Linux ships with default users disabled. But, attackers can activate these accounts to allow backdoor access that can hide for a long time. In this video we discuss this threat, how to find it with command line forensics, and what impacts it can have.

Find out if your systems have default user access, plus thousands of other attack traces instantly. Sandfly's agentless EDR for Linux deploys rapidly without any endpoint agents. Get a free license today to try it out.