Let’s do some experts warn…
Experts warn against using iPhone Mirroring at work due to privacy risks. It can expose personal app lists to employers, potentially revealing sensitive information. This issue poses a liability for organizations and could lead to privacy law violations. Apple is aware of the problem and is working on a fix, while companies are advised to inform employees and avoid using the feature until it is resolved.
Microsoft warns of increasing cyber-attack campaigns leveraging legitimate file hosting services like SharePoint, OneDrive, and Dropbox for business email compromise (BEC) attacks. These attacks exploit user trust and involve phishing tactics that require recipients to authenticate via one-time passwords to access view-only files, ultimately redirecting them to adversary-in-the-middle phishing pages to steal credentials.
OpenAI reports an increase in cyber actors using its platform to disrupt elections globally, having disrupted over 20 deceptive operations. The report highlights concerns over AI-generated misinformation, particularly in upcoming elections, affecting billions. Despite the rise in AI-generated content, most identified posts received minimal engagement. The report emphasizes the need for awareness and discussion regarding AI’s role in the evolving threat landscape of election-related misinformation.
Dr. Shweta Singh raises concerns about OpenAI’s new reasoning AI model, Strawberry, highlighting risks of deception and manipulation. The model is rated as medium risk for assisting in the operational planning of biological threats and for its persuasive capabilities. Singh argues that releasing such models without stringent scrutiny is misguided and calls for robust regulatory frameworks to ensure human safety and ethical use of AI technologies.
And if you want big experts warn, Unit 42 at Palo Alto did a fascinating walkthrough of Phishing-as-a-Service platform Sniper Dz, linked to over 140,000 phishing websites targeting social media and online services. Sniper Dz offers a free admin panel for phishers to create and host phishing pages, utilizing public proxy servers to evade detection. The platform collects stolen credentials through a centralized infrastructure and tracks victims using embedded scripts. It exploits legitimate SaaS platforms for hosting and employs deceptive tactics to lure victims.
Why do we care?
Maybe I should make this a segment… experts warn. IT service providers need to synthesize expert advice and help mold it into policies for their customers.
Companies should advise employees to avoid iPhone mirroring at work until Apple resolves this issue. For example, the lines between personal device use and work environments are becoming increasingly blurred. This creates new security and privacy challenges for businesses, and service providers need to help clients navigate these risks with clear policies, stronger device management, and up-to-date security practices.

