Lavasoft Blog

Visitors to the MSN homepage have been targeted with malicious advertising. According to security researcher Jerome Segura, the malvertising was delivered to users through the AdSpirit advertising network, one of MSN’s advertising partners. Users who clicked on the banner advertisements were re-directed to the RIG and Neutrino exploit kits.

Security researcher Klikki Oy has received a $10,000 bug bounty for discovering a security flaw in Yahoo Mail. The XSS vulnerability discovered could have allowed a potential attacker to forward the contents of the victim’s inbox to an external website and compromise the account itself. Yahoo learned about the threat last month, implemented a fix and rewarded the researcher through a bug bounty program.  

The Microsoft Office 365 Exchange Online Protection team is introducing three new changes to protect users of their email service. The changes are being rolled out in the first quarter of 2016 and include faster detection of malicious attachments, increased efficiency for categorizing spam and new protection against fake CEO spoofing attacks. 

Microsoft has officially discontinued its support for Windows 8 today. This means that the company will not release additional security patches or provide technical support for home users of the operating system. Older operating systems which are missing critical updates have a greater chance of being infected by viruses or malware and it’s recommended that users update their system.