • Q&A

