CSTI
    industryThe Commercial Era (2010-2019) Daily Briefing Landmark Event

    Cybersecurity Briefing: Critical Vulnerabilities and Major Breaches on June 12, 2018

    Tuesday, June 12, 2018

    Today, cybersecurity professionals face several pressing issues as June 12, 2018, unfolds.

    This morning, Adobe has released a crucial update to address a zero-day vulnerability in Flash Player, designated as CVE-2018-5002. This vulnerability is actively exploited, allowing attackers to execute arbitrary code on affected systems. The ongoing concerns surrounding Flash's security architecture highlight the need for organizations to reassess their reliance on this outdated technology, particularly as it remains prevalent in various online applications.

    In addition to Adobe's update, the cybersecurity landscape is further complicated by the revelation of a significant data breach at British Airways. The breach has exposed personal and payment information of approximately 429,612 customers. Investigators have traced the vulnerabilities to the airline's payment processing system, which was inadequately secured. This incident serves as a stark reminder of the vulnerabilities within the travel industry and the importance of robust security measures to protect customer data.

    Overnight, the Office for Civil Rights at the U.S. Department of Health and Human Services announced the settlement of its first phishing-related cyberattack investigation. This case underscores the critical need for improved employee education and email security protocols within healthcare organizations. With phishing attacks on the rise, organizations must prioritize user training to mitigate risks associated with social engineering attacks.

    Moreover, the recent enforcement of the General Data Protection Regulation (GDPR) continues to shape the cybersecurity landscape. Since its implementation in May 2018, organizations are now mandated to enhance their data protection practices and ensure transparency in their security policies. This regulatory framework emphasizes the need for companies to act swiftly in reporting data breaches, as non-compliance can result in significant penalties.

    In summary, June 12, 2018, serves as a critical reminder of the ongoing challenges within the cybersecurity space. The simultaneous occurrence of significant vulnerabilities and major data breaches underscores the necessity for organizations to adopt comprehensive cybersecurity strategies. As the landscape evolves, the importance of proactive measures in protecting sensitive information cannot be overstated.

    Sources

    Adobe British Airways GDPR phishing cybersecurity