InfoSec: Search by News & Events

2023-4-18 to

2023-7-15

Build a Secure Cyberspace 2023 - “Protect Your Online Identity” Speech Contest

Organised by Office of the Government Chief Information Officer (OGCIO) / Hong Kong Police Force (HKPF) / Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT)

2023-7-6 to

2023-7-7

HKIRC x APNIC Network Security Workshop

Organised by Hong Kong Internet Registration Corporation Limited / Asia Pacific Network Information Center

2023-7-4 to

2023-7-5

APAC DNS Forum 2023

Organised by Hong Kong Internet Registration Corporation Limited

2023-5-25 to

2023-6-25

Smart City Roving Exhibition : Smart Government ‧ Smart Outing

Organised by Office of the Government Chief Information Officer (OGCIO)

2023-6-3

Parent Seminar: Beware of Internet Pitfalls and Practical Eye Care Tips for e-Learning

Organised by Education Bureau

2023-5-29

Phishing Attack - Fraudulent website related to Hang Seng Bank, Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited relating to a fraudulent website, which has been reported to the HKMA.

2023-5-27

Police Force engages in Metaverse exploring threats and opportunities of Web3 (with photos)

The Cyber Security and Technology Crime Bureau (CSTCB) of the Police launched the "CyberDefender Metaverse" platform today (May 27) and held its first online event "Exploring the Metaverse" to enlighten the public about the threats and opportunities linked with Web3 and the Metaverse, raise their awareness of new technology crimes, and bring them new experience.

2023-5-24

Phishing Attack - Fraudulent websites, internet banking login screens and phishing instant messages related to Hang Seng Bank, Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited relating to fraudulent websites, internet banking login screens and phishing instant messages, which have been reported to the HKMA.

2023-5-24

Phishing Attack - Fraudulent mobile application and phishing instant messages related to Bank of America, National Association

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of America, National Association relating to a fraudulent mobile application (App) and phishing instant messages, which have been reported to the HKMA.

2023-5-24

LCQ6: Prevention of school and cyber bullying

Following is a question by the Hon Lam So-wai and a reply by the Secretary for Education, Dr Choi Yuk-lin, in the Legislative Council today (May 24).

2023-5-24

LCQ18: Application of generative artificial intelligence in primary and secondary schools

Following is a question by the Hon Mrs Regina Ip and a written reply by the Secretary for Education, Dr Choi Yuk-lin, in the Legislative Council today (May 24).

2023-5-24

Security Alert (A23-05-13): Vulnerability in VMware NSX-T

VMware has published a security advisory to address a vulnerability in VMware NSX-T.

2023-5-23

Security Alert (A23-05-12): Vulnerability in Apache Tomcat

The Apache Software Foundation released a security update to address a vulnerability in the Apache Tomcat.

2023-5-20

EMSD temporarily suspends some online services due to cyber incident

The Electrical and Mechanical Services Department (EMSD) today (May 20) announced that due to abnormality found in the network system, it was suspected that part of the system has been hacked. For prudence's sake, the following online services have been suspended.

2023-5-19

Phishing Attack - Fraudulent website, internet banking login screen and phishing emails related to Hang Seng Bank, Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited relating to a fraudulent website, internet banking login screen and phishing emails, which have been reported to the HKMA.

2023-5-19

Phishing Attack - Fraudulent websites related to Chong Hing Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites, which have been reported to the HKMA.

2023-5-19

Security Alert (A23-05-11): Multiple Vulnerabilities in Microsoft Edge

Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

2023-5-19

High Threat Security Alert (A23-05-10): Multiple Vulnerabilities in Apple iOS and iPadOS

Apple has released iOS 15.7.6, iOS 16.5, iPadOS 15.7.6 and iPadOS 16.5 to fix the vulnerabilities in various Apple devices.

2023-5-18

Phishing Attack - Fraudulent website related to The Hongkong and Shanghai Banking Corporation Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to a fraudulent website, which has been reported to the HKMA.

2023-5-18

A 43-year-old Chinese Male Arrested for a Suspected Doxxing Offence Relating to Commercial Disputes

The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 43 in the New Territories. The arrested person was suspected to have disclosed the personal data of a data subject without his consent, in contravention of section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO).

2023-5-18

High Threat Security Alert (A23-05-09): Multiple Vulnerabilities in Cisco Products

Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

2023-5-17

Privacy Commissioner’s Office Organises Awards Presentation Ceremony of Short Video Competition for Primary School Students on “Respecting Privacy Begins with Me”

The Office of the Privacy Commissioner for Personal Data (PCPD) held an Awards Presentation Ceremony (Awards Presentation Ceremony) of a Short Video Competition for Primary School Students on “Respecting Privacy Begins with Me” (Competition) on 12 May to recognise the efforts of 23 outstanding primary school teams in promoting the respect for and protection of personal data privacy.

2023-5-17

Phishing Attack - Unauthorised website and phishing email related to Citibank (Hong Kong) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Citibank (Hong Kong) Limited relating to an unauthorised website and phishing email, which have been reported to the HKMA.

