A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
ISC StormCast for Wednesday, January 22nd, 2025
January 21, 2025
9:16
8.05 MB
Downloads: 0
This episodes covers how Starlink users can be geolocated and how Cloudflare may help deanonymize users. The increased use of AI helpers leads to leaking data via careless prompts.
Geolocation and Starlink
https://isc.sans.edu/diary/Geolocation%20and%20Starlink/31612
Discover the potential geolocation risks associated with Starlink and how they might be exploited. This diary entry dives into new concerns for satellite internet users.
Deanonymizing Users via Cloudflare
https://gist.github.com/hackermondev/45a3cdfa52246f1d1201c1e8cdef6117
Deanonymizing users by identifying which cloudflare server cashed particular content
Sage's AI Assistant and Customer Data Concerns
https://www.theregister.com/2025/01/20/sage_copilot_data_issue/
Examine how a Sage AI tool inadvertently exposed sensitive customer data, raising questions about AI governance and trust in business applications.
The Threat of Sensitive Data in Generative AI Prompts
https://www.darkreading.com/threat-intelligence/employees-sensitive-data-genai-prompts
Analyze how employees careless prompts to generative AI tools can lead to sensitive data breaches and the importance of awareness training.
Homebrew Phishing
https://x.com/ryanchenkie/status/1880730173634699393
Geolocation and Starlink
https://isc.sans.edu/diary/Geolocation%20and%20Starlink/31612
Discover the potential geolocation risks associated with Starlink and how they might be exploited. This diary entry dives into new concerns for satellite internet users.
Deanonymizing Users via Cloudflare
https://gist.github.com/hackermondev/45a3cdfa52246f1d1201c1e8cdef6117
Deanonymizing users by identifying which cloudflare server cashed particular content
Sage's AI Assistant and Customer Data Concerns
https://www.theregister.com/2025/01/20/sage_copilot_data_issue/
Examine how a Sage AI tool inadvertently exposed sensitive customer data, raising questions about AI governance and trust in business applications.
The Threat of Sensitive Data in Generative AI Prompts
https://www.darkreading.com/threat-intelligence/employees-sensitive-data-genai-prompts
Analyze how employees careless prompts to generative AI tools can lead to sensitive data breaches and the importance of awareness training.
Homebrew Phishing
https://x.com/ryanchenkie/status/1880730173634699393