Two recently discovered vulnerabilities in computers and mobile devices made within the last two decades could allow advisers’ passwords and other sensitive data to be stolen, cyber security firm Kamino has warned.
The weaknesses, called Spectre and Meltdown, allow hackers to use “rogue applications” to read confidential information that is stored in the memory of other applications, Kamino (a subsidiary of Midwinter) said in a statement.
“The vulnerabilities, when exploited, could lead to exposure of sensitive information such as passwords and confidential data on the affected computers,” the statement said.
“Financial planning and accounting industries will be highly vulnerable to this attack.”
The Meltdown vulnerability is the easier of the two to exploit, the statement said, but this affects only Intel computer processors and patches to protect against the vulnerability are available.
Spectre affects all computers, and patches to guard against attacks are still being developed, the statement said, however it is much harder for hackers to exploit than Meltdown.
Kamino cautioned that while these vulnerabilities do not present an “immediate danger”, advisers should make use of available patches for their computer systems as soon as possible, and that those using cloud-based shared infrastructure will need to confirm with their cloud provider that those same patches have been applied as necessary.
SUBSCRIBE TO THE IFA DAILY BULLETIN
- 17 Dec 2018AMP challenged by ASIC on fees for service conductBy Eliot Hastie
- 17 Dec 2018FASEA names provider for adviser examBy Adrian Flores
- 17 Dec 2018Former Liberal leader to join Crescent boardBy Adrian Flores
- 14 Dec 2018ASIC clarifies RG 146 requirements for advisersBy Adrian Flores
- 14 Dec 2018Sargon Capital acquires listed robo adviserBy James Mitchell
- 14 Dec 2018Industry body flags CPD burden under FASEA proposalBy Adrian Flores
- view all