 An executable file disguised as a .jpg leads not only to ransomware but also its builder, which can be used to create variants. A malicious spam campaign that informs victims it contains a “critical Windows update” instead leads to the installation of Cyborg ransomware, researchers have found. Further, they were able to access its builder, which can be used to create malware variants. The email-based threat, discovered recently by researchers at Trustwave, is unique in a few ways, researchers unveiled in a blog post on Tuesday. For instance, the attached file purports to be in .jpg format, even though it opens an .exe file. Another unique aspect is that the emails contain a two-sentence subject, “Install Latest Microsoft Windows Update now! Critical Microsoft Windows Update!”— but it has just one sentence in its email body, researchers said. Typically, malicious emails include a longer, socially engineered message intended to lure victims into clicking malicious files. But perhaps the most crucial element of the analysis is that the Cyborg ransomware creators also left a trail from the executable that led researchers to discover the malware builder hosted on the Github developer platform. “The 7Zip file ‘Cyborg Builder Ransomware V 1.0.7z’ from Cyborg-Builder-Ransomware repository was uploaded two days before the Github account misterbtc2020 hosted the Cyborg ransomware executable,” according to the post. “It contains the ransomware builder ‘Cyborg Builder Ransomware V 1.0.exe.'” This adds a new dimension to the attack, Karl Sigler, threat intelligence manager for Trustwave SpiderLabs, told Threatpost in an email interview. “Ransomware has been widely used to attack different organizations and governments and having it and its builder hosted on a software development platform Github is significant,” he told us. “Anyone can grab a hold of it and create their own Cyborg ransomware executable.” For more turn your browser to OUR FORUM.  Canadian intelligence agencies are divided over whether to ban Chinese tech giant Huawei from its 5G networks and follow the example of the United States and Australia, according to a report in The Globe and Mail. The Canadian Security Intelligence Service (CSIS) insists on banning Huawei technology, while the Communications Security Centre (CSE), Canada's electronic surveillance agency, believes that rigorous testing and monitoring of 5G equipment manufactured by Huawei will eliminate security threats.  If you’ve been encountering issues during the installation of the Windows 10 cumulative updates, you’re not alone. Over the past few months, several users have reported on forums that Windows 10 updates including the important Patch Tuesday releases and optional updates are failing to install. Windows 10 KB4524570, which is the latest Patch Tuesday update, could also fail to install on PCs with May 2019 Update and November 2019 Update. Users have reported on Microsoft’s community forum that they’re currently unable to install this patch and seeing error codes such as 0x80073701 and 0x8009001d. It’s worth noting that Microsoft acknowledged Windows 10 installation error in late May 2019 and the company reportedly developed a fix. According to the support doc, Microsoft resolved the installation issue on November 12 but some users might still experience issues. “Installation of updates may fail and you may receive the error message, “Updates Failed, There were problems installing some updates, but we’ll try again later” or “Error 0x80073701″ on the Windows Update dialog or within Update history,” the firm noted. “This issue has been resolved for most users,” Microsoft noted. For those who are still having issues, Microsoft posted a workaround guide a few days ago. It’s not clear if these issues are affecting a lot of users right now, but the problem is marked resolved and it’s possible that the firm might not fix it. Get up to date on this by visiting OUR FORUM. |
Latest Articles
|