Search by News & Events
Home > 
Search by News & Events
< back
Filter by
2022-9-23
Event
Build a Secure Cyberspace 2022 - “Fact Check After Receiving, Think Twice Before Sharing” Webinar
Organised by Office of the Government Chief Information Officer (OGCIO) / Hong Kong Police Force / Hong Kong Computer Emergency Response Team Coordination Centre
2022-9-17 to
2022-9-18
Event
Cyber ​​Security Expo 2022
Organised by Hong Kong Police Force
2022-9-6 to
2022-9-7
Event
Information Security Summit 2022
Organised by Hong Kong Productivity Council / Cloud Security Alliance Hong Kong & Macau Chapter / Hong Kong Computer Emergency Response Team Coordination Centre / Hong Kong Computer Society / Hong Kong Information Technology Federation / High Technology Crime Investigation Association / Information Systems Audit and Control Association, China Hong Kong Chapter / (ISC)² / Information Security and Forensics Society / Professional Information Security Association
2022-8-11
Security Alert and Advisory
Fraudulent website and phishing email related to Industrial and Commercial Bank of China Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Industrial and Commercial Bank of China Limited relating to a fraudulent website and phishing email, which has been reported to the HKMA.
2022-8-11
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-08-09): Multiple Vulnerabilities in Cisco Products
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
2022-8-11
Event
CSA HKM Knowledge Sharing Event – August 2022
Organised by Cloud Security Alliance Hong Kong & Macau Chapter
2022-8-10
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-08-08): Multiple Vulnerabilities in Adobe Reader/Acrobat
Security updates are released for Adobe Reader and Acrobat to address multiple vulnerabilities.
2022-8-10
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-08-07): Multiple Vulnerabilities in VMware Products
VMware has published a security advisory to address multiple vulnerabilities in VMware products.
2022-8-10
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-08-06): Multiple Vulnerabilities in Microsoft Products (August 2022)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
2022-8-8
Security Related News
Transcript of remarks by the Chief Executive at Anti-epidemic Command and Coordination Group press conference (with photo/videos)
The Chief Executive, Mr John Lee, held a press conference of the Anti-epidemic Command and Coordination Group this morning (August 8). Also joining were the Secretary for Health, Professor Lo Chung-mau; the Secretary for Innovation, Technology and Industry, Professor Sun Dong; the Deputy Secretary for Health (Special Duties), Mr Vincent Fung; and the Deputy Government Chief Information Officer, Mr Tony Wong.
2022-8-8
Security Related News
HKCERT - HKCERT Publishes Incident Response Guideline for SMEs to Enhance Information Security Incident Handling Competence
(Hong Kong, 8 August 2022) Security incident reports received by the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) under the Hong Kong Productivity Council (HKPC) have remained high in recent years, i.e. an annual average of around 8,900 incidents in the past four years and with 4,084 incidents in the first half of this year.
2022-8-8
Security Related News
Privacy Commissioner’s Office Broadcasts TV Video and Radio Announcement on Doxxing Offences
To remind members of the public to think twice before reposting any doxxing messages on the internet or social media platforms, the Office of the Privacy Commissioner for Personal Data (PCPD) has produced a TV video and radio announcement for broadcast on various TV and radio stations.
2022-8-8
Security Related News
GovCERT.HK - Weekly IT Security News Bulletin (1 Aug 2022 – 7 Aug 2022)
- New Linux botnet brute forcing SSH servers
- URL parsing vulnerability affects Golang-based applications
2022-8-8
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-08-05): Multiple Vulnerabilities in Microsoft Edge (Chromium-based)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge (Chromium-based).
2022-8-5
Phishing Attack
Phishing Attack - Unauthorised mobile application related to Chong Hing Bank Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to an unauthorised mobile application (App), which has been reported to the HKMA.
2022-8-4
Phishing Attack
Phishing Attack - Unauthorised mobile application related to Chong Hing Bank Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to an unauthorised mobile application (App), which has been reported to the HKMA.
2022-8-4
Security Related News
GovCERT.HK - Weekly IT Security News Bulletin (25 Jul 2022 – 31 Jul 2022)
- Be aware of malicious Internet Information Services (IIS) extensions
- Attackers pivot around Microsoft’s announcements to block macros by default
2022-8-4
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-08-04): Multiple Vulnerabilities in Cisco Products
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
2022-8-3
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-08-03): Multiple Vulnerabilities in Google Chrome
Google released a security update to address multiple vulnerabilities in Google Chrome.
2022-8-3
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-08-02): Multiple Vulnerabilities in VMware Products
VMware has published a security advisory to address multiple vulnerabilities in VMware products.
2022-8-3
Security Related News
HKCERT - Email Account Theft to Bypass MFA Protection
Microsoft researchers recently discovered a large-scale phishing campaign that steals users' email accounts even they have multi-factor authentication (MFA) enabled.
2022-8-2
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-08-01): Multiple Vulnerabilities in Android
Google has released Android Security Bulletin August 2022 to fix multiple security vulnerabilities in Android operating system.
2022-8-2
Phishing Attack
Phishing Attack - Fraudulent mobile applications related to Bank of Singapore Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited relating to fraudulent mobile application (App), which has been reported to the HKMA.
2022-7-29
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-07-18): Multiple Vulnerabilities in Samba
Samba released security updates to address multiple vulnerabilities in Samba.
2022-7-29
Security Related News
HKCERT - Incident Response Guideline for SMEs
Cyber attacks evolve rapidly as the costs and efforts required for hackers to launch attacks are decreasing due to the development of automation and computing powers.
2022-7-28
Security Related News
OGCIO statement on security concerns over “LeaveHomeSafe” mobile app
In response to a report conducted by an overseas cyber security company claiming that the "LeaveHomeSafe" mobile app has security flaws, the Office of the Government Chief Information Officer (OGCIO) today (July 28) made the following solemn statement on the inaccurate report and unfair allegation.
2022-7-27
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-07-17): Multiple Vulnerabilities in Firefox
Mozilla has published the advisories (MFSA2022-28, MFSA2022-29 and MFSA2022-30) to address multiple vulnerabilities in Firefox browser.
2022-7-26
Phishing Attack
Phishing Attack - Fraudulent website related to Union Bancaire Privée, UBP SA
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Union Bancaire Privée, UBP SA relating to a fraudulent website, which has been reported to the HKMA.
2022-7-26
Phishing Attack
Phishing Attack - Fraudulent website and phishing email related to DBS Bank (Hong Kong) Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to a fraudulent website and phishing email, which has been reported to the HKMA.
2022-7-26
Phishing Attack
Phishing Attack - Fraudulent websites and phishing instant message related to Hang Seng Bank, Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited relating to fraudulent websites and a phishing instant message, which has been reported to the HKMA.
2022-7-26
Security Related News
Privacy Commissioner’s Office Made an Arrest For a Suspected Doxxing Offence
The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese female aged 35 in New Territories East. 
2022-7-26
Security Related News
GovCERT.HK - Weekly IT Security News Bulletin (18 Jul 2022 – 24 Jul 2022)
- The proliferation of ransomware targeting VMware ESXi servers
- Password recovery tool for spreading Sality malware
2022-7-25
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-07-16): Vulnerability in SonicWall Products
SonicWall has released a security advisory to address an unauthenticated SQL injection vulnerability in SonicWall Analytics and GMS products.
2022-7-25
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-07-15): Multiple Vulnerabilities in Microsoft Edge (Chromium-based)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge (Chromium-based).
2022-7-22
Phishing Attack
Phishing Attack - Fraudulent website, phishing email and phishing instant message related to The Hongkong and Shanghai Banking Corporation Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to a fraudulent website, phishing email and phishing instant message, which has been reported to the HKMA.
2022-7-21
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-07-14): Multiple Vulnerabilities in Drupal
Drupal has released a security advisory to address multiple vulnerabilities in the Drupal products.
2022-7-21
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-07-13): Multiple Vulnerabilities in Apple iOS and iPadOS
Apple has released iOS 15.6 and iPadOS 15.6 to fix the vulnerabilities in various Apple devices.
