SANS Stormcast Tuesday, April 22nd: Phishing via Google; ChatGPT Fingerprint; Asus AI Cloud Vuln; PyTorch RCE

April 21, 2025

SANS Stormcast Tuesday, April 22nd: Phishing via Google; ChatGPT Fingerprint; Asus AI Cloud Vuln; PyTorch RCE

Episode Transcript

It's 2025, so why are malicious advertising URLs still going strong?
Phishing attacks continue to take advantage of Google s advertising services. Sadly, this is still the case for obviously malicious links, even after various anti-phishing services flag the URL.
https://isc.sans.edu/diary/It%27s%202025...%20so%20why%20are%20obviously%20malicious%20advertising%20URLs%20still%20going%20strong%3F/31880
ChatGPT Fingerprinting Documents via Unicode
ChatGPT apparently started leaving fingerprints in texts, which it creates by adding invisible Unicode characters like non-breaking spaces.
https://www.rumidocs.com/newsroom/new-chatgpt-models-seem-to-leave-watermarks-on-text
Asus AI Cloud Security Advisory
Asus warns of a remote code execution vulnerability in its routers. The vulnerability is related to the AI Cloud feature. If your router is EoL, disabling the feature will mitigate the vulnerability
https://www.asus.com/content/asus-product-security-advisory/
PyTorch Vulnerability
PyTorch fixed a remote code execution vulnerability exploitable if a malicious model was loaded. This issue was exploitable even with the weight_only=True" setting selected
https://github.com/pytorch/pytorch/security/advisories/GHSA-53q9-r3pm-6pq6

News Tech News Technology

Show Transcript

See full episode transcriptTranscript is autogenerated by AI

Hello and welcome to the Tuesday, April 22nd, 2025 edition of the SANS and Storm Center's Stormcast. My name is Johannes Ulrich and today I'm recording from Jacksonville, Florida. And no, I won't mention it every single episode going forward, but remember SANSFire, July 14th through July 19th. And to register, just SANSFire.us. Well, in today's diaries, Jan is writing about his favorite topic, phishing. And in part, well, why is it still so easy? In the particular case that Jan is presenting here, it's a very straightforward phishing attack. It implements one of those webmail forms that we see very often being used to phish email credentials. And then, well, it's advertised via sort of a simple email failure notice. Again, a very common scheme being used to lure users into clicking on phishing links. However, it's then being directed to a dynamic IP address. Essentially, it uses one of those dynamic IP forwarding systems to host this particular website. It is forwarded to this dynamic IP by Google's own DoubleClick .net system. And that's sort of really where Jan has an issue with Google making it just too easy for attackers. This particular site has been flagged for about a week now by VirusTotal, which also is run by Google. So the data is certainly there to prove that this is not a good site to direct users to. Well, I guess you can also do the same thing yourself. BlockDoubleClick .net. I've been actually doing this for a while. Sort of a very simple ad blocker as well. And it seems to be working well. Of course, it will break some real ads that you may be interested in, but you can always go to the company's website directly. And then if everybody taking currently a writing class in college could just skip for a minute, the next story is about ChatGPT and RummyDocs .com. They discovered that ChatGPT apparently keeps inserting now Unicode characters like non-breaking spaces and the like that could potentially be used to discover if a particular text was created with ChatGPT. These characters appear to be added somewhat randomly. Of course, that could also then be used to some kind of fingerprinting or figuring out which account created a particular document. But they may be preserved when you're doing a simple copy-paste out of ChatGPT. Well, I hope you're at least smart enough to figure out how to remove these non-printing Unicode characters. Again, they're essentially spaces, so they're not visible in your normal Word or other editors like this. But they definitely should show up in like a simple ASCII type editor. RummyDocs also suggests that this may be due to ChatGPT now offering free accounts for students. So somewhat balancing here the temptation, of course, for students to cheat using ChatGPT. An ASUS released a security update for its routers fixing a critical vulnerability in the AI cloud functionality. This vulnerability apparently can be used to execute arbitrary code in the router without authentication. The exact nature of the vulnerability isn't clear. However, one important device here, if there is no firmware update for your router, because it's either not released yet or maybe your router is out or end of life, then you have the option to disable the AI cloud functionality. I don't have an ASUS router right now, so I have no idea what you get with AI cloud. Maybe a good idea to shut it out anyway, but for now, apply the update and, yeah, if possible, disable the feature. And we have a vulnerability in PyTorch. This actually sounds like a vulnerability that we already covered, but appears to be at least a new version, new variety of it. And it's just a good old problem that if you are loading AI models, you may be executing a code. And if you're loading these models with the weights only equals true feature, which is supposed to be saved, supposed to only load the data, not execute any code, well, that actually is not safe either or was not safe either in versions of PyTorch prior to 2 .6. So definitely get PyTorch updated because that setting, weights underscore only equals true, used to be the fix for this remote code execution issue, but apparently isn't in prior versions of PyTorch. Well, this is it for today. So thanks again for listening. Thanks everybody for subscribing, for liking this podcast and for recommending it, as well as for leaving good reviews. Thanks and talk to you again tomorrow. Bye.

Digital Dispatch Podcast Podcast Artwork Image

SANS Daily Stormcast

Johannes Ullrich