Investigating Privilege Elevation on Linux


Wed, Apr 12, 2017 1:00 PM- 1:30 PM EST

In order to remotely take over a host running the GNU/Linux operating system, the most common strategy is for the attacker to get a program to run as the root user. In essence, a low-privileged backdoor elevates its privileges to the highest level available on the system, from which all data on the system become available, and all actions become possible.

Fortunately, the exploits and techniques leveraged for elevating privileges leave some signature traces to whom actively looks for them, as Arc4dia’s SNOW does.

In this webinar:

1. We will discuss signs of privilege elevation and a model for such attacks.

2. We will walk through the investigation of two such episodes.

3. We will outline best practices that can mitigate the privilege elevation risk on a Linux host.

This Webinar is FREE but space is limited, so please REGISTER TODAY!

About the Speaker:

Benoit Hamelin, Chief Technology Officer @Arc4dia Passionate Programmer, Hacker, Teacher

Recorded webinar will be distributed to all REGISTERED after the webinar session.

Previous webinar recordings:

Mar 15, 2017 Detecting Malware Through Process Chain Analysis
Feb 15, 2017 Looking for Cyber Threats Through Statistical Outliers 
Jan 24, 2017 Responding to Cyber Incidents