2023-5-17

Phishing Attack - Fraudulent websites related to Industrial and Commercial Bank of China (Asia) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Industrial and Commercial Bank of China (Asia) Limited relating to fraudulent websites, which have been reported to the HKMA.

2023-5-17

Security Alert (A23-05-08): Multiple Vulnerabilities in Google Chrome

Google released a security update to address multiple vulnerabilities in Google Chrome.

2023-5-16

Phishing Attack - Fraudulent website related to The Hongkong and Shanghai Banking Corporation Limited

2023-5-16

Phishing Attack - Fraudulent instant messages related to Livi Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Livi Bank Limited relating to fraudulent instant messages, which have been reported to the HKMA.

2023-5-15

Phishing Attack - Fraudulent websites related to The Hongkong and Shanghai Banking Corporation Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to fraudulent websites, which have been reported to the HKMA.

2023-5-15

Phishing Attack - Fraudulent websites and phishing email related to The Bank of East Asia, Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and phishing email, which have been reported to the HKMA.

2023-5-15

Unmasking Cybercrime-as-a-Service: The Dark Side of Digital Convenience

HKCERT has set Cybercrime-as-a-Service (CaaS) as one of the top five information security risks for 2023.

2023-5-13

Ethical Phishing Campaign 2023

Organised by Cyber Security and Technology Crime Bureau (CSTCB) of the Hong Kong Police (HKP) / Hong Kong Internet Registration Corporation Limited

2023-5-12

Phishing Attack - Fraudulent website related to Bank of Communications (Hong Kong) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Communications (Hong Kong) Limited relating to a fraudulent website, which has been reported to the HKMA.

2023-5-12

Security Alert (A23-05-07): Multiple Vulnerabilities in VMware Aria Operations

VMware has published a security advisory to address multiple vulnerabilities in VMware Aria Operations.

2023-5-11

CSA HKM Knowledge Sharing Event – May 2023

Organised by Cloud Security Alliance Hong Kong & Macau Chapter

2023-5-11

Phishing Attack - Fraudulent websites related to Hang Seng Bank, Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited relating to fraudulent websites, which have been reported to the HKMA.

2023-5-11

A 37-year-old Chinese Male Arrested for Suspected Reposting of Doxxing Message

The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 37 in the New Territories. He was suspected to have disclosed the personal data of a data subject without her consent, in contravention of section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO).

2023-5-10

LCQ19: Artificial intelligence chatbot ChatGPT

Following is a question by the Hon Yung Hoi-yan and a written reply by the Acting Secretary for Innovation, Technology and Industry, Ms Lillian Cheong, in the Legislative Council today (May 10)

2023-5-10

LCQ10: Protecting personal data when developing and using artificial intelligence

Following is a question by the Hon Chan Yung and a written reply by the Secretary for Constitutional and Mainland Affairs, Mr Erick Tsang Kwok-wai, in the Legislative Council today (May 10).

2023-5-10

Security Alert (A23-05-06): Multiple Vulnerabilities in Firefox

Mozilla has published the advisories (MFSA2023-16 and MFSA2023-17) to address multiple vulnerabilities in Firefox browser.

2023-5-10

High Threat Security Alert (A23-05-05): Multiple Vulnerabilities in Microsoft Products (May 2023)

Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.

2023-5-8

Phishing Attack - Fraudulent websites related to Hang Seng Bank, Limited

2023-5-8

Security Alert (A23-05-04): Multiple Vulnerabilities in Microsoft Edge

Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

2023-5-5

Build a Secure Cyberspace 2023 - “Protect Your Online Security in Web 3.0” Seminar

Organised by Office of the Government Chief Information Officer (OGCIO) / Hong Kong Police Force (HKPF) / Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT)

2023-5-4

Security Alert (A23-05-03): Multiple Vulnerabilities in Fortinet Products

Fortinet released security advisories to address multiple vulnerabilities in Fortinet products.

2023-5-3

Security Alert (A23-05-02): Multiple Vulnerabilities in Google Chrome

Google released a security update to address multiple vulnerabilities in Google Chrome.

2023-5-2

Security Alert (A23-05-01): Multiple Vulnerabilities in Android

Google has released Android Security Bulletin May 2023 to fix multiple security vulnerabilities in Android operating system.

2023-4-28

Phishing Attack - Fraudulent website and phishing instant message related to DBS Bank (Hong Kong) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to a fraudulent website and phishing instant message, which have been reported to the HKMA.

2023-4-28

Phishing Attack - Fraudulent website related to Bank of Singapore Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited relating to a fraudulent website, which has been reported to the HKMA.

2023-4-28

Phishing Attack - Beware of counterfeit mobile apps purporting to be made by Guangdong-Hong Kong-Macao Greater Bay Area Development Office

The Guangdong-Hong Kong-Macao Greater Bay Area Development Office of the Constitutional and Mainland Affairs Bureau today (April 28) appealed to members of the public for heightened vigilance against counterfeit mobile apps purporting to be made by the Office.

