Security News > 2020 > February > Microsoft uses its expertise in malware to help with fileless attack detection on Linux
Hey, Linux fans! Microsoft has got your back over fileless threats.
A fileless attack tends to hit via a software vulnerability, inject a stinky payload into an otherwise fragrant system process and then lurk in memory.
The malware also attempts to remove any trace of itself on disk, which makes disk-based detection tricky.
Linux servers tend to not to be rebooted as frequently as certain other operating systems and so, once infected, the malware can linger in memory, performing its nefarious activities.
Microsoft's detection feature scans the memory of all processes for the tell-tale footprint of a fileless toolkit, shrieking a warning in the Azure Security Center along with some details of the nasty.
News URL
https://go.theregister.co.uk/feed/www.theregister.co.uk/2020/02/25/fileless_attack_microsoft_linux/
Related news
- Microsoft fixes 6 zero-days under active attack (source)
- Microsoft confirms August updates break Linux boot in dual-boot systems (source)
- Microsoft shares temp fix for Linux boot issues on dual-boot systems (source)
- Stealthy 'sedexp' Linux malware evaded detection for two years (source)
- New Linux Malware 'sedexp' Hides Credit Card Skimmers Using Udev Rules (source)
- Microsoft: Exchange Online mistakenly tags emails as malware (source)
- Microsoft mistake blows up admins' inboxes with fake malware alerts (source)
- Hackers Use Fake GlobalProtect VPN Software in New WikiLoader Malware Attack (source)
- New Cross-Platform Malware KTLVdoor Discovered in Attack on Chinese Trading Firm (source)
- Chinese hackers use new data theft malware in govt attacks (source)