Issue: TP-Link, a popular low-cost router has recently announced a large vulnerability that is already being exploited that allowed remote access AND control of the environment where it is installed. This is across multiple TP-Link devices.
Resolution: TP-Link has released and updated so anybody with an TP-Link device should apply the software and firmware update immediately.
More so, TP-Link is not an enterprise-level solution so any professional in financial services should be looking for a commercial solutions and not a low-cost retail solution.
Risk 2: Low
Issue: Microsoft has announced that their most recent update triggers a minor security issue for non-administrative users. They may experience issues when installing applications locally.
Resolution: Microsoft is working on a full solution. Impacted users may need to seek out an administrator temporarily for installing applications until the patch is available.
Risk 3: High
Issue: Google has announced a large update to its Android platform. This update is device independent and includes 84 updates. This is one of the largest security updates we have seen in a while. Two of these updates are critical.
Resolution: Given that this updates impacts a large number of devices, if you have an Android device, it is suggested you check for updates under device settings and apply immediately.
Risk 4: High
Issue: WhatsApp recently announced a large zero-day vulnerability (publicly known and already being exploited). This allows for remote access to data as well as the potential to intercept calls or piggyback onto calls.
Resolution: An update has been released. Usage of WhatsApp should halt immediately until the update is applied. The update should be available through your operating system’s app store.
Announced Data Breaches
Bridgestone
Workiva
Evertec
Cloudflare
Jaguar / Land Rover
Pennsylvania Office of the Attorney General
Palo Alto Networks
MATLab
TransUnion
Upcoming Live CE
Brad will be leading a webinar for NAEA’s Practice Education series on Thursday October 2 at 3pm. The webinar will be about Cybersecurity and the essential components of a WISP (Written Information Security Plan).
Brad will be presenting to the New Jersey Chapter of NATP on October 21 the topic AI, specifically in Simplifying Tax Topics for Clients and Making Tax Research for Efficient.
Financial Guardians is a proud member of InCite, the recently launched online community exclusively for tax professionals, bookkeepers, and accountants. InCite members receive a 30% discount.
Financial Guardians has partnered with the California Society of Tax Consultants to provide a 30% access discount as well as many other offers. More info can be found at www.cstcsociety.org