2022-7-21
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-07-12): Multiple Vulnerabilities in Cisco Products
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
2022-7-20
Security Related News
HKCERT - HKCERT and Cybersec Infohub Fully Support Open Threat Intelligence Campaign
To help organisations enhance their cyber security defence capabilities, the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) collaborates with Cybersec Infohub to launch the Open Threat Intelligence Campaign.
2022-7-20
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-07-11): Multiple Vulnerabilities in Google Chrome
Google released a security update to address multiple vulnerabilities in Google Chrome.
2022-7-20
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-07-10): Multiple Vulnerabilities in Oracle Java and Oracle Products (July 2022)
Oracle has released the Critical Patch Update (CPU) Advisory with collections of patches for multiple security vulnerabilities found in Java SE and various Oracle products.
2022-7-20
Security Related News
2022-7-19
Phishing Attack
Phishing Attack - Fraudulent website related to Mox Bank Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Mox Bank Limited relating to a fraudulent website, which has been reported to the HKMA.
2022-7-18
Security Related News
GovCERT.HK - Weekly IT Security News Bulletin (11 Jul 2022 – 17 Jul 2022)
- Be aware of HTTPS distributed denial-of-service (DDoS) attack
- Large-scale phishing attacks affecting thousands of organisations
2022-7-15
Security Related News
Reaching Out to Schools – PCPD Organised the “Learning and Teaching Privacy on Social Media” Online Forum
The PCPD and the Hong Kong Association for Computer Education (HKACE) jointly organised the “Learning and Teaching Privacy on Social Media” Online Forum on 15 July 2022, which attracted over 300 participants from the education sector.
2022-7-14
Security Related News
SITI visits Innovation and Technology Commission and meets with HKIRC (with photos)
The Secretary for Innovation, Technology and Industry, Professor Sun Dong, visited the Innovation and Technology Commission (ITC) today (July 14) to learn more about the ITC's work to support the development of Hong Kong as an international innovation and technology (I&T) hub .
2022-7-14
Security Related News
SITI speaks on "LeaveHomeSafe" mobile app
Following is the transcript of remarks by the Secretary for Innovation, Technology and Industry, Professor Sun Dong, at a media session after attending the official release of the Life Sciences Stories in Hong Kong today (July 14)
2022-7-13
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-07-09): Multiple Vulnerabilities in VMware Products
VMware has published a security advisory to address multiple vulnerabilities in VMware products.
2022-7-13
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-07-08): Multiple Vulnerabilities in Adobe Reader/Acrobat
Security updates are released for Adobe Reader and Acrobat to address multiple vulnerabilities.
2022-7-13
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-07-07): Multiple Vulnerabilities in Microsoft Products (July 2022)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
2022-7-11
Security Related News
GovCERT.HK - Weekly IT Security News Bulletin (4 Jul 2022 – 10 Jul 2022)
- New backdoor delivered through known Windows vulnerability
- HTML files remaining to be the most popular attachments in phishing attacks
2022-7-8
Security Related News
SITI visits Hong Kong Productivity Council (with photos)
The Secretary for Innovation, Technology and Industry, Professor Sun Dong, visited the Hong Kong Productivity Council (HKPC) today (July 8) to keep abreast of its latest trends.
2022-7-7
Event
8th Total Security Conference Hong Kong 2022
Organised by Questex Asia Ltd.
2022-7-7
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-07-06): Multiple Vulnerabilities in OpenSSL
OpenSSL has released 1.1.1q and 3.0.5 to fix the vulnerabilities in various versions of OpenSSL.
2022-7-7
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-07-05): Multiple Vulnerabilities in Android
Google has released Android Security Bulletin July 2022 to fix multiple security vulnerabilities in Android operating system.
2022-7-7
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-07-04): Multiple Vulnerabilities in Cisco Products
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
2022-7-7
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-07-03): Multiple Vulnerabilities in Microsoft Edge (Chromium-based)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge (Chromium-based).
2022-7-6
Phishing Attack
Phishing Attack - Fraudulent website related to United Overseas Bank Ltd.
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by United Overseas Bank Ltd. relating to a fraudulent website, which has been reported to the HKMA.
2022-7-6
Security Related News
LCQ8: Management of data of public and private organisations
Following is a question by the Hon Duncan Chiu and a written reply by the Secretary for Innovation, Technology and Industry, Professor Sun Dong, in the Legislative Council today (July 6)
2022-7-5
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-07-02): Multiple Vulnerabilities in Google Chrome
Google released a security update to address multiple vulnerabilities in Google Chrome.
2022-7-5
Security Related News
GovCERT.HK - Weekly IT Security News Bulletin (27 Jun 2022 – 3 Jul 2022)
- ZuoRAT malware hijacking home-office routers to spy networks
- Information stealers targeting systems via fake software cracks
2022-7-4
Phishing Attack
Phishing Attack - Fraudulent emails purportedly issued by Inland Revenue Department
The Inland Revenue Department today (July 4) alerted members of the public to fraudulent emails purportedly issued by the department, which invite recipients to claim tax refunds.
2022-7-4
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-07-01): Vulnerability in Microsoft Edge (Chromium-based)
Microsoft released a security update to address a vulnerability in Microsoft Edge (Chromium-based).
2022-6-29
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-06-13): Multiple Vulnerabilities in Firefox
Mozilla has published the advisories (MFSA2022-24 and MFSA2022-25) to address multiple vulnerabilities in Firefox browser.
2022-6-28
Security Related News
GovCERT.HK - Weekly IT Security News Bulletin (20 Jun 2022 – 26 Jun 2022)
- Python packages caught stealing sensitive information
- Beware of Windows shortcut files
2022-6-27
Security Related News
HKCERT - Security Blog: An Analysis of Microsoft Support Diagnostic Tool Vulnerability-Led QBot Phishing Email Attack
HKCERT earlier issued a security bulletin (CVE-2022-30190) about the vulnerability of Microsoft Support Diagnostic Tool (MSDT).
2022-6-27
Phishing Attack
Phishing Attack - Department of Justice alerts public to fraudulent email
The Department of Justice today (June 27) appealed to members of the public to stay alert to a fraudulent email claimed to have been sent by "Ms Teresa Cheng, GBM, GBS, SC, JP, Secretary for Justice" under the email account "joy4life711@gmail[.]com".
2022-6-24
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-06-12): Multiple Vulnerabilities in Microsoft Edge (Chromium-based)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge (Chromium-based).
2022-6-24
Phishing Attack
Phishing Attack - Fraudulent website and phishing email related to Far Eastern International Bank
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Far Eastern International Bank relating to a fraudulent website and phishing email, which has been reported to the HKMA.
2022-6-23
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-06-11): Multiple Vulnerabilities in Cisco Products
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
2022-6-22
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-06-10): Multiple Vulnerabilities in Google Chrome
Google released a security update to address multiple vulnerabilities in Google Chrome.
2022-6-22
Security Related News
LCQ5: Strengthening online safety for children and teenagers
Following is a question by the Hon So Cheung-wing and a reply by the Secretary for Security, Mr Tang Ping-keung, in the Legislative Council today (June 22)
2022-6-20
Security Related News
GovCERT.HK - Weekly IT Security News Bulletin (13 Jun 2022 – 19 Jun 2022)
- BlackCat ransomware operators targeting Microsoft Exchange servers
- New Android banking Trojan disguising as a cryptocurrency miner
2022-6-20
Phishing Attack
Phishing Attack - Fraudulent website related to China CITIC Bank International Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited relating to a fraudulent website, which has been reported to the HKMA.
2022-6-20
Phishing Attack
Phishing Attack - Fraudulent websites related to Bank of Singapore Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited relating to fraudulent websites, which has been reported to the HKMA.
2022-6-17
Security Related News
Project Sela: Research with Bank of Israel on cybersecurity issues in context of retail CBDC
The Hong Kong Monetary Authority (HKMA), together with the Bank of Israel (BOI) and the Bank for International Settlements Innovation Hub (BISIH) Hong Kong Centre, today (June 17) announced a joint research on retail central bank digital currency (CBDC).
