Security News > 2020 > February > Microsoft uses its expertise in malware to help with fileless attack detection on Linux
Hey, Linux fans! Microsoft has got your back over fileless threats.
A fileless attack tends to hit via a software vulnerability, inject a stinky payload into an otherwise fragrant system process and then lurk in memory.
The malware also attempts to remove any trace of itself on disk, which makes disk-based detection tricky.
Linux servers tend to not to be rebooted as frequently as certain other operating systems and so, once infected, the malware can linger in memory, performing its nefarious activities.
Microsoft's detection feature scans the memory of all processes for the tell-tale footprint of a fileless toolkit, shrieking a warning in the Azure Security Center along with some details of the nasty.
News URL
https://go.theregister.co.uk/feed/www.theregister.co.uk/2020/02/25/fileless_attack_microsoft_linux/
Related news
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- Ivanti zero-day attacks infected devices with custom malware (source)
- Hackers use FastHTTP in new high-speed Microsoft 365 password attacks (source)
- WP3.XYZ malware attacks add rogue admins to 5,000+ WordPress sites (source)
- Microsoft fixes under-attack privilege-escalation holes in Hyper-V (source)
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
- IPany VPN breached in supply-chain attack to push custom malware (source)
- Week in review: 48k Fortinet firewalls open to attack, attackers “vishing” orgs via Microsoft Teams (source)
- MintsLoader Delivers StealC Malware and BOINC in Targeted Cyber Attacks (source)
- Microsoft Teams phishing attack alerts coming to everyone next month (source)