Windows 10 May 2019 Update will begin rolling out to the compatible devices in late May 2019. Windows 10 version 1903 is currently only available to Windows Insiders, but the update for Windows 10 is now being blocked from installing on systems with certain configurations. In an updated blog post, Microsoft quietly shared a list of current upgrade blocks for Windows 10 May 2019 Update. At least three sets of devices could be affected during installation due to the blockade. Microsoft says that you cannot upgrade to Windows 10 May 2019 Update if your company is using a USB storage device or SD memory card, but there’s an easy workaround to deal with this problem. Microsoft has advised users to remove any external USB storage devices and/or SD memory cards to start the upgrade installation process. If you have older versions of anti-cheat software that comes bundled with many popular games, you may not be able to install the Windows 10 May 2019 Update. Microsoft discovered a bug where the older versions of anti-cheat software may cause Windows 10 May 2019 Update PCs to experience crashes. Most games have been already updated with a fix for the bug and Microsoft is actively working with affected partners. Microsoft has also blocked the Windows 10 May 2019 Update from installing on devices with any Known Folders or empty folder with that same name is created in your %userprofile% directory when you update. Follow this on OUR FORUM.

Multiple malicious spam campaigns using signed emails have been observed while distributing the GootKit (aka talalpek or Xswkit) banking Trojan with the help of a multi-stage malware loader dubbed JasperLoader over the past few months. This loader is the third one detected by Cisco Talos' research team since July 2018, with Smoke Loader (aka Dofoil) being employed by threat actors to drop ransomware or cryptocurrency miner payloads last year, while Brushaloader was identified during early 2019 and seen while making use of Living-of-the-Land (LotL) tools such as PowerShell scripts to remain undetected on compromised systems. Malware loaders are popular tools for adversaries who want to make the job of dropping various malware payloads onto to their victims' machines easier because they make it possible to maximize their profits by switching the pushed malware to one suited to the infected computer. The current loader tracked by Cisco Talos is JasperLoader and its activity has been picking up during the past months, with malspam campaign operators distributing it to targets from Central Europe, with an apparent focus on Italian and German targets. "JasperLoader employs a multi-stage infection process that features several obfuscation techniques that make the analysis more difficult," says Cisco Talos. "It appears that this loader was designed with resiliency and flexibility in mind, as evidenced in later stages of the infection process." As unearthed by the researchers, JasperLoader has been disseminated by multiple malspam campaigns throughout the last months and it has been used to drop the Gootkit banking Trojan — previously distributed by DanaBot, Neutrino exploit kit and Emotet — which acts as a backdoor and can steal sensitive user information. More in-depth details are posted on OUR FORUM.