2022-6-16
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-06-09): Multiple Vulnerabilities in Cisco Products
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
2022-6-15
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-06-08): Multiple Vulnerabilities in Microsoft Products (June 2022)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
2022-6-15
Phishing Attack
Phishing Attack - Fraudulent website and phishing emails related to China Development Bank
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Development Bank relating to a fraudulent website and phishing emails, which has been reported to the HKMA.
2022-6-15
Security Related News
LCQ17: Combating deception offences
Following is a question by the Hon Cheung Kwok-kwan and a written reply by the Secretary for Security, Mr Tang Ping-keung, in the Legislative Council today (June 15)
2022-6-14
Security Related News
HKCERT - Security Blog: Malicious Information Gathering - Now I See You
The rapid development of information and communication technology, coupled with the COVID-19 pandemic, has led to an increasing demand for Internet usage.
2022-6-14
Security Related News
Public rental housing applicants warned of scam calls
A spokesman for the Hong Kong Housing Authority (HA) today (June 14) reminded public rental housing (PRH) applicants that all PRH applications will be processed strictly in accordance with the HA's publicly stated policies and mechanism.
2022-6-13
Phishing Attack
Phishing Attack - Fraudulent website and phishing email related to Far Eastern International Bank
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Far Eastern International Bank relating to a fraudulent website and phishing email, which has been reported to the HKMA.
2022-6-13
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-06-07): Multiple Vulnerabilities in Drupal
Drupal has released a security advisory to address multiple vulnerabilities in the Drupal products.
2022-6-13
Security Related News
GovCERT.HK - Weekly IT Security News Bulletin (6 Jun 2022 – 12 Jun 2022)
- Be aware of QR code phishing attacks
- Malware loaded using Word document properties
2022-6-11
Phishing Attack
Phishing Attack - FSO alerts public to deceptive advertisements purported to be interviews with FS
The Financial Secretary's Office (FSO) today (June 11) appealed to members of the public for heightened vigilance against deceptive advertisements circulating online, purported to be interviews with the Financial Secretary (FS).
2022-6-10
Phishing Attack
Phishing Attack - Fraudulent websites related to China CITIC Bank International Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited relating to fraudulent websites, which has been reported to the HKMA.
2022-6-10
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-06-06): Vulnerability in Microsoft Edge (Chromium-based)
Microsoft released a security update to address a vulnerability in Microsoft Edge (Chromium-based).
2022-6-10
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-06-05): Multiple Vulnerabilities in Google Chrome
Google released a security update to address multiple vulnerabilities in Google Chrome.
2022-6-9
Event
CSA HKM Knowledge Sharing Event – June 2022
Organised by Cloud Security Alliance Hong Kong & Macau Chapter
2022-6-9
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-06-04): Multiple Vulnerabilities in Apache HTTP Server
The Apache Software Foundation released a security update to address multiple vulnerabilities in the HTTP Server and its modules.
2022-6-8
Security Related News
LCQ5: "iAM Smart" platform
Following is a question by the Hon Chan Chun-ying and a reply by the Secretary for Innovation and Technology, Mr Alfred Sit, in the Legislative Council today (June 8)
2022-6-7
Security Related News
HKCERT - Security Blog: Information Security Utopia Starts with Zero Trust Architecture
For a long time, as commonly perceived, stable and secure relationship between people and nations is built on the important cornerstone of “trust”. However, in recent years, those in the cyber security sector have suggested the contrary that only "Zero Trust" can ensure everyone’s security.
2022-6-7
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-06-03): Multiple Vulnerabilities in Android
Google has released Android Security Bulletin June 2022 to fix multiple security vulnerabilities in Android operating system.
2022-6-6
Phishing Attack
Phishing Attack - Fraudulent email purportedly issued by Inland Revenue Department
The Inland Revenue Department today (June 6) alerted members of the public to a fraudulent email purportedly issued by the department with the subject of "Your Annual Tax Refund Is Ready".
2022-6-6
Security Related News
GovCERT.HK - Weekly IT Security News Bulletin (30 May 2022 – 5 Jun 2022)
- A new zero-day vulnerability in Microsoft Products used in cyber attacks
- Android banking trojan targeting over 400 applications
2022-6-2
Phishing Attack
Phishing Attack - Fraudulent websites related to United Overseas Bank Ltd
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by United Overseas Bank Ltd relating to fraudulent websites, which has been reported to the HKMA.
2022-6-1
Phishing Attack
Phishing Attack - Fraudulent website related to Public Bank (Hong Kong) Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Public Bank (Hong Kong) Limited relating to a fraudulent website, which has been reported to the HKMA.
2022-6-1
Security Related News
LCQ11: "LeaveHomeSafe" mobile application
Following is a question by Dr the Hon Tik Chi-yuen and a written reply by the Secretary for Innovation and Technology, Mr Alfred Sit, in the Legislative Council today (June 1)
2022-6-1
Security Related News
LCQ10: Promoting development of metaverse in Hong Kong
Following is a question by the Hon Chan Kin-por and a written reply by the Secretary for Innovation and Technology, Mr Alfred Sit, in the Legislative Council today (June 1)
2022-6-1
Security Related News
LCQ8: Protecting children and youths from online harms
Following is a question by the Hon Yung Hoi-yan and a written reply by the Secretary for Security, Mr Tang Ping-keung, in the Legislative Council today (June 1)
2022-6-1
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-06-02): Multiple Vulnerabilities in Firefox
Mozilla has published the advisories (MFSA2022-20 and MFSA2022-21) to address multiple vulnerabilities in Firefox browser.
2022-6-1
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-06-01): Multiple Vulnerabilities in Microsoft Edge (Chromium-based)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge (Chromium-based).
2022-5-31
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-05-17): Vulnerability in Microsoft Windows
Microsoft has released an out-of-band security advisory to address the vulnerability in Microsoft Diagnostic Tool (MSDT) being called via the URL protocol from a calling application such as Word.
2022-5-30
Security Related News
GovCERT.HK - Weekly IT Security News Bulletin (23 May 2022 – 29 May 2022)
- Browser-hijacking malware targeting Windows and macOS users
- Warn of fake Windows 11 downloads to distribute info-stealer
2022-5-27
Phishing Attack
Phishing Attack - Fraudulent website related to Bank of China (Hong Kong) Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to a fraudulent website, which has been reported to the HKMA.
2022-5-26
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-05-16): Vulnerability in Drupal
Drupal has released a security advisory to address a vulnerability in the Drupal products.
2022-5-25
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-05-15): Multiple Vulnerabilities in Google Chrome
Google released a security update to address multiple vulnerabilities in Google Chrome.
2022-5-25
Security Related News
Response to media enquiry on an online social media platform
PCPD responded to media enquiry on an online social media platform.
2022-5-25
Security Related News
LCQ5: Promoting development of innovation and technology
Following is a question by the Hon Tang Fei and a reply by the Secretary for Innovation and Technology, Mr Alfred Sit, in the Legislative Council today (May 25):
2022-5-25
Security Related News
LCQ1: Strengthening information security
Following is a question by Dr the Hon Johnny Ng and a reply by the Secretary for Innovation and Technology, Mr Alfred Sit, in the Legislative Council today (May 25):
2022-5-23
Security Related News
GovCERT.HK - Weekly IT Security News Bulletin (16 May 2022 – 22 May 2022)
- Be aware of multi-platform ransomware attacks
- Phishing campaigns using chatbot to steal sensitive information
2022-5-23
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-05-14): Multiple Vulnerabilities in Firefox
Mozilla has published the advisory (MFSA2022-19) to address multiple vulnerabilities in Firefox browser.
2022-5-23
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-05-13): Vulnerability in Cisco Products
Cisco released security advisory to address the vulnerability in Cisco devices and software.
2022-5-20
Event
Build a Secure Cyberspace 2022 – “Cyber Security in Simple Ways” Webinar
Organised by Office of the Government Chief Information Officer (OGCIO) / Hong Kong Police Force / Hong Kong Computer Emergency Response Team Coordination Centre
2022-5-20
Security Related News
"LeaveHomeSafe" hotline to commence operation tomorrow
The Office of the Government Chief Information Officer (OGCIO) today (May 22) announced that the "LeaveHomeSafe" telephone hotline (2626 3066) will commence operation tomorrow (May 23) to handle public enquiries on installation or use of the "LeaveHomeSafe" mobile app in areas such as the functionality and updates of the app and storing and display of the Vaccine Pass.
