Reversing a Go Malware Using Ghidra


I was called to handle an incident in which a malicious IP address is accessed each time the system boots. They couldn't find out what process is making the connection.

Using one of the BCC eBPF tools called, I was able to locate the malicious process that's disguised …

View comments.

more ...

Secure Boot in Arch Linux


Unified Kernel Image

Read Arch Wiki for details.

You can generate a UKI via mkinitcpio, first edit its linux.preset config file:

# mkinitcpio preset file for the 'linux' package


PRESETS=('default' 'fallback')

default_image="/boot/initramfs-linux …

View comments.

more ...