

SANS Stormcast Tuesday, April 22nd: Phishing via Google; ChatGPT Fingerprint; Asus AI Cloud Vuln; PyTorch RCE
Apr 22, 2025
AI Snips
Chapters
Transcript
Episode notes
Phishing Uses Google's Ad Service
- Jan describes a phishing attack that uses Google's own DoubleClick.net to redirect to a malicious dynamic IP site.
- Despite being flagged by VirusTotal for a week, the ads still run, showing Google's vulnerability exploitation.
Block doubleclick.net as Simple Ad Blocker
- Block doubleclick.net to effectively reduce phishing and unwanted ads.
- Visit company websites directly to avoid missing important information due to ad blocking.
ChatGPT Leaves Invisible Fingerprints
- ChatGPT inserts invisible Unicode characters like non-breaking spaces that can fingerprint texts it generates.
- These characters may identify which account created a document and survive simple copy-pastes.