As expected, attackers have begun exploiting the GNU Bash "Shellshock" remote code execution bug (CVE-2014-6271) to compromise systems and infect them with malware.
At Virus Bulletin 2014, Bromium presented a research report that highlights the severe risk of malicious ad networks infecting end users.
The Bash "shellshock" flaw (CVE-2014-6271) was discovered last week by Unix/Linux specialist Stephane Chazelas, and its existence was made public on Wednesday.
Earlier this month, security researcher Rafay Baloch has released a proof-of-concept exploit that takes advantage of a vulnerability in an Android Browser's security mechanism and could allow attackers to harvest confidential user data.
Even if you never had to deal personally with "Windows support" scammers, chances are someone you know did or you have heard about these type of scams.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.