Enterprise Linux Security Episode 38 - De-anonymizing Ransomware Domains



When Ransomware attacks begin spreading, how would officials go about finding the source? Most of the time, finding the culprit(s) behind cyber-attacks is a very challenging task. In this episode of Enterprise Linux Security, Joao and Jay discuss some methods that were recently used to de-anonymize ransomware domains.

## Support LearnLinuxTV (commission earned):
– Get your own cloud server with Linode ➜ https://learnlinux.link/linode
– Support me on Patreon and get early access to new content! ➜ https://learnlinux.link/patron
– Check out my latest book, Mastering Ubuntu Server 4th Edition ➜ http://ubuntuserverbook.com
– Check out Shells.com to spin up your very own Linux or Windows desktop in the cloud ➜ https://learnlinux.link/shells
– Affiliate store for Linux compatible hardware/accessories ➜ https://learnlinux.link/amazon
– Check out the Tiny Pilot KVM for your Homelab ➜ https://learnlinux.link/tinypilot

## Video-specific links
De-anonymizing ransomware domains on the dark web ➜ https://blog.talosintelligence.com/2022/06/de-anonymizing-ransomware-domains-on.html

## Recommended evergreen videos:
– How to create a bootable flash drive for installing Linux ➜ https://linux.video/flash-usb
– Understanding Linux permissions ➜ https://linux.video/perms
– OpenSSH Guide ➜ https://linux.video/ssh
– LVM Deep-dive ➜ https://linux.video/lvm
– How to better secure OpenSSH ➜ https://linux.video/secure-ssh

## LearnLinuxTV Links:
– Main site ➜ https://www.learnlinux.tv
– Community ➜ https://community.learnlinux.tv

## About the host
– Personal blog ➜ https://www.jaylacroix.com
– Twitter ➜ https://learnlinux.link/twitter

## FAQ
– Which distro do I use? ➜ https://learnlinux.link/mydistro
– My recording gear (commissions earned) ➜ https://learnlinux.link/recording-stuff

Disclaimer: LearnLinuxTV provides technical content on YouTube that will hopefully be helpful to you and teach you something new. However, this content is provided without any warranty (expressed or implied). LearnLinuxTV is not responsible for any damages that may arise from any use of this content. The viewer is expected to follow best judgement and to make his/her/their best decisions while working with production or non-production systems and hardware.

#Linux #Ransomware #Security

5 thoughts on “Enterprise Linux Security Episode 38 – De-anonymizing Ransomware Domains”
  1. To see how hashing works, try these commands without the # part it is just explanation :
    >filename.ext # create empty file
    cat filename.ext # see what is inside the empty file
    md5sum filename.ext # get the file hash
    echo "a" >> filename.ext # adding some text to the file
    cat filename.ext # see what is inside the file now
    md5sum filename.ext # get the file hash after something was added/changed
    # the hashes are different now not the same
    rm filename.ext #delete / remove the file

  2. Hashing is like a digital fingerpint of a file, by the use of tools like md5sum and shasum/sha1sum are sha224sum, sha256sum, sha384sum and sha512sum…etc.
    the command : md5sum filename.ext
    gives a hash for example looks like this : d41d8cd98f00b204e9800998ecf8427e

Leave a Reply

Your email address will not be published.