Security News > 2020 > February > Microsoft uses its expertise in malware to help with fileless attack detection on Linux

Hey, Linux fans! Microsoft has got your back over fileless threats.
A fileless attack tends to hit via a software vulnerability, inject a stinky payload into an otherwise fragrant system process and then lurk in memory.
The malware also attempts to remove any trace of itself on disk, which makes disk-based detection tricky.
Linux servers tend to not to be rebooted as frequently as certain other operating systems and so, once infected, the malware can linger in memory, performing its nefarious activities.
Microsoft's detection feature scans the memory of all processes for the tell-tale footprint of a fileless toolkit, shrieking a warning in the Azure Security Center along with some details of the nasty.
News URL
https://go.theregister.co.uk/feed/www.theregister.co.uk/2020/02/25/fileless_attack_microsoft_linux/
Related news
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware (source)
- Microsoft Identifies 3,000 Leaked ASP.NET Keys Enabling Code Injection Attacks (source)
- Microsoft Uncovers Sandworm Subgroup's Global Cyber Attacks Spanning 15+ Countries (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Microsoft spots XCSSET macOS malware variant used for crypto theft (source)
- Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics (source)
- Microsoft fixes Power Pages zero-day bug exploited in attacks (source)
- Botnet targets Basic Auth in Microsoft 365 password spray attacks (source)
- New Linux Malware ‘Auto-Color’ Grants Hackers Full Remote Access to Compromised Systems (source)