2023-4-28

Phishing Attack - Fraudulent website and phishing email related to The Hongkong and Shanghai Banking Corporation Limited

2023-4-26

High Threat Security Alert (A23-04-19): Vulnerability in TP-Link Archer AX21

TP-Link released a security update to address a vulnerability in TP-Link Archer AX21.

2023-4-26

Security Alert (A23-04-18): Multiple Vulnerabilities in VMware Products

VMware has published a security advisory to address multiple vulnerabilities in VMware products.

2023-4-24

High Threat Security Alert (A23-04-17): Multiple Vulnerabilities in Microsoft Edge

Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge..

2023-4-22

Phishing Attack - Transport Department alerts public to fraudulent SMS message of HKeToll

The Transport Department (TD) today (April 22) alerted members of the public to fraudulent SMS message purportedly issued by the HKeToll.

2023-4-21

Phishing Attack - Suspicious website related to China CITIC Bank International Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited relating to a suspicious website, which has been reported to the HKMA.

2023-4-21

Phishing Attack - Fraudulent mobile application related to China Construction Bank (Asia) Corporation Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Construction Bank (Asia) Corporation Limited relating to a fraudulent App, which has been reported to the HKMA.

2023-4-21

Phishing Attack - Fraudulent websites and phishing emails related to The Hongkong and Shanghai Banking Corporation Limited

2023-4-21

High Threat Security Alert (A23-04-16): Multiple Vulnerabilities in VMware Aria Operations for Logs

VMware has published a security advisory to address multiple vulnerabilities in VMware Aria Operations for Logs..

2023-4-20

Phishing Attack - Fraudulent websites and phishing emails related to The Hongkong and Shanghai Banking Corporation Limited

2023-4-20

Security Alert (A23-04-15): Vulnerability in Drupal

Drupal has released security advisories to address a vulnerability in the Drupal products..

2023-4-20

High Threat Security Alert (A23-04-14): Multiple Vulnerabilities in Cisco Products

Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software..

2023-4-19

Phishing Attack - Phishing social media accounts and unauthorised messages related to TNG (Asia) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by TNG (Asia) Limited relating to phishing social media accounts and unauthorised messages.

2023-4-19

Security Alert (A23-04-13): Multiple Vulnerabilities in Oracle Java and Oracle Products (April 2023)

Oracle has released the Critical Patch Update (CPU) Advisory with collections of patches for multiple security vulnerabilities found in Java SE and various Oracle products..

2023-4-19

High Threat Security Alert (A23-04-12): Multiple Vulnerabilities in Google Chrome

Google released a security update to address multiple vulnerabilities in Google Chrome.

2023-4-19

A 27-year-old Chinese Female Arrested for a Suspected Doxxing Offence

The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese female aged 27 in Kowloon.

2023-4-18

Phishing Attack - Fraudulent websites, internet banking login screens and phishing instant messages related to Hang Seng Bank, Limited

2023-4-17

HKIRC x SUCCESS Webinar – Webinar : “How to Protect Your Enterprise from Cyber Threats”

Organised by Hong Kong Internet Registration Corporation Limited / Support and Consultation Centre for SMEs (SUCCESS) of the Trade and Industry Department

2023-4-17

High Threat Security Alert (A23-04-11): Vulnerability in Microsoft Edge

Microsoft released a security update to address a vulnerability in Microsoft Edge.

2023-4-17

High Threat Security Alert (A23-04-10): Vulnerability in Google Chrome

Google released a security update to address a vulnerability in Google Chrome.

2023-4-15

SITI attends National Security Education Day Seminar (Chinese only) (with photo)

Please refer to the Chinese version.

2023-4-14

Phishing Attack - Fraudulent websites and phishing messages related to Alipay Financial Services (HK) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Alipay Financial Services (HK) Limited relating to fraudulent websites and phishing messages.

2023-4-14

Phishing Attack - Fraudulent websites related to China CITIC Bank International Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited relating to fraudulent websites, which have been reported to the HKMA.

2023-4-14

Phishing Attack - Phishing social media advertisements and fraudulent websites related to PPS

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by EPS Company (Hong Kong) Limited on PPS-related phishing social media advertisements and fraudulent websites.

2023-4-13

Phishing Attack - Fraudulent website, internet banking login screen and phishing email related to Hang Seng Bank, Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited relating to a fraudulent website, an internet banking login screen and a phishing email, which have been reported to the HKMA.

2023-4-12

Security Alert (A23-04-09): Multiple Vulnerabilities in Adobe Reader/Acrobat

Security updates are released for Adobe Reader and Acrobat to address multiple vulnerabilities.

2023-4-12

Phishing Attack - Inland Revenue Department alerts public to fraudulent emails

The Inland Revenue Department today (April 12) alerted members of the public to fraudulent emails purportedly issued by the department, which invite recipients to claim tax refunds.

2023-4-12

Security Alert (A23-04-08): Multiple Vulnerabilities in Firefox

Mozilla has published the advisories (MFSA2023-13 and MFSA2023-14) to address multiple vulnerabilities in Firefox browser.

