ISC StormCast for Tuesday, September 20th 2016

By Johannes B. Ullrich, Ph.D. Taking Over Facebook Pages
http://arunsureshkumar.me/index.php/2016/09/16/facebook-page-takeover-zero-day-vulnerability/
Exchange Auto-Discovery Vulnerability
http://www.theregister.co.uk/2016/09/19/ms_exchange_alleged_bug/
Spyware Apps Targeting Travelers Removed From Goolge App Store
https://blog.lookout.com/blog/2016/09/16/embassy-spyware-google-play/
Firefox Will Patch HSTS Vulnerability
https://threatpost.com/mozilla-patching-firefox-certificate-pinning-vulnerability/120694/
OpenSSL Patch Pre-Announcement
https://mta.openssl.org/pipermail/openssl-announce/2016-September/000076.html
More Here