Tuesday, March 5, 2024

Project Freta – New Free Microsoft Forensic Tool to Detect Malware & Rootkits in Linux Systems

Microsoft launched a new Forensic tool dubbed Project Freta that helps the organization in discovering the undetected malware.

Project Freta helps enterprises in detecting the malware from memory and defend from producers of stealthy malware.

Project Freta

It is a free cloud-based tool offered by the NExT Security Ventures (NSV) team at Microsoft Research, which automates the full-system volatile memory inspection of Linux systems.

Microsoft said that tool may increase the expenses for producers of stealthy malware, they would be locked into an “expensive cycle of complete re-invention, rendering such a cloud an unsuitable place for cyberattacks.”

The project Freta is open for public access, it is capable of “automatically fingerprinting and auditing a memory snapshot of most cloud-based Linux VMs.”

VM Network Configurations
kernel Modules

It supports more than 4,000 kernel versions, with the tool enterprises can check for everything from crypto miners to advanced kernel rootkits.

‘Project Freta was designed and built with survivor bias at its core. It is a security project designed from first principles to drive the cost of sensor evasion as high as possible and in many cases render evasion technically infeasible,” Microsoft said.

The project was named Warsaw’s Freta Street, the birthplace of Marie Curie who brought X-Ray machines to the Battlefield during World War I.

Key Benefits of project Freta

  • Detect novel malicious software, kernel rootkits, process hiding, and other intrusion artifacts via agentless operation by operating directly on captured VM snapshots
  • Very easy to use: submit a captured image to generate a report of its content
  • Memory inspection means no software to install, no notice to malware to evacuate or destroy data
  • Designed for automating IR-like discovery tasks directly into a cloud fabric — though volatile memory snapshots captured from an acquisition tool can also be used for bare iron scenarios where virtualization is not available

Here you can find a detailed article on Live Cyber Forensics Analysis with Computer Volatile Memory and Most Important Computer Forensics Tools for Hackers and Security Professionals.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Website

Latest articles

GTPDOOR – Previously Unknown Linux Malware Attack Telecom Networks

Researchers have discovered a new backdoor named GTPDOOR that targets telecommunication network systems within...

US Court Orders NSO Group to Handover Code for Spyware, Pegasus to WhatsApp

Meta, the company that owns WhatsApp, filed a lawsuit against NSO Group in 2019....

New SSO-Based Phishing Attack Trick Users into Sharing Login Credentials  

Threat actors employ phishing scams to trick individuals into giving away important details like...

U.S. Charged Iranian Hacker, Rewards up to $10 Million

The United States Department of Justice (DoJ) has charged an Iranian national, Alireza Shafie...

Huge Surge in Ransomware-as-a-Service Attacks targeting Middle East & Africa

The Middle East and Africa (MEA) region has witnessed a surge in ransomware-as-a-service (RaaS)...

New Silver SAML Attack Let Attackers Forge Any SAML Response To Entra ID

SolarWinds cyberattack was one of the largest attacks of the century in which attackers...

AI Worm Developed by Researchers Spreads Automatically Between AI Agents

Researchers have developed what they claim to be one of the first generative AI...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Live Account Takeover Attack Simulation

Live Account Take Over Attack

Live Webinar on How do hackers bypass 2FA ,Detecting ATO attacks, A demo of credential stuffing, brute force and session jacking-based ATO attacks, Identifying attacks with behaviour-based analysis and Building custom protection for applications and APIs.

Related Articles