2023-4-12

Security Alert (A23-04-07): Multiple Vulnerabilities in Fortinet Products

Fortinet released security advisories to address multiple vulnerabilities in Fortinet products.

2023-4-12

High Threat Security Alert (A23-04-06): Multiple Vulnerabilities in Microsoft Products (April 2023)

Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.

2023-4-11

Security Alert (A23-04-05): Multiple Vulnerabilities in Microsoft Edge

Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

2023-4-11

High Threat Security Alert (A23-04-04): Multiple Vulnerabilities in Apple iOS and iPadOS

Apple has released iOS 15.7.5, iOS 16.4.1, iPadOS 15.7.5 and iPadOS 16.4.1 to fix the vulnerabilities in various Apple devices.

2023-4-6

Security Alert (A23-04-03): Multiple Vulnerabilities in Android

Google has released Android Security Bulletin April 2023 to fix multiple security vulnerabilities in Android operating system.

2023-4-6

Security Alert (A23-04-02): Multiple Vulnerabilities in Google Chrome

Google released a security update to address multiple vulnerabilities in Google Chrome.

2023-4-6

Security Alert (A23-04-01): Multiple Vulnerabilities in Cisco Products

Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

2023-4-3

Phishing Attack - Fraudulent website and phishing email related to Dah Sing Bank, Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Dah Sing Bank, Limited relating to a fraudulent website and phishing email, which have been reported to the HKMA.

2023-4-3

Phishing Attack - Fraudulent websites related to China CITIC Bank International Limited

2023-4-3

Phishing Attack - Fraudulent website related to Fubon Bank (Hong Kong) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Fubon Bank (Hong Kong) Limited relating to a fraudulent website, which has been reported to the HKMA.

2023-3-30

CSA HKM Knowledge Sharing Event – March 2023

Organised by Cloud Security Alliance Hong Kong & Macau Chapter

2023-3-30

Phishing Attack - Fraudulent website and phishing instant message related to Industrial and Commercial Bank of China (Asia) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Industrial and Commercial Bank of China (Asia) Limited relating to a fraudulent website and phishing instant message, which have been reported to the HKMA.

2023-3-30

Phishing Attack - Fraudulent websites related to Chong Hing Bank Limited

2023-3-30

Security Alert (A23-03-18): Multiple Vulnerabilities in QNAP Products

QNAP has published security advisories to address multiple vulnerabilities in QNAP products..

2023-3-30

Reaching Out to Social Welfare Sector - PCPD Officer speaks at the Information Technology Security Seminar

Mr Tamson TAM, Personal Data Officer (Information Technology) of the Office of the Privacy Commissioner for Personal Data (PCPD), spoke at the Information Technology Security Seminar organised by the Information Technology Resource Centre of the Hong Kong Council of Social Service on 28 March, during which he gave an overview of the “Guidance Note on Data Security Measures for Information and Communications Technology” issued by the PCPD to the participants.

2023-3-29

Phishing Attack - Fraudulent website related to Chong Hing Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to a fraudulent website, which has been reported to the HKMA.

2023-3-28

High Threat Security Alert (A23-03-17): Multiple Vulnerabilities in Apple iOS and iPadOS

Apple has released iOS 15.7.4, iOS 16.4, iPadOS 15.7.4 and iPadOS 16.4 to fix the vulnerabilities in various Apple devices.

2023-3-27

Do you know what is Identity/Credential Theft?

Cyber theft of identity and credentials is not a new phenomenon. However, the COVID-19 pandemic has accelerated people’s growing reliance on online services for work and personal tasks, creating more opportunities for cyber criminals to steal our personal information for their own gains.

2023-3-27

Security Alert (A23-03-16): Vulnerability in Microsoft Windows Snipping Tools

Microsoft has released an out-of-band security update to address the vulnerability in Microsoft Windows Snipping Tools.

2023-3-27

Phishing Attack - Unauthorised instant messages related to Union Bancaire Privée, UBP SA

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Union Bancaire Privée, UBP SA relating to unauthorised instant messages, which have been reported to the HKMA.

2023-3-27

Security Alert (A23-03-15): Vulnerability in OpenSSL

OpenSSL has released 1.1.1u, 3.0.9 and 3.1.1 to fix the vulnerability in various versions of OpenSSL.

2023-3-27

Security Alert (A23-03-14): Multiple Vulnerabilities in Microsoft Edge

Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

2023-3-27

Phishing Attack - Fraudulent website and instant message related to The Bank of East Asia, Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent website and instant message, which have been reported to the HKMA.

2023-3-24

A 31-year-old Chinese Male Arrested for a Suspected Doxxing Offence

The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 31 in Kowloon.

2023-3-23

Security Alert (A23-03-13): Vulnerability in Apache Tomcat

The Apache Software Foundation released a security update to address a vulnerability in the Apache Tomcat.

2023-3-23

Security Alert (A23-03-12): Multiple Vulnerabilities in Cisco Products

Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

2023-3-22

Security Alert (A23-03-11): Multiple Vulnerabilities in Google Chrome

Google released a security update to address multiple vulnerabilities in Google Chrome.

