InfoSec News Summary 02/26/2016

Posted on February 26th, 2016

• Hacker Backdoored Linux Mint Repo: Hacked web application + posted backdoored ISOs

• Ransomware springboards from WordPress to Joomla domains

• Drupal 6 EOL February 24th 2016

• Operation Blockbuster Reveals Information Behind the Lazarus APT Group

• Drupal Updates Fixes 10 Vulnerabilities including a Critical Access Bypass

• Anticipated High Severity OpenSSL Patch to be Released Tuesday March 1st

• Kohls Cash Fraud

• Spotify Account(s) Compromised

• Apple vs. FBI – The Debate Continues

• Palo Alto Networks Release an Update to Address Critical vulnerabilities

• UKnowKids Database Exposes 1,700 Identities of Children

• Troy Hunt Controlling Features in Nissan Leaf Due to Vulnerable API in Web Application

• ASUS Faces Potential Charges Due to Poor Security Practice with Routers

• Multiple Vulnerabilities in BlackBerry Enterprise (BES12 < 12.4) CVE-2016-1914 and CVE-2016-1915 (SQLi, and XSS)

• [Tool] Burp Suite Pro Plugin to Scan an App with YARA Rules