Cybersecurity Weekly: Office365 phishing campaign, EU citizen impersonation, iOS 13 and macOS Catalina updates

Each week, Wipfli’s cybersecurity professionals review the latest breaches, vulnerabilities, patches and updates.

Breaches

• Cybercriminals are targeting users of Microsoft's Office365 subscription services with phishing campaigns that uses fake voicemail messages in an attempt to steal victims' credentials and other information.
• Italian banking and financial services company UniCredit has acknowledged that a data breach affected the information of three million of its customers. UniCredit has customers around the world, but this breach affected just Italian customers. This breach is the third data security incident UniCredit has experienced since 2016.
• A trio of well-known domain name registrars are mandating a password reset after revealing a breach affecting about 22 million accounts that occurred in late August. Web.com and two of its brands, Network Solutions and Register.com, published identical breach notices, noting "that a third party gained unauthorized access to a limited number of our computer systems." The incident was discovered on Oct. 16.

Vulnerabilities

• Researchers analyzing the electronic system for transactions and signatures used by the European Union member states found flaws that allowed impersonating any EU citizen. Vulnerability researchers found two vulnerabilities in the eIDAS-Node Integration Package that facilitates communication with eIDAS nodes (Connector and Service) in each country.
• Two critical authentication-related vulnerabilities have been found in a chiller made by Germany-based Rittal. Rittal’s SK 3232-series chiller is designed specifically for cooling IT applications, such as liquid cooling packages (LCP) and computer room air conditioning (CRAC) units.
• US-CERT Vulnerability Summary for the week of October 28, 2019.

Patches & Updates

• Security updates released by Apple this week for iOS 13 and macOS Catalina 10.15 address roughly 40 vulnerabilities, including issues that affect both operating systems. MacOS Catalina 10.15.1, the first security update for the latest major version of the operating system, fixes 33 vulnerabilities, including flaws that can be exploited through malicious applications or by getting the targeted user to process a specially crafted file.
• Google is warning users of a high-severity vulnerability in its Chrome browser that is currently being exploited by attackers to hijack computers. The flaw (CVE-2019-13720) exists in Google Chrome’s audio component. Google is urging users to update to the latest version of Chrome, 78.0.3904.87 (for Windows, Mac, and Linux) as it rolls out over the coming days.
• The PHP development team has fixed a bug that could allow remote code execution in some setups of the programming language, possibly allowing attackers to take over any site running the code remotely. The team fixed the bug in several point releases of PHP. Version 7.1 users should download PHP 7.1.33. Version 7.2 users need PHP 7.2.24, while version 7.3 users should opt for 7.3.11. As with all security releases, the PHP team urged users of the latest full release to upgrade to the latest point version.