Spam campaigns

Fake Dropbox Password Reset Spam Leads to Malware

A new spam campaign has been circulating over the last few weeks in hopes of duping users of the popular cloud storage service Dropbox. The e-mails purport to come from the service but instead lead those who click through to a malware landing page.

Two researchers say they’ve found a security hole in Tumblr, one of the most popular sites on the Internet, that could steal users’ authentication cookies to break into their accounts.

Aditya Gupta and Subho Halder say they’ve tried to contact Tumblr about the vulnerability by using mail and Twitter, but so far no one has responded. The social sharing site  hosts 59.4 million micro blogs and has published almost 25 billion posts.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.