2023-3-22

Police and OGCIO jointly host Inter-departmental Cyber Security Drill to enhance Government's cyber defence capability (with photos)

The Cyber Security and Technology Crime Bureau (CSTCB) of the Hong Kong Police Force and the Government Computer Emergency Response Team Hong Kong under the Office of the Government Chief Information Officer (OGCIO) co-organised the 7th Inter-departmental Cyber Security Drill today (March 22).

2023-3-21

Phishing Attack - Privacy Commissioner’s Office Urges the Public to Guard against Phishing Websites and Fraudulent SMS Messages

As the society resumes normalcy, many citizens have begun to travel abroad. The Office of the Privacy Commissioner for Personal Data (PCPD) noted recent reports on a phishing website which claimed to provide submission service of electronic entry permit applications to a foreign government, with a view to swindling personal data, including credit card information, and money out of citizens in the process of declaring health conditions.

2023-3-20

Transport Department alerts public to fraudulent SMS message

The Transport Department (TD) today (March 20) alerted members of the public to fraudulent SMS message purportedly issued by HKeToll.

2023-3-16

Phishing Attack - Fraudulent website and mobile application related to Chong Hing Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent website and mobile application (App), which have been reported to the HKMA.

2023-3-16

Security Alert (A23-03-10): Multiple Vulnerabilities in Drupal

Drupal has released security advisories to address multiple vulnerabilities in the Drupal products..

2023-3-15

Phishing Attack - WSD urges public to be alert to fraudulent SMS message

The Water Supplies Department (WSD) today (March 15) alerted the public to a fraudulent SMS message purportedly issued by the department.

2023-3-15

Phishing Attack - Judiciary alerts public to phishing email

The Judiciary today (March 15) called on the public to stay vigilant to a phishing email sent from the email account "Mr Justice Anthony Chan < crystalstiefel21@gmail[DOT]com >". The email falsely claims that it was issued by a judge of the High Court.

2023-3-15

Phishing Attack - Fraudulent website related to Chong Hing Bank Limited

2023-3-15

LCQ14: Combating deception offences

Following is a question by the Hon Martin Liao and a written reply by the Acting Secretary for Security, Mr Michael Cheuk, in the Legislative Council today (March 15):

2023-3-15

Phishing Attack - Bogus SMS purportedly from HKMA

The Hong Kong Monetary Authority (HKMA) received public enquiries about SMS purportedly from HKMA staff to follow up on matters relating to bank accounts and fund transfers.

2023-3-15

Security Alert (A23-03-09): Multiple Vulnerabilities in Firefox

Mozilla has published the advisories (MFSA2023-09 and MFSA2023-10) to address multiple vulnerabilities in Firefox browser..

2023-3-15

High Threat Security Alert (A23-03-08): Multiple Vulnerabilities in Microsoft Products (March 2023)

Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.

2023-3-14

Security Alert (A23-03-07): Multiple Vulnerabilities in Microsoft Edge

Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

2023-3-9

Security Alert (A23-03-06): Multiple Vulnerabilities in Cisco IOS XR Software

Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

2023-3-9

Phishing Attack - Fraudulent website related to OCBC Wing Hang Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by OCBC Wing Hang Bank Limited relating to a fraudulent website, which has been reported to the HKMA.

2023-3-9

Two Men Arrested for Suspected Doxxing Relating to Rental Disputes

The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested two men on Hong Kong Island.

2023-3-8

Phishing Attack - Fraudulent websites related to DBS Bank (Hong Kong) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to fraudulent websites, which have been reported to the HKMA.

2023-3-8

Security Alert (A23-03-05): Multiple Vulnerabilities in Android

Google has released Android Security Bulletin March 2023 to fix multiple security vulnerabilities in Android operating system.

2023-3-8

Security Alert (A23-03-04): Multiple Vulnerabilities in Apache HTTP Server

The Apache Software Foundation released a security update to address multiple vulnerabilities in the HTTP Server and its modules.

2023-3-8

Security Alert (A23-03-03): Multiple Vulnerabilities in Google Chrome

Google released a security update to address multiple vulnerabilities in Google Chrome.

2023-3-8

Security Alert (A23-03-02): Multiple Vulnerabilities in Fortinet Products

Fortinet released security advisories to address multiple vulnerabilities in Fortinet products.

2023-3-8

Second Sentencing for the New Doxxing Offence

The Shatin Magistrates’ Court earlier convicted a 36-year old female, Ms SHAM Chun-kiu (defendant), of 14 charges of the new doxxing offence upon her guilty plea.

2023-3-7

Phishing Attack - Inland Revenue Department alerts public to fraudulent emails

The Inland Revenue Department today (March 7) alerted members of the public to fraudulent emails purportedly issued by the department, which invite recipients to claim tax refunds.

2023-3-6

Security Alert (A23-03-01): Multiple Vulnerabilities in SonicWall Products

SonicWall has released security advisories to address multiple vulnerabilities in SonicOS which is the operating system for SonicWall firewalls.

