Lewis Henderson

The success of the Rubella Macro Builder toolkit has demonstrated that the cyber-crime-as-a-service is in rude health right across Europe. A report from Flashpoint reveals that the toolkit has been used to create malicious macros in Microsoft Office documents sent as email attachments in massive criminal spam campaigns. Rubella Macro Builder is fast, on sale at a lowered price of just $40 per month, and is in widespread use. It simplifies how PCs are infected by macros embedded in documents, a traditional form of attack. As with similar toolkits, much of its success has been down to the use of…

 A vulnerability in Windows that has been around for decades is being exploited by hackers behind a new version of the infamous Locky ransomware. It is a vulnerability that has been apparent since the 1980s, but which Microsoft has publicly stated it will not address by removing the feature, making the new attacks undetectable with traditional cyber security software. The hackers are exploiting Microsoft’s Dynamic Data Exchange (DDE), a feature that allows the transfer of data between Windows applications, and which is almost exclusively used to point to data sources inside a network. DDE is being subverted to distribute ‘weaponised’…