SANS Stormcast Tuesday, April 22nd: Phishing via Google; ChatGPT Fingerprint; Asus AI Cloud Vuln; PyTorch RCE

Apr 22, 2025

Ask episode

AI Snips

Chapters

Transcript

Episode notes

ANECDOTE

Phishing Uses Google's Ad Service

Jan describes a phishing attack that uses Google's own DoubleClick.net to redirect to a malicious dynamic IP site.
Despite being flagged by VirusTotal for a week, the ads still run, showing Google's vulnerability exploitation.

ADVICE

Block doubleclick.net to effectively reduce phishing and unwanted ads.
Visit company websites directly to avoid missing important information due to ad blocking.

INSIGHT

ChatGPT inserts invisible Unicode characters like non-breaking spaces that can fingerprint texts it generates.
These characters may identify which account created a document and survive simple copy-pastes.

Get the Snipd Podcast app to discover more snips from this episode