Tuesday, November 12, 2024
Follow us On Linkedin
HomeForensics ToolsProject Freta - New Free Microsoft Forensic Tool to Detect Malware &...

Project Freta – New Free Microsoft Forensic Tool to Detect Malware & Rootkits in Linux Systems

Forensics ToolsMicrosoft

Published on

By Gurubaran
project Freta

Defend malware Attacks

Malware protection

Microsoft launched a new Forensic tool dubbed Project Freta that helps the organization in discovering the undetected malware.

Project Freta helps enterprises in detecting the malware from memory and defend from producers of stealthy malware.

Project Freta

It is a free cloud-based tool offered by the NExT Security Ventures (NSV) team at Microsoft Research, which automates the full-system volatile memory inspection of Linux systems.

- Advertisement - SIEM as a Service

Microsoft said that tool may increase the expenses for producers of stealthy malware, they would be locked into an “expensive cycle of complete re-invention, rendering such a cloud an unsuitable place for cyberattacks.”

The project Freta is open for public access, it is capable of “automatically fingerprinting and auditing a memory snapshot of most cloud-based Linux VMs.”

VM Network Configurations
kernel Modules

It supports more than 4,000 kernel versions, with the tool enterprises can check for everything from crypto miners to advanced kernel rootkits.

‘Project Freta was designed and built with survivor bias at its core. It is a security project designed from first principles to drive the cost of sensor evasion as high as possible and in many cases render evasion technically infeasible,” Microsoft said.

The project was named Warsaw’s Freta Street, the birthplace of Marie Curie who brought X-Ray machines to the Battlefield during World War I.

Key Benefits of project Freta

  • Detect novel malicious software, kernel rootkits, process hiding, and other intrusion artifacts via agentless operation by operating directly on captured VM snapshots
  • Very easy to use: submit a captured image to generate a report of its content
  • Memory inspection means no software to install, no notice to malware to evacuate or destroy data
  • Designed for automating IR-like discovery tasks directly into a cloud fabric — though volatile memory snapshots captured from an acquisition tool can also be used for bare iron scenarios where virtualization is not available

Here you can find a detailed article on Live Cyber Forensics Analysis with Computer Volatile Memory and Most Important Computer Forensics Tools for Hackers and Security Professionals.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Top 10

10 Best DNS Management Tools – 2025

Best DNS Management Tools play a crucial role in efficiently managing domain names and...
Press Release

Sweet Security Announces Availability of its Cloud Native Detection & Response Platform on the AWS Marketplace

Customers can now easily integrate Sweet’s runtime detection and response platform into their AWS...
Cyber Crime

Researchers Detailed Credential Abuse Cycle

Cybercriminals exploit leaked credentials, obtained through various means, to compromise systems and data, enabling...
Android

New Android Malware SpyAgent Taking Screenshots Of User’s Devices

SpyAgent, a newly discovered Android malware, leverages OCR technology to extract cryptocurrency recovery phrases...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

Register Now

More like this

Cyber Attack

Microsoft Customers Facing 600 Million Cyber Attack Launched Every Day

Microsoft's customers are under constant cyber assault, facing millions of attacks daily from various...
CVE/vulnerability

OilRig Hackers Exploiting Microsoft Exchange Server To Steal Login Details

Earth Simnavaz, an Iranian state-sponsored cyber espionage group, has recently intensified its attacks on...
Cyber Security News

Microsoft & DOJ Dismantles Hundreds of Websites Used by Russian Hackers

Microsoft and the U.S. Department of Justice (DOJ) have disrupted the operations of Star...

GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.

Company

Trending

Categories

Copyright @ 20016 - 2024 GBHackers On Security - All Rights Reserved