2022-5-19
Event
CSA HKM Knowledge Sharing Event – May 2022
Organised by Cloud Security Alliance Hong Kong & Macau Chapter
2022-5-19
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-05-12): Vulnerability in ISC BIND
ISC has released a security update to fix the vulnerability in BIND.
2022-5-19
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-05-11): Multiple Vulnerabilities in Cisco Products
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
2022-5-19
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-05-10): Multiple Vulnerabilities in VMware Products
VMware has published a security advisory to address multiple vulnerabilities in VMware products.
2022-5-17
Security Related News
Response to media enquiry on PCPD's enforcement action on doxxing
PCPD responded to media enquiry on enforcement action on doxxing
2022-5-17
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-05-09): Vulnerability in Apache Tomcat
Apache Software Foundation has released a security advisory to address a vulnerability in the Apache Tomcat.
2022-5-17
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-05-08): Multiple Vulnerabilities in Apple iOS and iPadOS
Apple has released iOS 15.5 and iPadOS 15.5 to fix the vulnerabilities in various Apple devices.
2022-5-16
Security Related News
GovCERT.HK - Weekly IT Security News Bulletin (9 May 2022 – 15 May 2022)
- WordPress websites being redirected to other websites
- Trends in attacks on Windows Print Spooler vulnerabilities
2022-5-16
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-05-07): Multiple Vulnerabilities in Microsoft Edge (Chromium-based)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge (Chromium-based).
2022-5-12
Security Related News
PCPD Issues Guidance on Recommended Model Contractual Clauses for Cross-border Transfers of Personal Data
The Office of the Privacy Commissioner for Personal Data (PCPD) today (12 May) issued the “Guidance on Recommended Model Contractual Clauses for Cross-border Transfer of Personal Data” (Guidance) and provided two sets of Recommended Model Contractual Clauses (RMCs) to cater for two different scenarios in cross-border data transfers, namely (i) from one data user to another data user; and (ii) from one data user to a data processor.
2022-5-11
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-05-06): Multiple Vulnerabilities in Google Chrome
Google released a security update to address multiple vulnerabilities in Google Chrome.
2022-5-11
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-05-05): Multiple Vulnerabilities in Microsoft Products (May 2022)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
2022-5-11
Security Related News
GovCERT.HK - Weekly IT Security News Bulletin (2 May 2022 – 8 May 2022)
- Emotet is testing a new attack chain
- Be aware of browser-based malware
2022-5-11
Phishing Attack
Phishing Attack - Phishing email related to The Hongkong and Shanghai Banking Corporation Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to a phishing email, which has been reported to the HKMA.
2022-5-11
Security Related News
LCQ1: Combating false information
Following is a question by the Hon Michael Tien and a reply by the Secretary for Security, Mr Tang Ping-keung, in the Legislative Council today (May 11)…
2022-5-11
Security Related News
"LeaveHomeSafe" version 3.2.5 launched for Google and Huawei devices to rectify technical error
A spokesman for the Office of the Government Chief Information Officer (OGCIO) said today (May 11) that, owing to a technical error caused by the service contractor during the update of the "LeaveHomeSafe" mobile app version 3.2.4 released at around 4pm yesterday (May 10), the Vaccine Pass QR codes of some Google and Huawei users were deleted after updating the app.
2022-5-10
Phishing Attack
Phishing Attack - Judiciary alerts public to phishing email
The Judiciary today (May 10) called on the public to stay vigilant to a phishing email sent from the email account "HONG KONG JUDlClARY ". The email falsely claims that it was issued by order of the Hong Kong Judiciary and the Chief Judge of the High Court, and is suspected of containing a malicious link.
2022-5-10
Phishing Attack
Phishing Attack - Department of Justice alerts public to fraudulent email
The Department of Justice today (May 10) reminded the public of a fraudulent email purporting to be sent from the Law Reform Commission with an email account "tommy[.]lee@doj[.]gov[.]hk". The email, containing a suspected link to a malicious file, falsely claims to be issued by order of the Secretary for Justice.
2022-5-9
Phishing Attack
Phishing Attack - Department of Justice alerts public to fraudulent email
The Department of Justice (DoJ) today (May 9) called on the public to stay vigilant to a fraudulent email reportedly to be sent from the Law Reform Commission with an email account "tommy[.]lee@doj[.]gov[.]hk".
2022-5-5
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-05-04): Vulnerability in F5 BIG-IP
F5 has published a security advisory to address a vulnerability in F5 devices.
2022-5-5
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-05-03): Multiple Vulnerabilities in Cisco Products
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
2022-5-4
Security Related News
"LeaveHomeSafe" new version 3.2.3 available for update
A spokesman for the Office of the Government Chief Information Officer (OGCIO) said today (May 4) that the new version 3.2.3 of the "LeaveHomeSafe" mobile app is now available for update to fix the intermittent problem with the display of the Vaccine Pass QR code in the mobile phones of some users. Members of the public can now update the app in different app stores.
2022-5-4
Security Related News
LCQ4: Demand for and supply of technology talents
Following is a question by the Hon Duncan Chiu and a written reply by the Secretary for Innovation and Technology, Mr Alfred Sit, in the Legislative Council today (May 4):
2022-5-4
Phishing Attack
Phishing Attack - Judiciary alerts public to phishing email
The Judiciary today (May 4) called on the public to stay vigilant to a phishing email sent from the email account "香港司法機構judiciaryofhongkong01@gmail[.]com". The email falsely claims that it was sent by the Judiciary of the Hong Kong Special Administrative Region. The Judiciary has reported the case to the Police.
2022-5-4
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-05-02): Multiple Vulnerabilities in Firefox
Mozilla has published the advisories (MFSA2022-16 and MFSA2022-17) to address multiple vulnerabilities in Firefox browser.
2022-5-3
Security Related News
OGCIO statement
In response to a media report claiming that a facial recognition function has been found in the "LeaveHomeSafe" mobile app, a spokesman for the Office of the Government Chief Information Officer (OGCIO) made a solemn statement today (May 3) to emphasise that the operation of the "LeaveHomeSafe" mobile app has never used nor requires any facial recognition function since its launch.
2022-5-3
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-05-01): Multiple Vulnerabilities in Android
Google has released Android Security Bulletin May 2022 to fix multiple security vulnerabilities in Android operating system.
2022-5-2
Security Related News
GovCERT.HK - Weekly IT Security News Bulletin (25 Apr 2022 – 1 May 2022)
- Warning of vulnerabilities in Linux networkd-dispatcher
- Refusing to pay ransomware demand
2022-4-29
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-04-25): Multiple Vulnerabilities in Microsoft Edge (Chromium-based)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge (Chromium-based).
2022-4-28
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-04-24): Multiple Vulnerabilities in Cisco Products
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
2022-4-28
Phishing Attack
Phishing Attack - Fraudulent website and phishing emails related to Hang Seng Bank, Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited relating to a fraudulent website and phishing emails, which has been reported to the HKMA.
2022-4-28
Phishing Attack
Phishing Attack - Fraudulent mobile applications related to Bank of Singapore Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited relating to fraudulent mobile applications (Apps), which has been reported to the HKMA.
2022-4-27
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-04-23): Multiple Vulnerabilities in Google Chrome
Google released a security update to address multiple vulnerabilities in Google Chrome.
2022-4-27
Phishing Attack
Phishing Attack - Phishing emails related to BNP Paribas Securities Services
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by BNP Paribas Securities Services relating to phishing emails, which has been reported to the HKMA.
2022-4-27
Phishing Attack
Phishing Attack - Phishing emails related to BNP Paribas
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by BNP Paribas relating to phishing emails, which has been reported to the HKMA.
2022-4-27
Phishing Attack
Phishing Attack - Fraudulent website related to WeLab Bank Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by WeLab Bank Limited relating to a fraudulent website, which has been reported to the HKMA.
