Security News > 2021 > May > This ambitious Microsoft project aims to fix cloud computing security
Microsoft Research's Project Freta aims to find invisible malware running on the cloud.
Attackers have invested in smarter malware that can get around traditional security tooling, hiding underneath the operating system in memory, masking tell-tale signatures, and even deleting itself as soon as it detects security systems in action.
A Microsoft research project, Project Freta, aims to change that, providing tools to identify malware running on virtual machines in the cloud.
There's a fundamental problem in how we look for malware: much of what we use is designed to work in a pre-virtualisation world, and recent research has shown that it's possible for malware to detect whether it's being monitored by hypervisor security tools that are working outside the virtual machine.
There's another reason why using the cloud is essential, as modern memory protection techniques randomise memory usage and copying to decode memory quickly could alert malware that it is being attacked, so analysis requires significant compute resources to unscramble and decode memory using brute-force techniques.
It's an interesting tool that gives a feel for the type of data Project Freta can get from an image, with an indicator of possible hidden malware for further analysis.
News URL
Related news
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)
- Microsoft Entra "security defaults" to make MFA setup mandatory (source)
- How AI Is Changing the Cloud Security and Risk Equation (source)
- Strategies for CISOs navigating hybrid and multi-cloud security (source)
- Microsoft pulls Exchange security updates over mail delivery issues (source)
- ScubaGear: Open-source tool to assess Microsoft 365 configurations for security gaps (source)
- Microsoft Ignite 2024 Unveils Groundbreaking AI, Security, and Teams Innovations (source)
- Microsoft plans to boot security vendors out of the Windows kernel (source)
- Microsoft announces new and improved Windows 11 security features (source)
- Microsoft Launches Windows Resiliency Initiative to Boost Security and System Integrity (source)