Internet Storm Center's April 22, 2025 Stormcast: Key Cybersecurity Topics
In this April 22, 2025 edition of the Internet Storm Center's Stormcast, Johannes Ullrich, recording from Jacksonville, Florida, addresses several crucial cybersecurity topics. The first topic discusses a classic phishing attack where webmail forms are used to steal email credentials. This attack is made possible through a dynamic IP address redirection system exploiting Google's doubleclick.net system. Jan, a contributor, criticizes Google for facilitating this attack, despite the site being flagged by Virus Total, which is also managed by Google. Johannes suggests blocking doubleclick.net as a simple method to block ads, although this may disrupt some legitimate advertisements. Next, the discussion turns to ChatGPT and an interesting discovery made by ramyox.com. It appears that ChatGPT inserts non-visible Unicode characters, such as non-breaking spaces, into generated texts. These characters could potentially be used to detect if a text was created by ChatGPT, or even to identify the specific user. This insertion could be a measure to deter students from cheating using ChatGPT, although the characters can be manually removed. Another important topic concerns a security update for ASUS routers. A critical vulnerability in the AI Cloud feature allows arbitrary code execution without authentication. Although the exact nature of the vulnerability is unclear, it is recommended to disable the AI Cloud feature if no firmware update is available. Johannes emphasizes the importance of this update and suggests disabling the feature even if it is available. Finally, a vulnerability in PyTorch is discussed. This vulnerability allows remote code execution when loading AI models, even with the "weights_only=True" option enabled, which is supposed to be safe. Versions of PyTorch prior to 2.6 are affected, and it is strongly recommended to update to the latest version to fix this issue. The practical implications of these findings are significant. Users must be vigilant against phishing attacks and take measures to block potential attack vectors. Developers and users of ChatGPT should be aware of the inserted Unicode characters and their implications. Owners of ASUS routers should apply security updates and disable non-essential features to avoid vulnerabilities. Finally, PyTorch users should ensure they are using the most recent version to avoid security risks. For more details, watch the full video at the following address: https://www.youtube.com/watch?v=944Hpoj0fjo