2022-4-27
Phishing Attack
Phishing Attack - Fraudulent website related to Bank of China (Hong Kong) Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to a fraudulent website, which has been reported to the HKMA.
2022-4-27
Phishing Attack
Phishing Attack - Fraudulent SMS message purportedly issued by Inland Revenue Department
The Inland Revenue Department (IRD) today (April 27) alerted members of the public to a fraudulent SMS message purportedly issued by the department that requests the recipient to settle his or her outstanding tax. The fraudulent SMS message provides a hyperlink to a fake IRD website (https://irdgovhk[.]com/chi/tax/e_alert[.]php) that seeks to obtain the recipient's personal particulars.
2022-4-26
Security Related News
The PCPD Made the Second Arrest For a Suspected Doxxing Offence
The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 41 in New Territories West for suspected contravention of section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO) relating to the offence of “disclosing personal data without consent”. The arrested person is suspected to have disclosed personal data of three data subjects without their consents on different social media platforms in December 2021.
2022-4-26
Phishing Attack
Phishing Attack - Fraudulent websites and fraudulent mobile application related to Bank of Singapore Limited
he Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited relating to fraudulent websites and a fraudulent mobile application, which has been reported to the HKMA.
2022-4-25
Security Related News
Hong Kong Customs arrests woman suspected of engaging in unfair trade practices in sale of face masks online
​Hong Kong Customs last Friday (April 22) arrested a woman suspected of engaging in wrongly accepting payment when selling face masks on the Internet, in contravention of the Trade Descriptions Ordinance (TDO).
2022-4-25
Security Related News
OGCIO reminds persons-in-charge of premises to update "QR Code Verification Scanner" mobile app as soon as possible
A spokesman for the Office of the Government Chief Information Officer (OGCIO) said today (April 25) that according to the requirements of the Vaccine Pass, premises subject to active checking must use the latest version of the "QR Code Verification Scanner" mobile app to scan and record the Vaccine Pass QR codes provided by persons entering the premises in order to comply with the operational requirements.
2022-4-25
Security Related News
GovCERT.HK - Weekly IT Security News Bulletin (18 Apr 2022 – 24 Apr 2022)
- Beware of BlackByte ransomware
- Malware targets Docker for cryptomining operations
2022-4-22
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-04-22): Multiple Vulnerabilities in Drupal
Drupal has released security advisories to address multiple vulnerabilities in the Drupal products.
2022-4-22
Security Related News
GovCERT.HK - Weekly IT Security News Bulletin (11 Apr 2022 – 17 Apr 2022)
- New information-stealing malware spreading widely on messaging platforms
- New DDoS botnet targeting routers and IoT devices
2022-4-21
Event
CSA HKM Knowledge Sharing Event – April 2022
Organised by Cloud Security Alliance Hong Kong & Macau Chapter
2022-4-21
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-04-21): Multiple Vulnerabilities in Cisco Products
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
2022-4-20
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-04-20): Multiple Vulnerabilities in Oracle Java and Oracle Products (April 2022)
Oracle has released the Critical Patch Update (CPU) Advisory with collections of patches for multiple security vulnerabilities found in Java SE and various Oracle products.
2022-4-19
Security Related News
Legislative Council Papers - Update on information security
This paper briefs Members on the latest situation of information security in Hong Kong and the Government’s work on information security in the past year.
2022-4-19
Phishing Attack
Phishing Attack - Judiciary alerts public to phishing email
The Judiciary today (April 19) called on the public to stay vigilant to a phishing email sent from the email account "HONG KONG JUDIClARY ". The email falsely claims that it was issued by order of the Hong Kong Judiciary and the Chief Judge of the High Court, and is suspected of containing a malicious link. The Judiciary has reported the case to the Police.
2022-4-19
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-04-19): Vulnerability in VMware Products
VMware has published a security advisory to address a vulnerability in VMware products.
2022-4-19
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-04-18): Multiple Vulnerabilities in Microsoft Edge (Chromium-based)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge (Chromium-based).
2022-4-19
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-04-17): Vulnerability in Google Chrome
Google released a security update to address a vulnerability in Google Chrome.
2022-4-14
Phishing Attack
Phishing Attack - Fraudulent website related to WeLab Bank Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by WeLab Bank Limited relating to a fraudulent website, which has been reported to the HKMA.
2022-4-14
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-04-16): Multiple Vulnerabilities in Cisco Products
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
2022-4-13
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-04-15): Multiple Vulnerabilities in Adobe Reader/Acrobat
Security updates are released for Adobe Reader and Acrobat to address multiple vulnerabilities.
2022-4-13
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-04-14): Vulnerability in Apache Struts
Apache has released a security update to address a vulnerability in Apache Struts.
2022-4-13
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-04-13): Multiple Vulnerabilities in Microsoft Products (April 2022)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
2022-4-13
Phishing Attack
Phishing Attack - Fraudulent website and phishing email related to The Hongkong and Shanghai Banking Corporation Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to a fraudulent website and phishing email, which has been reported to the HKMA.
2022-4-12
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-04-12): Multiple Vulnerabilities in Google Chrome
Google released a security update to address multiple vulnerabilities in Google Chrome.
2022-4-12
Security Related News
PCPD Releases Report on “Comparison of Privacy Settings of Social Media”
As the public has become increasingly aware in recent years of the personal data privacy risks related to the use of social media, the Office of the Privacy Commissioner for Personal Data (PCPD) today released a report on “Comparison of Privacy Settings of Social Media” after a review of the top ten most commonly used social media platforms in Hong Kong, including Facebook, Facebook Messenger, Instagram, LINE, LinkedIn, Skype, Twitter, WeChat, WhatsApp and YouTube (in alphabetical order).
2022-4-11
Security Related News
GovCERT.HK - Weekly IT Security News Bulletin (4 Apr 2022 – 10 Apr 2022)
- Phishing attacks masquerade as WhatsApp voice message
- The importance of prioritising API security
2022-4-11
Phishing Attack
Phishing Attack - Judiciary alerts public to phishing email
The Judiciary today (April 11) called on the public to stay vigilant to a phishing email sent from the email account "HONG KONG JUDICIARY". The email falsely claims to be issued by order of the Chief Judge of the High Court.
2022-4-11
Phishing Attack
Phishing Attack - Fraudulent websites and phishing instant message related to WeLab Bank Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by WeLab Bank Limited relating to fraudulent websites and a phishing instant message, which has been reported to the HKMA.
2022-4-8
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-04-11): Vulnerability in Microsoft Edge (Chromium-based)
Microsoft released a security update to address the vulnerability in Microsoft Edge (Chromium-based).
2022-4-7
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-04-10): Multiple Vulnerabilities in Cisco Products
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
2022-4-7
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-04-09): Multiple Vulnerabilities in VMware Products
VMware has published security advisories to address multiple vulnerabilities in VMware products.
2022-4-6
Phishing Attack
Phishing Attack - Fraudulent websites, phishing emails and phishing instant message related to The Hongkong and Shanghai Banking Corporation Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to fraudulent websites, phishing emails and a phishing instant message, which has been reported to the HKMA.
2022-4-6
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-04-08): Multiple Vulnerabilities in Firefox
Mozilla has published the advisories (MFSA2022-13 and MFSA2022-14) to address multiple vulnerabilities in Firefox browser.
2022-4-6
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-04-07): Vulnerability in Google Chrome
Google released a security update to address a vulnerability in Google Chrome.
2022-4-6
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-04-06): Multiple Vulnerabilities in Android
Google has released Android Security Bulletin April 2022 to fix multiple security vulnerabilities in Android operating system.
2022-4-4
Security Related News
HKCERT - Security Blog: Please sign them. Smart contracts?
What is the difference between a smart contract and a traditional contract? How do we apply it? And most importantly, what are the cyber security risks? Next, we will share with you about these.
2022-4-4
Security Related News
GovCERT.HK - Weekly IT Security News Bulletin (28 Mar 2022 – 3 Apr 2022)
- Mirai-based campaign targets unpatched Totolink routers
- Be aware of attacks against content management systems
2022-4-4
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-04-05): Multiple Vulnerabilities in Microsoft Edge (Chromium-based)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge (Chromium-based).
