Over the past week there have been many hot topics in cybersecurity. This edition of This Week in Cybersecurity includes stories covering Microsoft patching the Follina Zero-Day, Apple M1 Kernel security flaws, a record-breaking DDoS attack, a Kaiser Permanente data breach, and US military hackers conducting offensive activities in support of Ukraine. Check out the details below.
- Cloudflare Saw Record-Breaking DDoS Attack Peaking at 26 Million Request Per Second: Cloudflare disclosed that it had acted to prevent a record-setting 26 million requests per second (RPS) distributed denial-of-service (DDoS) attack last week, making it the largest HTTPS DDoS attack detected to date. In late April 2022, it said it staved off a 15.3 million RPS HTTPS DDoS attack aimed at a customer operating a crypto launchpad. According to the company’s DDoS attack trends report for Q1 2022, volumetric DDoS attacks over 100 gigabits per second surged by up to 645% quarter-on-quarter.
- Microsoft Patches ‘Follina’ Zero-Day Flaw in Monthly Security Update: Microsoft has issued a patch for the recently disclosed and widely exploited “Follina” zero-day vulnerability in the Microsoft Support Diagnostic Tool as part of its scheduled security update for June. It’s a good idea for organizations to keep Microsoft’s recommended mitigations for the flaw in place even after they install the MSDT update. Applying the patch will protect users but the patch only fixed the code injection vulnerability in msdt.exe. The diagnostic tool itself will still launch if a user opens an affected document. For more information on this vulnerability, check out nGuard’s last Security Advisory: Microsoft Zero-Day with No Patch! This vulnerability will be commonly exploited via phishing attempts. Social Engineering simulations and Social Engineering Awareness Training can assist your organizations employees in identifying these types of attacks.
- Kaiser Permanente data breach exposes health data of 69K people: Kaiser Permanente, one of America’s leading not-for-profit health plans and health care providers, has recently disclosed a data breach that exposed the health information of more than 69,000 individuals. The company revealed in a notice published on its website that an attacker accessed an employee’s email account containing patients’ protected health information on April 5, 2022, without authorization. Sensitive info exposed in the attack includes:
- The patients’ first and last names
- Medical record numbers
- Dates of service
- Laboratory test result information
- Design Weakness Discovered in Apple M1 Kernel Protections: Security researchers released details about a new attack they designed against Apple’s M1 processor chip that can undermine a key security feature that protects the operating system kernel from memory corruption attacks. The work offers a tangible example of how the one-two punch of hardware vulnerabilities and low-level software flaws can provide ample opportunities for attackers to run rampant in the kernel.
- US military hackers conducting offensive operations in support of Ukraine, says head of Cyber Command: General Nakasone, the head of US Cyber Command, confirmed for the first time that the US was conducting offensive hacking operations in support of Ukraine in response to the Russian invasion. Speaking in Tallinn, Estonia, the general, who is also director of the National Security Agency, told Sky News that he is concerned “Every single day” about the risk of a Russian cyber attack targeting the US and said that the hunt forward activities were an effective way of protecting both America as well as allies.