2023-3-6

InfoSec Tours - Safe Social Networking (Chinese version only)

Please refer to the Chinese version.

2023-3-6

InfoSec Tours - Safe Online Shopping (Chinese version only)

Please refer to the Chinese version.

2023-3-2

CSA HKM Knowledge Sharing Event – March 2023

Organised by Cloud Security Alliance Hong Kong & Macau Chapter

2023-3-2

High Threat Security Alert (A23-02-23): Multiple Vulnerabilities in Cisco Products

Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

2023-3-2

Phishing Attack - Suspicious websites related to Chong Hing Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to suspicious websites, which have been reported to the HKMA.

2023-2-28

HKCERT Security Tips: Beware of Fake ChatGPT Apps and Phishing Websites

The artificial intelligence chatbot, ChatGPT, which gained 100 million users worldwide within just two months of its launch in November 2022, has recently introduced a paid subscription service called ChatGPT Plus.

2023-2-27

Security Alert (A23-02-22): Multiple Vulnerabilities in Microsoft Edge

Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

2023-2-27

Phishing Attack - Fraudulent email related to Citibank (Hong Kong) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Citibank (Hong Kong) Limited relating to a fraudulent email, which has been reported to the HKMA.

2023-2-26

First Hong Kong Cybersecurity Skills Competition

Organised by Hong Kong College of Technology / Hong Kong Computer Society

2023-2-24

A 42-year-old Chinese Male Arrested for a Suspected Doxxing Offence

The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 42 in the New Territories.

2023-2-23

Security Alert (A23-02-21): Vulnerability in Apache Tomcat

The Apache Software Foundation released a security update to address a vulnerability in the Apache Tomcat.

2023-2-23

Security Alert (A23-02-20): Multiple Vulnerabilities in Google Chrome

Google released a security update to address multiple vulnerabilities in Google Chrome.

2023-2-23

Security Alert (A23-02-19): Multiple Vulnerabilities in Cisco Products

Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

2023-2-22

Security Alert (A23-02-18): Multiple Vulnerabilities in VMware Products

VMware has published security advisories to address multiple vulnerabilities in VMware products.

2023-2-22

Phishing Attack - Fraudulent website and instant message related to Union Bancaire Privée, UBP SA

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Union Bancaire Privée, UBP SA relating to a fraudulent website and instant message, which have been reported to the HKMA.

2023-2-22

Phishing Attack - Fraudulent websites related to DBS Bank (Hong Kong) Limited

2023-2-20

Verify from Various Sources to Ensure Security When Searching for Answers with AI

Recently, the artificial intelligence (AI) ChatBot, ChatGPT, has taken the Internet by storm. It is reported that the tool already has 100 million users. Most users say that compared with traditional search engines which only rely on input queries to provide websites of highly relevance, ChatGPT allows users to ask questions in the format of a person-to-person dialogue and then output responses. In addition, the generated answers are very accurate with detailed explanations, saving the time to search for information after using search engines.

2023-2-18

Cyber Defenders' Carnival

Organised by Cyberdefender

2023-2-17

Phishing Attack - Fraudulent website related to Bank of Singapore Limited

2023-2-17

High Threat Security Alert (A23-02-17): Multiple Vulnerabilities in Fortinet Products

Fortinet released security advisories to address multiple vulnerabilities in Fortinet products.

2023-2-16

Security Alert (A23-02-16): Multiple Vulnerabilities in Cisco Products

Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

2023-2-16

Phishing Attack - Fraudulent website related to Hang Seng Bank, Limited

2023-2-15

Security Alert (A23-02-15): Multiple Vulnerabilities in Citrix Products

Citrix released security advisories to address multiple vulnerabilities in Citrix products.

2023-2-15

Security Alert (A23-02-14): Multiple Vulnerabilities in Firefox

Mozilla has published the advisories (MFSA2023-05 and MFSA2023-06) to address multiple vulnerabilities in Firefox browser.

2023-2-15

High Threat Security Alert (A23-02-13): Multiple Vulnerabilities in Microsoft Products (February 2023)

Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.

2023-2-14

Security Alert (A23-02-12): Vulnerability in SonicWall Email Security

SonicWall has released a security advisory to address an information disclosure vulnerability in SonicWall Email Security.

2023-2-14

High Threat Security Alert (A23-02-11): Multiple Vulnerabilities in Apple iOS and iPadOS

Apple has released iOS 16.3.1 and iPadOS 16.3.1 to fix the vulnerabilities in various Apple devices..

2022-10-4 to

2023-2-11

Cyber Attack and Defence Elite Training 2022/23 (Chinese only)

Organised by Hong Kong Police Force (HKPF)

2023-2-10

Security Alert (A23-02-10): Multiple Vulnerabilities in OpenSSL

OpenSSL has released 1.1.1t and 3.0.8 to fix the vulnerabilities in various versions of OpenSSL.

2023-2-10

Security Alert (A23-02-09): Multiple Vulnerabilities in Microsoft Edge

Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

2023-2-9

Phishing Attack - Fraudulent mobile applications related to Chong Hing Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent mobile applications (Apps), which have been reported to the HKMA.

