Podcast Detail

SANS Stormcast Friday, May 16th: Increase in Sonicwall Scans; RVTools Compromised?; RountPress

If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9454.mp3

previous
Podcast Logo
Increase in Sonicwall Scans; RVTools Compromised?; RountPress
00:00

Web Scanning SonicWall for CVE-2021-20016 - Update
Scans for SonicWall increased by an order of magnitude over the last couple of weeks. Many of the attacks appear to originate from “Global Host”, a low-cost virtual hosting provider.
https://isc.sans.edu/diary/Web%20Scanning%20SonicWall%20for%20CVE-2021-20016%20-%20Update/31952

Google Update Patches Exploited Chrome Flaw
Google released an update for Chrome. The update fixes two specific flaws reported by external researchers, CVE-2025-4664 and CVE-2025-4609. The first flaw is already being exploited in the wild.
https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_14.html
https://x.com/slonser_/status/1919439373986107814

RVTools Bumblebee Malware Attack
Zerodaylabs published its analysis of the RV-Tools Backdoor attack. It suggests that this may not be solely a search engine optimization campaign directing victims to the malicious installer, but that the RVTools distribution site was compromised.
https://zerodaylabs.net/rvtools-bumblebee-malware/

Operation RoundPress
ESET Security wrote up a report summarizing recent XSS attacks against open-source webmail systems
https://www.welivesecurity.com/en/eset-research/operation-roundpress/

no transcript found