Penguin Power – a 21st Century Intrusion

Wednesday, 06 Aug 2025 12:00PM SGT (06 Aug 2025 04:00 UTC)
Speaker: Tarot (Taz) Wake

People often believe that Linux is a “secure” operating system or that they “don’t have much Linux” in their environment, so they “don’t need to worry about it.” However, this is rarely true. Linux attacks are becoming commonplace, and it is hard to imagine how any organization can operate without it, as Linux operating systems power our switches, routers, and more.

In this session, we will examine an intrusion into a Southeast Asia–based business, where the attackers almost entirely pivoted through the organization’s Linux estate. We’ll explore the lessons they had to learn about Linux incident response— and highlight some of the things they, and you, can do better in the future.

Login to Register

Related Content

emerging threats summit 340x340.png

Digital Forensics, Incident Response & Threat Hunting, Offensive Operations, Pen Testing, and Red Teaming, Cyber Defense, Industrial Control Systems Security, Cybersecurity Leadership

Visual Summary of SANS Emerging Threats Summit 2025

Check out these graphic recordings created in real-time throughout the event for SANS Emerging Threats Summit 2025

DFIR - Blog - Running EZ Tools Natively on Linux_340 x 340.jpg

Digital Forensics, Incident Response & Threat Hunting

Running EZ Tools Natively on Linux: A Step-by-Step Guide

Developed by Eric Zimmerman, the EZ Tools suite is a collection of utilities written to assist with multiple aspects of forensic analysis.

Cyber Defense, Digital Forensics, Incident Response & Threat Hunting, Cybersecurity and IT Essentials, Offensive Operations, Pen Testing, and Red Teaming

Month of PowerShell - Windows File Server Enumeration

In this Month of PowerShell article we look at several commands to interrogate Windows SMB servers as part of our incident response toolkit.