CSI Linux is another DFIR and cyber investigation Linux distribution in line with CAINE, Tsurugi, and SIFT Workstation. It has been developed over the last few years by the team at Information Warfare Center, who also run the Cyber Secrets YouTube channel.
You have been called to analyze a compromised Linux server. Figure out how the threat actor gained access, what modifications were applied to the system, and what persistent techniques were utilized. (e.g. backdoors, users, sessions, etc).
I am not sure if anyone else has had this problem but lately when the kernel for Arch Linux is updated the DKMS fails to notice the new kernel and tried to install the modules for the old (now removed) kernel.