Description Researchers at ETH Zurich have recently uncovered a significant security vulnerability affecting modern Intel processors. They say the vulnerability impacts all modern Intel CPUs and causes them to leak sensitive data from memory. The vulnerability, known as Branch Privilege Injection (CVE-2024-45332), exploits branch predictor race conditions to potentially breach security boundaries between different privilege levels. As recent research by computer scientists from the Computer Security Group (COMSEC) at ETH Zurich shows, the vulnerability can be exploited to misuse the prediction calculations of the CPU (central processing unit) in order to gain unauthorized access to information from other processor users.

For the first time ever, official reports from the UK National Health Service (NHS) have formally identified two 2024 cyber incidents where malicious attacks directly compromised clinical operations, marking a watershed moment in healthcare cybersecurity. These attacks have exposed the growing vulnerability of healthcare systems and their direct impact on patient care. The Unprecedented Impact The UK government’s data, recorded under Network and Information Systems (NIS) Regulations, revealed two severe cyber incidents that reached the threshold of potentially causing clinical harm to more than 50 patients. These two representative incidents will be analyzed in detail below. •The first incident involved Synnovis, a pathology services provider, whose systems were compromised by ransomware. The attack severely disrupted services across multiple London NHS hospitals, leading to: – Widespread cancellation of scheduled surgeries – Disruption of critical pathology services – Delays in urgent medical treatments – Limited access to patient records – Sensitive medical data leaked online •The second incident targeted Wirral University Teaching Hospital NHS Foundation Trust, causing: – Interrupted cancer treatment schedules – Forced regression to manual documentation systems – Created cross-departmental communication failures Dr. Rosie Benneyworth, CEO of the Health Services Safety Investigations Body (HSSIB), stated: “As expert independent investigators, we understand the impact of emerging risks, and we can see that there is potential with a cyber attack to make patient safety incidents more likely.” Operational Challenges Revealed The attacks revealed several critical vulnerabilities: Response and Recovery NHS authorities have implemented immediate countermeasures in response to these incidents: Regulatory Evolution The British government has announced plans to introduce the new Cyber Security and Resilience Bill later. This legislation aims to: Conclusion These incidents have fundamentally changed how the NHS approaches cybersecurity. As Dr. Benneyworth notes, “It’s not just about protecting systems – it’s about protecting people who may be seriously…