*Result*: Protecting against hidden cyber threats in a cloud-based learning environment of a university.

*The paper shows that the threat of breach of access to confidential content hosted in a cloud-based learning environment (CLE) of a university generates the need to develop new methods of software (SW) protection and to develop an algorithm for identifying hidden threats for the CLE of a university. The proposed approach can help university learning process informatization services to systematize the functional layers that can potentially be used by attackers to embed in guest operating systems (OS) and hypervisor (hereinafter referred to as HYPV) of university CLE. This will ultimately contribute to a guaranteed countermeasure against the introduction of malicious software (malware) into the CLE, for example, forming sequences of requests to program modules of the Hypervisor. It is shown that the application of the method of countering hidden threats in the university's CLE, will make it possible through the implementation of mechanisms of embedding in the HYPV to quickly determine the presence of cyber attack with the use of "rootkit"-technologies. This makes it possible for the defense party to promptly take appropriate response measures. [ABSTRACT FROM AUTHOR]*