Arthur T Knackerbracket has found the following story:
Hey, Linux fans! Microsoft has got your back over fileless threats. Assuming you've bought into the whole Azure Security Center thing.
Hot on the heels of a similar release for Windows (if by "hot" you mean "nearly 18 months after") comes a preview aimed at detecting that breed of malware that inserts itself into memory before attempting to hide its tracks.
[...] Microsoft's detection feature scans the memory of all processes for the tell-tale footprint of a fileless toolkit, shrieking a warning in the Azure Security Center along with some details of the nasty. An admin can then decide what action to take (and what further investigation is needed).
The scan, according to the Windows giant, is not invasive and the "vast majority" take less than five seconds to run. More importantly for the those fearful of slurpage, memory analysis is performed on the host itself and the results only contain "security-relevant metadata and details of suspicious payloads".
(Score: 3, Touché) by Freeman on Wednesday February 26 2020, @04:49PM (3 children)
I just so happen to have this near acreage near Phoenix, AZ, I got it at a steal some years back, because it was swamp land. Now, with the growing suburbs of Phoenix, you can have it at bargain price!
'eh, I'm not terribly in favor of using Microsoft Security products for an OS that's not from Microsoft. Then again, maybe they know what they're talking about and are behind the whole systemd infection.
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
(Score: 3, Funny) by DannyB on Wednesday February 26 2020, @04:59PM (1 child)
A great business model is to sell the cure for the problem you created. Exclude, or at least be a gatekeeper for competing anti-malware products.
Also, have you heard of: Microsoft Defender ATP for Linux? [microsoft.com]
I think their marketing should have named it: Microsoft Maginot Line Defender
When trying to solve a problem don't ask who suffers from the problem, ask who profits from the problem.
(Score: 4, Funny) by DannyB on Wednesday February 26 2020, @05:01PM
Poor form to reply to myself, but just gotta say . . .
I love how these two items go together so well:
Beginner-level experience in Linux and BASH scripting
Administrative privileges on the device (in case of manual deployment)
When trying to solve a problem don't ask who suffers from the problem, ask who profits from the problem.
(Score: 2) by All Your Lawn Are Belong To Us on Wednesday February 26 2020, @05:30PM
You got land around the State Capitol???
This sig for rent.