SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Wednesday, November 5th, 2025: Apple Patches; Exploits against Trucking and Logistic; Google Android Patches
Nov 5, 2025
Apple addresses 110 vulnerabilities with a comprehensive OS upgrade, raising questions about exploitability. Attackers leverage remote management tools to infiltrate trucking and logistics sectors, employing fake load postings as a phishing tactic. A critical vulnerability in Android allows remote code execution, underscoring the urgency to apply patches promptly. Insights on the financial repercussions of these cyber threats highlight the importance of controlling remote access in securing logistics operations.
AI Snips
Chapters
Transcript
Episode notes
Apply Apple Updates Promptly
- Apply Apple's updates this week where possible to reduce exposure to memory corruption bugs.
- Prioritize devices that still receive Safari or OS updates because WebKit flaws can be exploited via web content.
Wide Apple Patch Sweep
- Apple released patches covering 110 vulnerabilities across nearly all products due to shared OS components.
- Memory corruption flaws in ImageIO, font parsing, and WebKit are concerning because they historically enable remote code execution.
Legit Tools Improve Stealth
- Criminals prefer legitimate remote management tools to stay persistent and evade detection.
- Being inside industry systems makes phishing far more convincing and effective at infecting partners.