Saturday, April 5, 2025
Follow us On Linkedin
HomeForensics ToolsProject Freta - New Free Microsoft Forensic Tool to Detect Malware &...

Project Freta – New Free Microsoft Forensic Tool to Detect Malware & Rootkits in Linux Systems

Forensics ToolsMicrosoft

Published on

By Gurubaran
project Freta

Supply Chain Attack Prevention

SIEM as a Service

Follow Us on Google News

Microsoft launched a new Forensic tool dubbed Project Freta that helps the organization in discovering the undetected malware.

Project Freta helps enterprises in detecting the malware from memory and defend from producers of stealthy malware.

Project Freta

It is a free cloud-based tool offered by the NExT Security Ventures (NSV) team at Microsoft Research, which automates the full-system volatile memory inspection of Linux systems.

Microsoft said that tool may increase the expenses for producers of stealthy malware, they would be locked into an “expensive cycle of complete re-invention, rendering such a cloud an unsuitable place for cyberattacks.”

The project Freta is open for public access, it is capable of “automatically fingerprinting and auditing a memory snapshot of most cloud-based Linux VMs.”

VM Network Configurations
kernel Modules

It supports more than 4,000 kernel versions, with the tool enterprises can check for everything from crypto miners to advanced kernel rootkits.

‘Project Freta was designed and built with survivor bias at its core. It is a security project designed from first principles to drive the cost of sensor evasion as high as possible and in many cases render evasion technically infeasible,” Microsoft said.

The project was named Warsaw’s Freta Street, the birthplace of Marie Curie who brought X-Ray machines to the Battlefield during World War I.

Key Benefits of project Freta

  • Detect novel malicious software, kernel rootkits, process hiding, and other intrusion artifacts via agentless operation by operating directly on captured VM snapshots
  • Very easy to use: submit a captured image to generate a report of its content
  • Memory inspection means no software to install, no notice to malware to evacuate or destroy data
  • Designed for automating IR-like discovery tasks directly into a cloud fabric — though volatile memory snapshots captured from an acquisition tool can also be used for bare iron scenarios where virtualization is not available

Here you can find a detailed article on Live Cyber Forensics Analysis with Computer Volatile Memory and Most Important Computer Forensics Tools for Hackers and Security Professionals.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Cyber Security News

Ivanti Fully Patched Connect Secure RCE Vulnerability That Actively Exploited in the Wild

Ivanti has issued an urgent security advisory for CVE-2025-22457, a critical vulnerability impacting Ivanti...
cyber security

Beware! Weaponized Job Recruitment Emails Spreading BeaverTail and Tropidoor Malware

A concerning malware campaign was disclosed by the AhnLab Security Intelligence Center (ASEC), revealing...
ChatGPT

EncryptHub Ransomware Uncovered Through ChatGPT Use and OPSEC Failures

EncryptHub, a rapidly evolving cybercriminal entity, has come under intense scrutiny following revelations of...
cyber security

PoisonSeed Targets CRM and Bulk Email Providers in New Supply Chain Phishing Attack

A sophisticated phishing campaign, dubbed "PoisonSeed," has been identified targeting customer relationship management (CRM)...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

Register Now

More like this

Cyber Attack

QR Code Phishing (Quishing) Attack Your Smartphones To Steal Microsoft Accounts Credentials

Cybersecurity researchers have identified a growing trend in phishing attacks leveraging QR codes, a...
cyber security

Microsoft Discovers GRUB2, U-Boot, and Barebox Bootloader Flaws with Copilot

Microsoft has disclosed the discovery of multiple critical vulnerabilities within the GRUB2, U-Boot, and...
Cyber Security News

Windows 11 Insider Released – Microsoft Removes BypassNRO.cmd Script to Enhance Security

Microsoft has launched Windows 11 Insider Preview Build 26200.5516 to the Dev Channel with exciting new...

GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.

Company

Trending

Categories

Copyright @ 2016 - 2025 GBHackers On Security - All Rights Reserved