SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS ISC Stormcast, Jan 22, 2025: Geolocation via Starlink and Cloudflare; AI Prompt Risks; Homebrew Phishing
4 snips
Jan 22, 2025 Explore the unsettling geolocation risks for Starlink users, revealing how satellite internet could expose sensitive data. Learn about Cloudflare's role in potentially deanonymizing individuals by tracking cached content. Delve into alarming incidents where AI assistants leak confidential customer information due to careless prompts. Finally, discover the rising threat of phishing attacks targeting Mac users, underscoring the urgent need for better data protection and user training.
AI Snips
Chapters
Transcript
Episode notes
Starlink Geolocation
- Starlink's low-earth orbit and numerous ground stations allow for more precise geolocation than traditional satellite internet.
- This poses challenges for users trying to circumvent geofencing employed by websites and networks.
Geofencing Database
- If Starlink users complain about geofencing issues, verify your geolocation database is current.
- Older databases lack fine-grained resolution for Starlink's network, causing inaccuracies.
Cloudflare Deanonymization
- Cloudflare's widespread cache servers can be used to roughly geolocate anonymous users.
- By checking which Cloudflare server caches specific content, one can estimate the user's general location.