Dropbox was quick to remove the bogus login page, Symantec said
The attack could be used to distribute malware through applications that appear harmless, researchers said
The advertisements redirected victims to the Sweet Orange exploit kit, which tries to install malware.
Experts say that SSL 3.0 should be disabled even though some legacy products still use it.
The Sandworm vulnerability gets a fix with this month's round of corrective fixes for Microsoft software. Internet Explorer gets a fix, too.
The credentials leaked by an alleged hacker online were likely stolen from other services, the company said.
The vulnerability allows for arbitrary code execution and affects many versions of Windows and Windows Server
Password managers offer many convenient options, but some come at the expense of security
The botnet targets Web servers that haven't been patched for recent vulnerabilities found in the Bash Linux shell
The systems were accessed using account credentials from a third-party vendor, Dairy Queen said