2022-4-4
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-04-04): Vulnerability in VMware Products
VMware has published a security advisory to address the vulnerability in VMware products.
2022-4-1
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-04-03): Vulnerability in Pulse Secure Products
Pulse Secure has published a security advisory to address a vulnerability in Pulse Secure products.
2022-4-1
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-04-02): Vulnerability in Apple iOS and iPadOS
Apple has released iOS 15.4.1 and iPadOS 15.4.1 to fix the vulnerability in various Apple devices.
2022-4-1
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-04-01): Multiple Vulnerabilities in Spring Framework
Spring has released a security advisory to address multiple remote code execution vulnerabilities in Spring Framework.
2022-3-31
Phishing Attack
Phishing Attack - Fraudulent website related to Bank of China (Hong Kong) Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to a fraudulent website, which has been reported to the HKMA.
2022-3-31
Phishing Attack
Phishing Attack - Fraudulent website and phishing email related to The Hongkong and Shanghai Banking Corporation Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to a fraudulent website and phishing email, which has been reported to the HKMA.
2022-3-31
Phishing Attack
Phishing Attack - Suspicious websites and phishing instant message related to DBS Bank (Hong Kong) Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to suspicious websites and a phishing instant message, which has been reported to the HKMA.
2022-3-30
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-03-21): Vulnerability in VMware Products
VMware has published a security advisory to address a vulnerability in VMware products.
2022-3-30
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-03-20): Multiple Vulnerabilities in Google Chrome
Google released a security update to address multiple vulnerabilities in Google Chrome.
2022-3-28
Phishing Attack
Phishing Attack - Fraudulent website related to The Bank of East Asia, Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to a fraudulent website, which has been reported to the HKMA.
2022-3-28
Security Related News
GovCERT.HK - Weekly IT Security News Bulletin (21 Mar 2022 – 27 Mar 2022)
- Ransomware payments and demands rose dramatically
- Evolving phishing kits and evasion tactics
2022-3-28
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-03-19): Vulnerability in Microsoft Edge (Chromium-based)
Microsoft released a security update to address a vulnerability in Microsoft Edge (Chromium-based).
2022-3-28
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-03-18): Vulnerability in Google Chrome
Google released a security update to address a vulnerability in Google Chrome.
2022-3-25
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-03-17): Vulnerability in SonicWall Products
SonicWall has released a security advisory to address a buffer overflow vulnerability in SonicOS which is the operating system for SonicWall firewalls.
2022-3-22
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-03-16): Vulnerability in Drupal
Drupal has released a security advisory to address a vulnerability in the Guzzle library.
2022-3-21
Security Related News
GovCERT.HK - Weekly IT Security News Bulletin (14 Mar 2022 – 20 Mar 2022)
- New Linux botnet using DNS tunnelling for communication
- New malware targeting Microsoft SQL and MySQL database servers
2022-3-18
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-03-15): Vulnerability in OpenSSL
OpenSSL has released 1.1.1n and 3.0.2 to fix the vulnerability in various versions of OpenSSL.
2022-3-18
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-03-14): Multiple Vulnerabilities in Microsoft Edge (Chromium-based)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge (Chromium-based).
2022-3-17
Phishing Attack
Phishing Attack - Phishing email related to Cathay United Bank Company, Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Cathay United Bank Company, Limited relating to a phishing email, which has been reported to the HKMA.
2022-3-17
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-03-13): Multiple Vulnerabilities in ISC BIND
ISC has released a security update to fix the vulnerabilities in BIND.
2022-3-17
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-03-12): Multiple Vulnerabilities in Drupal
Drupal has released a security advisory to address multiple vulnerabilities in the CKEditor library for WYSIWYG editing.
2022-3-16
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-03-11): Multiple Vulnerabilities in Google Chrome
Google released a security update to address multiple vulnerabilities in Google Chrome.
2022-3-15
Phishing Attack
Phishing Attack - Fraudulent websites and phishing instant message related to The Hongkong and Shanghai Banking Corporation Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to fraudulent websites and a phishing instant message, which has been reported to the HKMA.
2022-3-15
Phishing Attack
Phishing Attack - Fraudulent mobile application related to WeLab Bank Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by WeLab Bank Limited relating to a fraudulent mobile application, which has been reported to the HKMA.
2022-3-15
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-03-10): Multiple Vulnerabilities in Apache HTTP Server
The Apache Software Foundation released a security update to address multiple vulnerabilities in the HTTP Server and its modules.
2022-3-15
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-03-09): Multiple Vulnerabilities in Apple iOS and iPadOS
Apple has released iOS 15.4 and iPadOS 15.4 to fix the vulnerabilities in various Apple devices.
2022-3-14
Security Related News
GovCERT.HK - Weekly IT Security News Bulletin (7 Mar 2022 – 13 Mar 2022)
- Do not reuse your passwords
- Be aware of social media phishing attacks
2022-3-14
Phishing Attack
Phishing Attack - Phishing email related to The Hongkong and Shanghai Banking Corporation Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to a phishing email, which has been reported to the HKMA.
2022-3-11 to
2022-8-8
Event
“Fact Check After Receiving, Think Twice Before Sharing” Folder Design Contest
Organised by Office of the Government Chief Information Officer (OGCIO) / Hong Kong Police Force / Hong Kong Computer Emergency Response Team Coordination Centre
2022-3-11
Security Related News
HKCERT - Security Blog:What You Know about the Cyber Security of NFT
This time, we will discuss the ecosystem of NFT as well as various related parts that can be attacked or defrauded by criminals, and the corresponding security advice.
2022-3-10
Phishing Attack
Phishing Attack - Judiciary alerts public to phishing email
The Judiciary today (March 10) called on the public to stay vigilant to a phishing email sent from the email account "Cheung Chin-neng ". The email falsely claimed to be issued by the Chief Justice, requesting the sender to provide his or her contact of an instant messaging application. The Judiciary has reported the case to the Police.
2022-3-9
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-03-08): Multiple Vulnerabilities in Firefox
Mozilla has published the advisories (MFSA2022-10 and MFSA2022-11) to address multiple vulnerabilities in Firefox browser.
2022-3-9
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-03-07): Multiple Vulnerabilities in Microsoft Products (March 2022)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
2022-3-9
Phishing Attack
Phishing Attack - Fraudulent websites, phishing emails and phishing instant messages related to The Hongkong and Shanghai Banking Corporation Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to fraudulent websites, phishing emails and phishing instant messages, which has been reported to the HKMA.
2022-3-8
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-03-06): Multiple Vulnerabilities in Android
Google has released Android Security Bulletin March 2022 to fix multiple security vulnerabilities in Android operating system.
2022-3-8
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-03-05): Vulnerability in Linux Operating Systems
A local privilege escalation vulnerability is found in the Linux kernel 5.8 or later.
2022-3-7
Security Related News
GovCERT.HK - Weekly IT Security News Bulletin (28 Feb 2022 – 6 Mar 2022)
- Malware signed with stolen certificates
- Misconfigured network middleboxes used in DDoS attacks
2022-3-7
Phishing Attack
Phishing Attack - Judiciary alerts public to phishing email (2)
The Judiciary today (March 7) called on the public to stay vigilant to a phishing email sent from the email account "Hong Kong High Court ". The email falsely claimed that it was issued by order of the Chief Judge of the High Court, and is suspected of containing a malicious link.
2022-3-7
Phishing Attack
Phishing Attack - Judiciary alerts public to phishing email
The Judiciary today (March 7) called on the public to stay vigilant to a phishing email sent from the email account "Hong Kong High Court ". The email falsely claimed that it was issued by order of the Chief Judge of the High Court, and is suspected of containing a malicious link.
2022-3-7
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-03-04): Multiple Vulnerabilities in Firefox
Mozilla has published the advisory (MFSA2022-09) to address multiple vulnerabilities in Firefox browser.
2022-3-4
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-03-03): Multiple Vulnerabilities in Microsoft Edge (Chromium-based)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge (Chromium-based).
