ISC StormCast for Monday, November 22nd, 2021

22 November 2021, 7:33 pm

By Johannes B. Ullrich, Ph.D. Hikvision Security Cameras Potentially Exposed to Remote Code Execution
https://isc.sans.edu/forums/diary/Hikvision+Security+Cameras+Potentially+Exposed+to+Remote+Code+Execution/28056/
Detecting PAM Backdoors
https://isc.sans.edu/forums/diary/Backdooring+PAM/28058/
Rusted Anchors: A National Client-Side View of Hidden Root CAs in the Web PKI Ecosystem
https://dl.acm.org/doi/pdf/10.1145/3460120.3484768
CVE-2021-42306 CredManifest: App Registration Certificates Stored in Azure Active Directory
https://www.netspi.com/blog/technical/cloud-penetration-testing/azure-cloud-vulnerability-credmanifest/
More Here