Citrix Workspace App GlobalSign Root CA post upgrade to Catalina Beta (Discussions)

macOS 10.15 Catalina was released yesterday. Apple provided a warning (June 2019) about important new security requirements for TLS server certificates in iOS 13 and macOS 10.15. Citrix, which offers enterprise software for Mac and Windows, didn't get the memo or were just asleep at the wheel. After installing Catalina, I started getting errors about untrusted root certificates.

You have not chosen to trust "GlobalSign Root CA", the issuer of the server's security certificate.

I dug around in Keychain Access to try to resolve the issue but could not. A few Google searches later; I found a very long thread (June 2019) on the Citrix forum where users had reported this issue with macOS 10.15 Beta. Citrix appeared to be flippant about users reporting of the problem. A few users were pissed off.

I was a bit panicked. I consult and work remotely for a banking client in New York City. Without the Citrix client, I am unable to connect to their systems to get work done.

I followed the thread until I found a post with a temporary workaround. Crisis averted.

This morning Citrix released an updated Citrix Workspace app 1910 for Mac. Kudos to Citrix for getting this out to customers, but I think they could have done a better job communicating to customers and setting expectations.

Why Deepfake Audio Technology Is a Real Threat to Enterprise Security (Security Intelligence)

According to Axios, deepfake audio technology has already begun wreaking havoc on the business world, as threat actors use the tech to impersonate CEOs. Symantec has reported three successful audio attacks on private companies that involved a call from the “CEO” to a senior financial officer requesting an urgent money transfer. Just imagine how an incident like this would affect your company.

Time to start thinking about mitigation.