Microsoft launched a new Forensic tool dubbed Project Freta that helps the organization in discovering the undetected malware.
Project Freta helps enterprises in detecting the malware from memory and defend from producers of stealthy malware.
It is a free cloud-based tool offered by the NExT Security Ventures (NSV) team at Microsoft Research, which automates the full-system volatile memory inspection of Linux systems.
Microsoft said that tool may increase the expenses for producers of stealthy malware, they would be locked into an “expensive cycle of complete re-invention, rendering such a cloud an unsuitable place for cyberattacks.”
The project Freta is open for public access, it is capable of “automatically fingerprinting and auditing a memory snapshot of most cloud-based Linux VMs.”
It supports more than 4,000 kernel versions, with the tool enterprises can check for everything from crypto miners to advanced kernel rootkits.
‘Project Freta was designed and built with survivor bias at its core. It is a security project designed from first principles to drive the cost of sensor evasion as high as possible and in many cases render evasion technically infeasible,” Microsoft said.
The project was named Warsaw’s Freta Street, the birthplace of Marie Curie who brought X-Ray machines to the Battlefield during World War I.
Here you can find a detailed article on Live Cyber Forensics Analysis with Computer Volatile Memory and Most Important Computer Forensics Tools for Hackers and Security Professionals.
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.
Cybersecurity researchers have uncovered a sophisticated exploitation campaign involving a zero-day (0-day) vulnerability in Cleo…
GitLab announced the release of critical security patches for its Community Edition (CE) and Enterprise…
Researchers have uncovered a vulnerability that allows attackers to compromise AMD's Secure Encrypted Virtualization (SEV)…
Splunk, the data analysis and monitoring platform, is grappling with a Remote Code Execution (RCE)…
In a major international operation codenamed “PowerOFF,” Europol, collaborating with law enforcement agencies across 15…
Resecurity, a global leader in cybersecurity solutions, unveiled its advanced Government Security Operations Center (GSOC)…
View Comments
link download