The release of macOS 15, also known as Sequoia, seems to have thrown a wrench into the smooth operation of several security software products. Apple, in its quest to make your computer sleeker, faster, and (ironically) safer, has ended up causing a wave of problems for some of its biggest security vendors like CrowdStrike and Microsoft. And by problems, I mean broken network connections, mangled security tools, and a general scramble for fixes.
You might think updating your OS is a routine task, like getting your oil changed, but in this case, it’s more like driving off with your mechanic still under the hood. Reports of network-related bugs surfaced almost immediately after Sequoia’s release, leaving companies like ESET and Microsoft scrambling to explain to users how to fix their now-broken setups.
Patrick Wardle, a notable figure in macOS security, pointed out that Apple knew about these issues well before release but pushed ahead with the update anyway. It’s a bit like a chef who serves dinner knowing full well the oven’s on fire in the kitchen.
What’s the Fix?
For ESET users, you’ll need to manually tweak or remove network filters. Not feeling tech-savvy? No problem! If you don’t fix it yourself, you get the lovely alternative of removing and reinstalling the software. Simple, right?
Meanwhile, Microsoft users are advised to turn off Stealth Mode in macOS’s Firewall settings. Now, Stealth Mode sounds like the kind of thing you’d want on all the time (who doesn’t want to be invisible to the internet’s bad actors?), but in this case, it’s causing connectivity issues. So, off it goes until Apple sorts out the underlying mess.
As of now, Apple hasn’t commented on the situation, so if you’ve already upgraded to Sequoia, consider yourself part of the early access testing group. You know, the one you didn’t sign up for.
Meanwhile, in the Land of Vulnerabilities…
Apache’s HugeGraph has a vulnerability so huge it’s actively being exploited. If you’re using anything between version 1.0.0 and 1.3.0, go ahead and patch that now. And if you’re feeling extra adventurous, take a look at the CVSS 9.8 vulnerabilities in WhatsUp Gold and Oracle’s WebLogic Server. These are the kinds of flaws that let attackers saunter into your network, no questions asked. Definitely not the kind of open-door policy you’d want.
Craigslist’s Craig Newmark to the Cybersecurity Rescue!
In brighter news, Craigslist founder Craig Newmark has pledged $100 million to bolster U.S. cybersecurity efforts. Half will go to protecting critical infrastructure, and the other half will fund education efforts. Newmark’s initiative is already rolling, with funds allocated to the University of Chicago and child safety organization Common Sense Media. So, while you’re fretting over Apple’s latest update, at least someone’s putting money toward fixing the big picture.
Watch Out for iCloud Scams
If you’re one of those folks who constantly sees the dreaded “your iCloud storage is almost full” notification, be extra cautious right now. Scammers have been phishing people left and right, pretending to sell more storage space but instead just grabbing your Apple ID credentials. Think of it like ordering dessert at a restaurant only to have your wallet stolen by the waiter.
Cencora’s $75M Ransom Payment Unveiled
Remember that massive $75 million ransom we heard about a while ago? Turns out it was allegedly paid by Cencora, a major drug distributor, following a February breach by the Dark Angels gang. The original ransom demand was reportedly much higher, but they settled in Bitcoin. Because nothing says “cyber negotiation” like cryptography and cryptocurrency.
So, the next time your security software bugs out, or you get suspicious emails about your iCloud storage, you might just be on the cutting edge of both technological progress and chaos. Welcome to the future.
