SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Friday, May 16th: Increase in Sonicwall Scans; RVTools Compromised?; RountPress
May 16, 2025
Increased scanning for SonicWall vulnerabilities raises alarms, with many attacks traced back to a budget hosting provider. Google addresses two critical flaws in Chrome, one of which is actively being exploited. A deep dive into RVTools reveals potential compromises that extend beyond simple SEO tactics, suggesting a backdoor entry. Finally, a report discusses XSS attacks affecting open-source webmail systems, underscoring the ongoing challenges in cybersecurity.
AI Snips
Chapters
Transcript
Episode notes
SonicWall Scans Surge
- SonicWall vulnerability scans increased by an order of magnitude in recent weeks.
- Many scans come from Globalhost, a low-cost hosting provider often used for cheap rented machines.
Update Chrome to Patch Vulnerabilities
- Immediately update Google Chrome to version 1.3, which patches two vulnerabilities.
- Restart Chrome daily to ensure updates are applied effectively.
Chrome Referrer Policy Bug Revealed
- A Chrome vulnerability leaks URL parameters due to improper referrer policy application.
- This demonstrates that confidential data should never be included in URLs.