Podcast Detail

Cobalt Strike Domain Suspension; ManageEngine Vuln Details; CWE Top 25 Update

If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://chrt.fm/track/2748D7/https://traffic.libsyn.com/securitypodcast/8072.mp3

Podcast Logo
SANS Daily Network Security Podcast (Stormcast) for Friday, July 1st, 2022
00:00

Interested in Internet Storm Center stickers? Check here if there are still some available for today.

Case Study: Cobalt Strike Server Lives on After its Domain is Suspended
https://isc.sans.edu/forums/diary/Case+Study+Cobalt+Strike+Server+Lives+on+After+Its+Domain+Is+Suspended/28804/

CVE-2022-28219: Unauthenticated XXE to RCE and Domain Compromise in ManageEngine ADAudit Plus
https://www.horizon3.ai/red-team-blog-cve-2022-28219/

CWE Top 25 Update
https://cwe.mitre.org/top25/archive/2022/2022_cwe_top25.html#analysis