Handler on Duty: Johannes Ullrich
Threat Level: green
Podcast Detail
SANS ISC Stormcast, Jan 22, 2025: Geolocation via Starlink and Cloudflare; AI Prompt Risks; Homebrew Phishing
If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9290.mp3
My Next Class
| Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
| Network Monitoring and Threat Detection In-Depth | Baltimore | Mar 3rd - Mar 8th 2025 |
Interested in Internet Storm Center stickers? Check here if there are still some available for today.
This episodes covers how Starlink users can be geolocated and how Cloudflare may help deanonymize users. The increased use of AI helpers leads to leaking data via careless prompts.
Geolocation and Starlink
https://isc.sans.edu/diary/Geolocation%20and%20Starlink/31612
Discover the potential geolocation risks associated with Starlink and how they might be exploited. This diary entry dives into new concerns for satellite internet users.
Deanonymizing Users via Cloudflare
https://gist.github.com/hackermondev/45a3cdfa52246f1d1201c1e8cdef6117
Deanonymizing users by identifying which cloudflare server cashed particular content
Sage's AI Assistant and Customer Data Concerns
https://www.theregister.com/2025/01/20/sage_copilot_data_issue/
Examine how a Sage AI tool inadvertently exposed sensitive customer data, raising questions about AI governance and trust in business applications.
The Threat of Sensitive Data in Generative AI Prompts
https://www.darkreading.com/threat-intelligence/employees-sensitive-data-genai-prompts
Analyze how employees’ careless prompts to generative AI tools can lead to sensitive data breaches and the importance of awareness training.
Homebrew Phishing
https://x.com/ryanchenkie/status/1880730173634699393
Geolocation and Starlink
https://isc.sans.edu/diary/Geolocation%20and%20Starlink/31612
Discover the potential geolocation risks associated with Starlink and how they might be exploited. This diary entry dives into new concerns for satellite internet users.
Deanonymizing Users via Cloudflare
https://gist.github.com/hackermondev/45a3cdfa52246f1d1201c1e8cdef6117
Deanonymizing users by identifying which cloudflare server cashed particular content
Sage's AI Assistant and Customer Data Concerns
https://www.theregister.com/2025/01/20/sage_copilot_data_issue/
Examine how a Sage AI tool inadvertently exposed sensitive customer data, raising questions about AI governance and trust in business applications.
The Threat of Sensitive Data in Generative AI Prompts
https://www.darkreading.com/threat-intelligence/employees-sensitive-data-genai-prompts
Analyze how employees’ careless prompts to generative AI tools can lead to sensitive data breaches and the importance of awareness training.
Homebrew Phishing
https://x.com/ryanchenkie/status/1880730173634699393
iTunes
MP3 Download
RSS Feed
Google
Podbean
Amazon Echo
YouTube
Spreaker
Spotify
Discussion
Login here to join the discussion.
| Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
| Network Monitoring and Threat Detection In-Depth | Baltimore | Mar 3rd - Mar 8th 2025 |
| Application Security: Securing Web Apps, APIs, and Microservices | Orlando | Apr 13th - Apr 18th 2025 |
| Application Security: Securing Web Apps, APIs, and Microservices | San Diego | May 5th - May 10th 2025 |
| Network Monitoring and Threat Detection In-Depth | Baltimore | Jun 2nd - Jun 7th 2025 |
© 2025 SANS™ Internet Storm Center
Developers: We have an API for you! 