By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy

The intentions of and delivery method of Mylobot are unknown - but it appears to be the work of a sophisticated attacker who could deliver trojans, ransomware and more. A new malware campaign is roping systems into a botnet and providing the attackers with complete control over infected victims, plus the ability to deliver additional payloads, putting the victims' devices at risk of Trojans, keyloggers, DDoS attacks and other malicious schemes. The malware comes equipped with three different layers of evasion techniques which have been described by the researchers at Deep Instinct who uncovered the malware as complex, rare and "never seen in the wild before". Dubbed Mylobot after a researcher's pet dog, the origins of the malware and its delivery method are currently unknown, but it appears to have a connection to Locky ransomware -- one of the most prolific forms of malware during last year. The sophisticated nature of the botnet suggests that those behind it aren't amateurs, with Mylobot incorporating various techniques to avoid detection. Follow this on OUR FORUM.

Microsoft has today released a new Windows 10 Preview Build of the SDK to be used in conjunction with Windows 10 Insider Preview (Build 17692 or greater). The Preview SDK Build 17692 contains bug fixes and under-development changes to the API surface area. The build works in conjunction with previously released SDKs and Visual Studio 2017. The Windows SDK will now formally only be supported by Visual Studio 2017 and greater and this build of the Windows SDK will only install on Windows 10 Insider Preview. The build brings MSIX support, meaning developers can now package their applications as MSIX. These applications can be installed and run on any device with 17682 build or later. MSIX is however not currently supported by the App Certification Kit nor the Microsoft Store at this time. Learn more and download from OUR FORUM.

Apple's macOS surreptitiously creates and caches thumbnails for images and other file types stored on password-protected / encrypted containers (hard drives, partitions), according to Wojciech Reguła and Patrick Wardle, two macOS security experts. The problem is that these cached thumbnails are stored on non-encrypted hard drives, in a known location and can be easily retrieved by malware or forensics tools, revealing some of the content stored on encrypted containers. On macOS, these thumbnails are created by Finder and QuickLook. Finder is the default macOS file explorer app, similar to Windows Explorer. Whenever a user navigates to a new folder, Finder automatically loads icons for the files located in those folders. For images, these icons are gradually replaced by thumbnails that show a preview of the image at a small scale. But in a recent macOS version, Apple has added a new feature to Finder called QuickLook. This feature allows users to hold down the Space key while having a file selected and view an image-like preview of the document's content. Apple devs created this feature to allow users to preview files with similar names and determine which one they want to open. Follow along at OUR FORUM.