Security News > 2020 > July > Microsoft Launches Free Linux Forensics and Rootkit Malware Detection Service
Microsoft has announced a new free-to-use initiative aimed at uncovering forensic evidence of sabotage on Linux systems, including rootkits and intrusive malware that may otherwise go undetected.
The cloud offering, dubbed Project Freta, is a snapshot-based memory forensic mechanism that aims to provide automated full-system volatile memory inspection of virtual machine snapshots, with capabilities to spot malicious software, kernel rootkits, and other stealthy malware techniques such as process hiding.
The project is named after Warsaw's Freta Street, the birthplace of Marie Curie, the famous French-Polish physicist who brought X-ray medical imaging to the battlefield during World War I. "Modern malware is complex, sophisticated, and designed with non-discoverability as a core tenet," said Mike Walker, Microsoft's senior director of New Security Ventures.
"Project Freta intends to automate and democratize VM forensics to a point where every user and every enterprise can sweep volatile memory for unknown malware with the push of a button - no setup required."
The objective is to infer the presence of malware from memory, at the same time gain the upper hand in the fight against threat actors who deploy and reuse stealthy malware on target systems for ulterior motives, and more importantly, render evasion infeasible and increase the development cost of undiscoverable cloud malware.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/Mu29H_trkvw/microsoft-linux-forensics-rootkit.html
Related news
- GTPDOOR Linux Malware Targets Telecoms, Exploiting GPRS Roaming Networks (source)
- New Bifrost malware for Linux mimics VMware domain for evasion (source)
- New BIFROSE Linux Malware Variant Using Deceptive VMware Domain for Evasion (source)
- CISA warns of Microsoft Streaming bug exploited in malware attacks (source)
- Stealthy GTPDOOR Linux malware targets mobile operator networks (source)
- Magnet Goblin hackers use 1-day flaws to drop custom Linux malware (source)
- Hackers leverage 1-day vulnerabilities to deliver custom Linux malware (source)
- DarkGate Malware Exploited Recently Patched Microsoft Flaw in Zero-Day Attack (source)
- Week in review: Cybersecurity job openings, hackers use 1-day flaws to drop custom Linux malware (source)
- Suspected Russian Data-Wiping 'AcidPour' Malware Targeting Linux x86 Devices (source)