2022-3-3
Phishing Attack
Phishing Attack - Judiciary alerts public to phishing email
The Judiciary today (March 3) called on the public to stay vigilant to a phishing email sent from the email account "Hong Kong High Court ". The email falsely claimed that it was issued by order of the Chief Judge of the High Court, and is suspected of containing a malicious link.
2022-3-3
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-03-02): Multiple Vulnerabilities in Cisco Products
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
2022-3-2
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-03-01): Multiple Vulnerabilities in Google Chrome
Google released a security update to address multiple vulnerabilities in Google Chrome.
2022-3-1
Phishing Attack
Phishing Attack - Judiciary alerts public to phishing email
The Judiciary today (March 1) called on the public to stay vigilant to a phishing email sent from the email account "Hong Kong High Court ". The email falsely claimed that it was issued by order of the Chief Judge of the High Court, and is suspected of containing a malicious link.
2022-3-1
Phishing Attack
Phishing Attack - Fraudulent website and phishing email related to Far Eastern International Bank
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Far Eastern International Bank relating to a fraudulent website and phishing email, which has been reported to the HKMA.
2022-2-28
Security Related News
GovCERT.HK - Weekly IT Security News Bulletin (21 Feb 2022 – 27 Feb 2022)
- MuddyWater actors conducting malicious cyber operations worldwide
- Multiple hacking groups targeting industrial control systems
2022-2-24
Event
CSA HKM Knowledge Sharing Event – February 2022
Organised by Cloud Security Alliance Hong Kong & Macau Chapter
2022-2-24
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-02-11): Multiple Vulnerabilities in Cisco Products
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
2022-2-21
Security Related News
GovCERT.HK - Weekly IT Security News Bulletin (14 Feb 2022 – 20 Feb 2022)
- New botnet targeting to steal sensitive information
- Microsoft Teams abused for malware distribution
2022-2-18
Phishing Attack
Phishing Attack - Fraudulent websites and phishing emails related to Bank of China (Hong Kong) Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to fraudulent websites and phishing emails, which has been reported to the HKMA.
2022-2-17
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-02-10): Multiple Vulnerabilities in Drupal
Drupal has released security advisories to address multiple vulnerabilities in the Drupal products.
2022-2-17
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-02-09): Multiple Vulnerabilities in Cisco Products
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
2022-2-17
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-02-08): Multiple Vulnerabilities in Microsoft Edge (Chromium-based)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge (Chromium-based).
2022-2-16
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-02-07): Multiple Vulnerabilities in VMware Products
VMware has published a security advisory to address multiple vulnerabilities in VMware products.
2022-2-15
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-02-06): Multiple Vulnerabilities in Google Chrome
Google released a security update to address multiple vulnerabilities in Google Chrome.
2022-2-14
Security Related News
GovCERT.HK - Weekly IT Security News Bulletin (7 Feb 2022 – 13 Feb 2022)
- Linux malware attacks are on the rise
- The growing number of phishing kits with MFA bypassing capabilities
2022-2-14
Phishing Attack
Phishing Attack - Members of public reminded to stay alert to fraudulent email purportedly issued by Department of Justice
The Department of Justice today (February 14) appealed to members of the public to stay alert to a fraudulent email claimed to have been sent by "Ms. AU Kit Yuk, Katy, Sr Psl Asst to Secy for Justice" under the email account "kit.yuk@gov[.]hk" with a suspected link to a malicious file.
2022-2-14
Phishing Attack
Phishing Attack - Phishing instant message related to The Hongkong and Shanghai Banking Corporation Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to a phishing instant message, which has been reported to the HKMA.
2022-2-11
Phishing Attack
Phishing Attack - Phishing email related to The Hongkong and Shanghai Banking Corporation Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to a phishing email, which has been reported to the HKMA.
2022-2-11
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-02-05): Vulnerability in Microsoft Edge (Chromium-based)
Microsoft released a security update to address a vulnerability in Microsoft Edge (Chromium-based).
2022-2-11
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-02-04): Vulnerability in Apple iOS and iPadOS
Apple has released iOS 15.3.1 and iPadOS 15.3.1 to fix the vulnerability in various Apple devices.
2022-2-10
Security Related News
Cyber Attacks Become More Complex and Diversified Phishing Attacks Reach New High HKCERT Calls on Public to Raise Awareness of Information Security
(Hong Kong, 10 February 2022) The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) of the Hong Kong Productivity Council today announced a review on the information security situation in Hong Kong in 2021 and the forecast for 2022.
2022-2-9
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-02-03): Multiple Vulnerabilities in Firefox
Mozilla has published the advisories (MFSA2022-04 and MFSA2022-05) to address multiple vulnerabilities in Firefox browser.
2022-2-9
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-02-02): Multiple Vulnerabilities in Microsoft Products (February 2022)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
2022-2-8
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-02-01): Multiple Vulnerabilities in Android
Google has released Android Security Bulletin February 2022 to fix multiple security vulnerabilities in Android operating system.
2022-2-7
Security Related News
GovCERT.HK - Weekly IT Security News Bulletin (31 Jan 2022 – 6 Feb 2022)
- A shift toward behaviour-based detection
- Security flaws in UEFI firmware potentially impact millions of devices
2022-2-4
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-01-26): Multiple Vulnerabilities in Microsoft Edge (Chromium-based)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge (Chromium-based).
2022-2-4
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-01-25): Multiple Vulnerabilities in Google Chrome
Google released a security update to address multiple vulnerabilities in Google Chrome.
2022-2-4
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-01-24): Multiple Vulnerabilities in Cisco Products
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
2022-2-4
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-01-23): Multiple Vulnerabilities in Samba
Samba released security updates to address multiple vulnerabilities in Samba.
2022-2-4
Phishing Attack
Phishing Attack - Fraudulent website and phishing email related to The Hongkong and Shanghai Banking Corporation Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to a fraudulent website and phishing email, which has been reported to the HKMA.
2022-2-4
Phishing Attack
Phishing Attack - Fraudulent mobile application related to WeLab Bank Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by WeLab Bank Limited relating to a fraudulent mobile application, which has been reported to the HKMA.
2022-1-31
Phishing Attack
Phishing Attack - Phishing email related to Bank of China (Hong Kong) Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to a phishing email, which has been reported to the HKMA.
2022-1-31
Phishing Attack
Phishing Attack - Phishing email related to Far Eastern International Bank
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Far Eastern International Bank relating to a phishing email, which has been reported to the HKMA.
2022-1-28
Phishing Attack
Phishing Attack - Fraudulent websites related to Bank of China (Hong Kong) Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to fraudulent websites, which has been reported to the HKMA.
2022-1-27
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-01-22): Vulnerability in Apache Tomcat
Apache Software Foundation has released a security advisory to address a vulnerability in the Apache Tomcat.
2022-1-27
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-01-21): Multiple Vulnerabilities in Apple iOS and iPadOS
Apple has released iOS 15.3 and iPadOS 15.3 to fix the vulnerabilities in various Apple devices.
2022-1-27
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-01-20): Vulnerability in Linux Operating Systems
A vulnerability was found in a Linux system service called polkit which is installed by default in several Linux distributions.
2022-1-27
Phishing Attack
Phishing Attack - Suspicious website and phishing instant message related to DBS Bank (Hong Kong) Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to a suspicious website and phishing instant message, which has been reported to the HKMA.
2022-1-27
Phishing Attack
Phishing Attack - Fraudulent website and phishing instant message related to The Hongkong and Shanghai Banking Corporation Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to a fraudulent website and phishing instant message, which has been reported to the HKMA.
2022-1-24
Security Related News
HKCERT - Security Blog: NFT Boom, How to Protect Your NFT Assets
In regard to NFT security issues, HKCERT has the following suggestions…
2022-1-24
Security Related News
GovCERT.HK - Weekly IT Security News Bulletin (17 Jan 2022 – 23 Jan 2022)
- Destructive malware discovered targeting multiple organisations
- Protecting NAS devices against evolving threats
2022-1-24
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-01-19): Vulnerability in SolarWinds Serv-U File Server
SolarWinds has released a security advisory to address an improper input validation vulnerability (CVE-2021-35247) in Serv-U File Server.
