Hello and welcome to the Sands and H Storm Center's Stormcast. My name is Johannes Ulrich,

and today I'm recording from Jacksonville, Florida. And today's episode is brought you by the sands.edu graduate

certificate in penetration testing and ethical hacking. In diaries today, we have a gea talk well yet again about the 2021 sonic wall

vulnerabilities that are still being exploited and while there is qualitatively nothing really

new here it's still the same URLs being hit well the, the quantity substantially changed.

It changed by an order of magnitude.

Now, there is one particular network, so if that sticks out here, and that's 141.980.

This particular network belongs to a global host.

Global host appears to be one of those low-cost hosting providers. And of course,

they're often being used to then just rent a couple cheap machines and start these scans.

Of course, with low cost often also comes low support and inability to sort of react to abuse complaints.

Still have to notify them and we'll see if maybe we get a response from them.

And Google released an update to Google Chrome.

We are now up to version 136. This update fixes two vulnerabilities that were

detected externally and the number, and there's obviously various fixes from internal audits.

Now, what is kind of interesting here is that one of the flaws is already being exploited in the wild.

So upgrade, as usual, Google Chrome usually does a reasonable good job in upgrading itself.

I would recommend at least restart Google Chrome once a day.

That way, you usually make sure that the update is actually being applied.

And to make things more exciting, the vulnerability was actually made public with details on X 10 days ago by S. Lancer here, the X account.

The vulnerability resolves around link headers being sent for sub-resource requests

and the refer policy here being not correctly applied to these link headers.

...