2023-2-9

Phishing Attack - Unauthorised instant messages related to Mox Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Mox Bank Limited relating to unauthorised instant messages, which have been reported to the HKMA.

2023-2-8

Hong Kong Cyber Security Incidents on the Rise HKCERT Urges the Community to Raise Information Security Awareness

The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) of the Hong Kong Productivity Council (HKPC) held a briefing today to summarise the information security situation in Hong Kong in 2022 and release the security forecast for 2023, and invited scholars from the Hong Kong Polytechnic University (PolyU) to share the latest security risks of the Internet of Things (IoT) and Web 3.0.

2023-2-8

Phishing Attack - Hong Kong Customs clarifies no public auction ever arranged through external parties after noticing suspicious social media platform pages and websites again

Hong Kong Customs made a clarification today (February 8) that it has never arranged a public auction by means of a social media platform or a website to sell confiscated items.

2023-2-8

Security Alert (A23-02-08): Multiple Vulnerabilities in Google Chrome

Google released a security update to address multiple vulnerabilities in Google Chrome.

2023-2-7

Phishing Attack - Fraudulent website related to DBS Bank (Hong Kong) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to a fraudulent website, which has been reported to the HKMA.

2023-2-7

Security Alert (A23-02-07): Multiple Vulnerabilities in Android

Google has released Android Security Bulletin February 2023 to fix multiple security vulnerabilities in Android operating system.

2023-2-6

How to Mitigate New Cyber Security Risks Arising from the Growing Use of Technology in Industrial Operations

In recent years, more enterprises and public utilities are leveraging 5G and Internet of Things (IoT) technologies to connect their industrial operation technology (OT) systems to the information technology (IT) systems or the Internet.

2023-2-6

Phishing Attack - Suspicious websites related to Fubon Bank (Hong Kong) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Fubon Bank (Hong Kong) Limited relating to suspicious websites, which have been reported to the HKMA.

2023-2-6

Security Alert (A23-02-06): Multiple Vulnerabilities in F5 Products

F5 has published security advisories to address multiple vulnerabilities in F5 devices.

2023-2-6

Security Alert (A23-02-05): Vulnerability in VMware Workstation

VMware has published a security advisory to address a vulnerability in VMware Workstation.

2023-2-6

Security Alert (A23-02-04): Vulnerability in Microsoft Edge

Microsoft released a security update to address a vulnerability in Microsoft Edge.

2023-2-2

Security Alert (A23-02-03): Multiple Vulnerabilities in Cisco Products

Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

2023-2-2

Phishing Attack - Unauthorised mobile application related to Chong Hing Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to an unauthorised mobile application (App), which has been reported to the HKMA.

2023-2-1

Security Alert (A23-02-02): Vulnerability in QNAP Products

QNAP has published a security advisory to address a vulnerability in QNAP QTS and QNAP QuTS hero.

2023-2-1

Security Alert (A23-02-01): Vulnerability in VMware vRealize Operations

VMware has published a security advisory to address a vulnerability in VMware vRealize Operations.

2023-2-1

Conviction Secured for 36-year Old Female in a Doxxing Case Relating to Monetary Disputea

The Shatin Magistrates’ Court today (1 February 2023) convicted a 36-year old female, Ms SHAM Chun-kiu (defendant), of 14 charges of doxxing offence upon her guilty plea.

2023-2-1

A 29-year-old Chinese Male Arrested for Posting Doxxing Posters

The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 29 in Kowloon.

2023-1-31

CSA HKM Knowledge Sharing Event – January 2023

Organised by Cloud Security Alliance Hong Kong & Macau Chapter

2023-1-31

Phishing Attack - Suspicious websites related to Fubon Bank (Hong Kong) Limited

2023-1-30

Security Alert (A23-01-17): Multiple Vulnerabilities in Microsoft Edge

Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

2023-1-27

Phishing Attack - Unauthorised mobile application related to Chong Hing Bank Limited

2023-1-26

Phishing Attack - Phishing instant message related to Bank of Singapore Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited relating to a phishing instant message, which has been reported to the HKMA.

2023-1-26

Security Alert (A23-01-16): Multiple Vulnerabilities in Google Chrome

Google released a security update to address multiple vulnerabilities in Google Chrome.

2023-1-26

High Threat Security Alert (A23-01-15): Multiple Vulnerabilities in VMware vRealize Log Insight

VMware has published a security advisory to address multiple vulnerabilities in VMware products.

2023-1-26

High Threat Security Alert (A23-01-14): Multiple Vulnerabilities in Apple iOS and iPadOS

Apple has released iOS 12.5.7, iOS 15.7.3, iOS 16.3, iPadOS 15.7.3 and iPadOS 16.3 to fix the vulnerabilities in various Apple devices.

2023-1-20

Phishing Attack - Unauthorised mobile application related to Chong Hing Bank Limited

2023-1-20

Security Alert (A23-01-13): Multiple Vulnerabilities in Microsoft Edge

Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

2023-1-19

Security Alert (A23-01-12): Vulnerability in Drupal

Drupal has released a security advisory to address a vulnerability in the Drupal products.

