The latest episode of the CyberHub Podcast, hosted by James Azar, covered a wide array of critical cybersecurity issues, including updates on major software vulnerabilities, security breaches, and geopolitical cyber threats.
MacOS Sequoia Update Issues
A significant portion of the show was dedicated to the fallout from the recent MacOS Sequoia update. Major security vendors such as CrowdStrike, ESET, Microsoft, and SentinelOne experienced compatibility issues, primarily due to changes in the network stack. CrowdStrike advised users to avoid the update, while Microsoft flagged potential network protection crashes. Other vendors scrambled to resolve problems within 24 hours. The podcast emphasized the need for better coordination between Apple and security vendors, as this incident highlighted critical gaps.
Ivanti Vulnerabilities
Azar revisited vulnerabilities in Ivanti’s Cloud Services Appliance (CSA), which has been under continuous scrutiny since February. Two CVEs—one enabling path traversal and the other allowing OS command injection—have been exploited, making the system vulnerable to unauthorized access. Azar strongly criticized Ivanti's leadership for repeatedly failing to address security issues, urging the company to rethink its DevSecOps practices.
BingX Cryptocurrency Theft
A staggering $44 million was stolen from Singapore-based cryptocurrency platform BingX. The company quickly implemented emergency measures and engaged blockchain security firm SlowMist and Chainalysis to recover the stolen funds. While BingX committed to fully compensating users, the final tally of losses remains uncertain, with some estimates climbing as high as $48 million.
Disney’s Migration Away from Slack
Disney is moving away from Slack after a July data breach exposed over 1 TB of internal messages and files. This breach impacted thousands of Slack channels and included sensitive information on projects, finances, and IT operations. Disney had already faced a data leak earlier in the year, underscoring a troubling pattern of security lapses within the company.
Versa Networks Patch Announcement
Versa Networks released patches to address vulnerabilities in their Versa Director platform. A CVSS-rated vulnerability involving REST APIs could expose authentication tokens. Azar emphasized the importance of securing APIs, noting that poor API management can leave organizations vulnerable to attacks.
Chinese Cyber Espionage in Southeast Asia
A China-linked cyber espionage group is actively targeting government agencies in Taiwan, the Philippines, and Japan, as well as energy companies in Vietnam. Using spear-phishing and exploiting vulnerabilities in geo-server software, the group has successfully infiltrated several organizations. This uptick in attacks aligns with China’s broader strategy of advancing its interests across the Asia-Pacific region.
Ukraine’s Ban on Telegram for Government Officials
Ukraine announced a ban on Telegram for government and military personnel, citing national security concerns. However, Azar expressed skepticism, labeling the move as more of a political play influenced by foreign governments, rather than a legitimate security decision.
The UN's Call for AI Governance
In a scathing review, Azar criticized the United Nations' recent recommendation for global governance of artificial intelligence, calling the organization “disgraceful” and unsuitable to handle such critical matters. He warned that UN oversight of AI could have detrimental effects on global innovation and freedom.
Action Item for Cybersecurity Professionals:
Test OS Updates in Isolated Environments Before Deployment
The issues stemming from the MacOS Sequoia update underscore the importance of thoroughly testing new OS updates in isolated environments before organization-wide deployment. Incompatibilities between OS updates and security tools can expose systems to unintended vulnerabilities, resulting in significant disruptions. Implementing strict patch management policies and monitoring vendor advisories can mitigate such risks and ensure a smoother update process for critical security tools.
👀 SHOW Supporters:
Today's episode is supported by our friends at Nudge Security. All CyberHub Podcast community members can get a free 14-day trial of their solution for securing SaaS and genAI at https://www.nudgesecurity.com/cyberhub
✅ Story Links:
https://www.securityweek.com/cybersecurity-products-conking-out-after-macos-sequoia-update/
https://www.darkreading.com/cyberattacks-data-breaches/ivanti-cloud-service-appliance-attacked-vuln
https://www.securityweek.com/versa-networks-patches-vulnerability-exposing-authentication-tokens/
https://therecord.media/44-million-stolen-from-crypto-platform-singapore
https://www.bleepingcomputer.com/news/security/disney-ditching-slack-after-massive-july-data-breach/
https://therecord.media/germany-court-ruling-arne-schonbohm-bsi
https://www.darkreading.com/cyberattacks-data-breaches/china-earth-baxia-spies-geoserver-apac-orgs
🔔 Subscribe now for the latest insights from industry leaders, in-depth analyses, and real-world strategies to secure your digital world. https://www.youtube.com/@TheCyberHubPodcast/?sub_confirmation=1
✅ Important Links to Follow:
👉Substack:
👉Listen here: https://linktr.ee/cyberhubpodcast
✅ Stay Connected With Us.
👉Facebook: https://www.facebook.com/CyberHubpodcast/
👉LinkedIn: https://www.linkedin.com/company/cyberhubpodcast/
👉Twitter (X): https://twitter.com/cyberhubpodcast
👉Instagram: https://www.instagram.com/cyberhubpodcast
✅ For Business Inquiries: info@cyberhubpodcast.com
=============================
✅ About The CyberHub Podcast.
The Hub of the Infosec Community.
Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.
Tune in to our podcast Monday through Thursday at 9AM EST for the latest news.
MacOS Sequoia Conks Security Products, $44M in Crypto Stolen, China Spies on APAC, Ivanti Vulnerability