Security News > 2021 > May > This ambitious Microsoft project aims to fix cloud computing security
Microsoft Research's Project Freta aims to find invisible malware running on the cloud.
Attackers have invested in smarter malware that can get around traditional security tooling, hiding underneath the operating system in memory, masking tell-tale signatures, and even deleting itself as soon as it detects security systems in action.
A Microsoft research project, Project Freta, aims to change that, providing tools to identify malware running on virtual machines in the cloud.
There's a fundamental problem in how we look for malware: much of what we use is designed to work in a pre-virtualisation world, and recent research has shown that it's possible for malware to detect whether it's being monitored by hypervisor security tools that are working outside the virtual machine.
There's another reason why using the cloud is essential, as modern memory protection techniques randomise memory usage and copying to decode memory quickly could alert malware that it is being attacked, so analysis requires significant compute resources to unscramble and decode memory using brute-force techniques.
It's an interesting tool that gives a feel for the type of data Project Freta can get from an image, with an indicator of possible hidden malware for further analysis.
News URL
Related news
- Microsoft lost some customers’ cloud security logs (source)
- Microsoft Is Disabling Default ActiveX Controls in Office 2024 to Improve Security (source)
- Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes (source)
- Cloud Access Security Broker Policy (source)
- Cloud Security Policy (source)
- Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks (source)
- Ransomware gang using stolen Microsoft Entra ID creds to bust into the cloud (source)
- Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts (source)
- Microsoft overhauls security for publishing Edge extensions (source)
- Whitepaper: Reach higher in your career with cloud security (source)