Security News > 2020 > February > Microsoft uses its expertise in malware to help with fileless attack detection on Linux
Hey, Linux fans! Microsoft has got your back over fileless threats.
A fileless attack tends to hit via a software vulnerability, inject a stinky payload into an otherwise fragrant system process and then lurk in memory.
The malware also attempts to remove any trace of itself on disk, which makes disk-based detection tricky.
Linux servers tend to not to be rebooted as frequently as certain other operating systems and so, once infected, the malware can linger in memory, performing its nefarious activities.
Microsoft's detection feature scans the memory of all processes for the tell-tale footprint of a fileless toolkit, shrieking a warning in the Azure Security Center along with some details of the nasty.
News URL
https://go.theregister.co.uk/feed/www.theregister.co.uk/2020/02/25/fileless_attack_microsoft_linux/
Related news
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking (source)
- Linux malware “perfctl” behind years-long cryptomining campaign (source)
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- Linux systems targeted with stealthy “Perfctl” cryptomining malware (source)
- New scanner finds Linux, UNIX servers exposed to CUPS RCE attacks (source)
- Microsoft issues 117 patches – some for flaws already under attack (source)
- Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks (source)
- New FASTCash malware Linux variant helps steal money from ATMs (source)