2022-1-24
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-01-18): Multiple Vulnerabilities in McAfee Agent
McAfee has released a security advisory to address multiple vulnerabilities in McAfee Agent for Windows
2022-1-24
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-01-17): Vulnerability in Microsoft Windows
Microsoft has released an out-of-band security update to address the vulnerability in the WinVerifyTrust function that handles Windows Authenticode signature verification for portable executable (PE) files.
2022-1-24
Phishing Attack
Phishing Attack - Suspicious website related to Dah Sing Bank, Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Dah Sing Bank, Limited relating to a suspicious website, which has been reported to the HKMA.
2022-1-21
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-01-16): Multiple Vulnerabilities in Microsoft Edge (Chromium-based)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge (Chromium-based).
2022-1-20
Security Related News
HKCERT - Security Blog: Introduction of QR code attacks and countermeasures
In this blog, we would discuss the security risks and recommendations of two use cases, user authentication and data storage, to provide reference for enterprises when using QR code for business operation and system development.…
2022-1-20
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-01-15): Multiple Vulnerabilities in Cisco Products
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
2022-1-20
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-01-14) Multiple Vulnerabilities in Drupal
Drupal has released a security advisory to address multiple vulnerabilities in the jQuery UI library.
2022-1-20
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-01-13): Multiple Vulnerabilities in Google Chrome
Google released a security update to address multiple vulnerabilities in Google Chrome.
2022-1-19
Phishing Attack
Phishing Attack - Judiciary alerts public to fraudulent email
The Judiciary today (January 19) reminded members of the public to stay vigilant to a fraudulent email sent under the email account "teresa.cheng@judiciary[.]hk" and carrying a suspected link to a malicious file.
2022-1-19
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-01-12): Multiple Vulnerabilities in Oracle Java and Oracle Products (January 2022)
Oracle has released the Critical Patch Update (CPU) Advisory with collections of patches for multiple security vulnerabilities found in Java SE and various Oracle products.
2022-1-18
Phishing Attack
Phishing Attack - Department of Justice alerts public to fraudulent email
The Department of Justice today (January 18) appealed to members of the public to stay alert to a fraudulent email claimed to have been sent by "Ms. Teresa Cheng, GBM, GBS, SC, JP, Secetary to The Honourable Chief Justice Andrew Cheung Kui-nung GBM" with a suspected link to a malicious file
2022-1-18
Phishing Attack
Phishing Attack - Suspicious website related to Dah Sing Bank, Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Dah Sing Bank, Limited relating to a suspicious website, which has been reported to the HKMA.
2022-1-17
Security Related News
GovCERT.HK - Weekly IT Security News Bulletin (10 Jan 2022 – 16 Jan 2022)
- DDoS attacks that come combined with extortion demands are on the rise
- A new cross-platform backdoor malware
2022-1-15
Security Related News
Hong Kong Customs sternly clarifies false Internet rumours
With regard to Internet rumours that Customs officers were trying to incriminate an ethnic minority young man by fabricated evidence yesterday (January 14), a spokesman for Hong Kong Customs today (January 15) solemnly clarified that the rumours are unfounded.
2022-1-14
Phishing Attack
Phishing Attack - Administration Wing alerts public to fraudulent email
The Administration Wing today (January 14) appealed to members of the public to stay alert to a fraudulent email on nomination for honours and awards purporting to be sent by "Honours Section, Administration Wing" under the email account cso.gov.hk@express[.]com .
2022-1-14
Phishing Attack
Phishing Attack - Phishing instant message related to Bank of Singapore Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited relating to a phishing instant message, which has been reported to the HKMA.
2022-1-13
Security Related News
Working from Home: Privacy Commissioner Recommends 9 Tips to Safeguard Personal Data
The Office of the Privacy Commissioner for Personal Data (PCPD) offers 9 tips for organisations, employees and users of video conferencing software (including teachers and students) to safeguard their personal data
2022-1-13
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-01-11): Multiple Vulnerabilities in Cisco Products
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
2022-1-13
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-01-10): Vulnerability in Apple iOS and iPadOS
Apple has released iOS 15.2.1 and iPadOS 15.2.1 to fix the vulnerability in various Apple devices.
2022-1-12
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-01-09): Multiple Vulnerabilities in Adobe Reader/Acrobat
Security updates are released for Adobe Reader and Acrobat to address multiple vulnerabilities.
2022-1-12
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-01-08): Multiple Vulnerabilities in Firefox
Mozilla has published the advisories (MFSA2022-01 and MFSA2022-02) to address multiple vulnerabilities in Firefox browser.
2022-1-12
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-01-07): Multiple Vulnerabilities in Microsoft Products (January 2022)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
2022-1-12
Phishing Attack
Phishing Attack - Fraudulent website related to China CITIC Bank International Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited relating to a fraudulent website, which has been reported to the HKMA.
2022-1-12
Phishing Attack
Phishing Attack - Fraudulent website and phishing email related to The Hongkong and Shanghai Banking Corporation Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to a fraudulent website and phishing email, which has been reported to the HKMA.
2022-1-11
Phishing Attack
Phishing Attack - Fraudulent website and phishing email related to The Hongkong and Shanghai Banking Corporation Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to a fraudulent website and phishing email, which has been reported to the HKMA.
2022-1-10
Security Related News
HKCERT - Security Blog: Business as Usual under COVID-19 with Sound “Work from Home” Cyber Security
the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) would use this opportunity again to offer some security tips on WFH for companies and their employees…
2022-1-10
Security Related News
GovCERT.HK - Weekly IT Security News Bulletin (3 Jan 2022 – 9 Jan 2022)
- Google Docs comments weaponised in phishing campaign
- Risk of copying-pasting commands from webpages
2022-1-10
Security Alert and Advisory
GovCERT.HK - High Threat Security Alert (A22-01-06): Vulnerability in H2 Database Console
H2 has released a security advisory to address a vulnerability in H2 database console.
2022-1-7
Security Related News
HKCERT - Security Blog: Secure Use of QR Code
Although QR codes have made our life more convenient, we should always stay alert to the relevant security risks and use them securely.
2022-1-7
Phishing Attack
Phishing Attack - Department of Justice alerts public to fraudulent email
The Department of Justice today (January 7) appealed to members of the public to stay alert to a fraudulent email claimed to have been sent by "York Chow, Secretary to Ms Teresa Cheng" with a suspected link to a malicious file.
2022-1-7
Phishing Attack
Phishing Attack - Fraudulent mobile application related to WeLab Bank Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by WeLab Bank Limited relating to a fraudulent mobile application, which has been reported to the HKMA.
2022-1-7
Phishing Attack
Phishing Attack - Fraudulent mobile application related to The Bank of East Asia, Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to a fraudulent mobile application, which has been reported to the HKMA.
2022-1-7
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-01-05): Multiple Vulnerabilities in Android
Google has released Android Security Bulletin January 2022 to fix multiple security vulnerabilities in Android operating system.
2022-1-7
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-01-04): Multiple Vulnerabilities in Microsoft Edge (Chromium-based)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge (Chromium-based).
2022-1-6
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-01-03): Vulnerability in VMWare Products
VMware has published a security advisory to address a vulnerability in VMware products.
2022-1-5
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-01-02): Vulnerability in Apache Struts
Apache has released a security update to address a vulnerability in Apache Struts.
2022-1-5
Security Alert and Advisory
GovCERT.HK - Security Alert (A22-01-01): Multiple Vulnerabilities in Google Chrome
Google released a security update to address multiple vulnerabilities in Google Chrome.
2022-1-5
Security Related News
GovCERT.HK - Weekly IT Security News Bulletin (27 Dec 2021 – 2 Jan 2022)
- Password stealer targeting accounts saved in web browsers
- A growing threat of malicious dormant domains
2022-1-3
Phishing Attack
Phishing Attack - Fraudulent website and phishing email related to The Hongkong and Shanghai Banking Corporation Limited
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to a fraudulent website and phishing email, which has been reported to the HKMA.