2023-1-19

Security Alert (A23-01-11): Multiple Vulnerabilities in Cisco Products

Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

2023-1-19

Upgrade Your End-of-Support Microsoft Products as Soon as Possible

If your refrigerator supplier stops providing maintenance services, will you “ignore it” and let the refrigerator’s fresh-keeping and refrigeration functions gradually disappear to become a hotbed for gems? Likewise, the security risks you face will only increase if you stick to computer operating systems and programs that no longer receive any official patches, technical support, and security updates.

2023-1-18

Security Alert (A23-01-10): Multiple Vulnerabilities in Oracle Java and Oracle Products (January 2023)

Oracle has released the Critical Patch Update (CPU) Advisory with collections of patches for multiple security vulnerabilities found in Java SE and various Oracle products.

2023-1-18

Security Alert (A23-01-09): Multiple Vulnerabilities in Apache HTTP Server

The Apache Software Foundation released a security update to address multiple vulnerabilities in the HTTP Server and its modules.

2023-1-18

Security Alert (A23-01-08): Multiple Vulnerabilities in Firefox

Mozilla has published the advisories (MFSA2023-01 and MFSA2023-02) to address multiple vulnerabilities in Firefox browser..

2023-1-16

Phishing Attack - Fraudulent websites and phishing emails related to The Hongkong and Shanghai Banking Corporation Limited

2023-1-13

Phishing Attack - Fraudulent website related to Bank of China (Hong Kong) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to a fraudulent website, which has been reported to the HKMA.

2023-1-13

Security Alert (A23-01-07): Multiple Vulnerabilities in Microsoft Edge

Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

2023-1-12

Phishing Attack - Fraudulent mobile applications related to Chong Hing Bank Limited

2023-1-12

High Threat Security Alert (A23-01-06): Multiple Vulnerabilities in Cisco Products

Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

2023-1-11

網絡安全研討會 – 如何撰寫校本資訊保安政策 / 指引（Policy / Guideline）及可接受使用政策（AUP） (Chinese only)

Organised by Association of I.T. Leaders in Education / Information Systems Audit and Control Association

2023-1-11

Security Alert (A23-01-05): Multiple Vulnerabilities in Adobe Reader/Acrobat

Security updates are released for Adobe Reader and Acrobat to address multiple vulnerabilities.

2023-1-11

Security Alert (A23-01-04): Multiple Vulnerabilities in Google Chrome

Google released a security update to address multiple vulnerabilities in Google Chrome.

2023-1-11

High Threat Security Alert (A23-01-03): Multiple Vulnerabilities in Microsoft Products (January 2023)

Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.

2023-1-10

Phishing Attack - Fraudulent website related to DBS Bank (Hong Kong) Limited

2023-1-10

Phishing Attack - Suspicious website related to United Overseas Bank Ltd.

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by United Overseas Bank Ltd. relating to a suspicious website, which has been reported to the HKMA.

2023-1-9

Phishing Attack - Phishing emails related to Tai Sang Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Tai Sang Bank Limited relating to phishing emails, which have been reported to the HKMA.

2023-1-8

"LeaveHomeSafe" system ceased operation

The Office of the Government Chief Information Officer (OGCIO) today (January 8) announced that following the relaxation of different anti-epidemic measures, the resumption of normal travel of Hong Kong and the Mainland in a progressive, orderly and comprehensive manner, as well as the resumption of normalcy of public's daily lives, the "LeaveHomeSafe" system has ceased operation and the app will not be further updated.

2023-1-6

Police hold professional training to enhance cybersecurity of critical infrastructures

The Cyber Security and Technology Crime Bureau (CSTCB) of the Hong Kong Police Force held the "Cyber Attack and Defence Elite Training (CADET) 2022/23 – Professional Series" training course at the business solution hub DIGIBox of 3 Hong Kong today (January 6), kicking off the "All-round CyberDefence" campaign held between January and March this year.

2023-1-6

Phishing Attack - Unauthorised mobile application related to Chong Hing Bank Limited

2023-1-4

Security Alert (A23-01-02): Multiple Vulnerabilities in Fortinet Products

Fortinet released security advisories to address multiple vulnerabilities in Fortinet products.

2023-1-4

Security Alert (A23-01-01): Multiple Vulnerabilities in Android

Google has released Android Security Bulletin January 2023 to fix multiple security vulnerabilities in Android operating system.

2023-1-3

Phishing Attack - Fraudulent website and phishing email related to The Hongkong and Shanghai Banking Corporation Limited

2023-1-2

"LeaveHomeSafe" hotline and mobile support stations to cease operation

The Office of the Government Chief Information Officer (OGCIO) today (January 2) announced that following the relaxation of different anti-epidemic measures, the "LeaveHomeSafe" telephone hotline (2626 3066) and the mobile support stations at 25 MTR stations for supporting the vaccine pass measure will cease operation from January 8 onwards.