Websense researchers have been following several recent email spam campaigns targeting users of popular services such as Skype and Evernote, and believe them to be initiated by the infamous ru:8080 gang, which a history of similar spam runs impersonating legitimate Internet services such as Pinterest, Dropbox, etc.
Microsoft's Enhanced Mitigation Experience Toolkit (EMET) is a good piece of software and helpful for protecting non-kernel Microsoft applications and third-party software, but the protection it offers can also be bypassed completely if the attackers know what they are doing, claim researchers from security firm Bromium.
The recently spotted watering hole attacks aimed at the visitors of the official website of the US Veterans of Foreign Wars and of a bogus website mimicking that of the French aerospace association GIFAS might not be, after all, the work of the same threat actors.
The recent release of a Metasploit module that allows attackers to remotely access ("get shell") on most Android-running devices has again raised a very good question: "How can we force carriers and sellers to deliver security updates to users in a timely manner?" The bug is in Android's WebView programming interface.
Evernote users are being actively targeted with an email spam campaign that tries to trick them into following a malicious link.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.