Accessibility Links

Infosec
English 繁體版 简体版

Navigation Menu 1

General UsersYoungsters & StudentsParents and TeachersIT ProfessionalsSME
FAQ Search :
Change text size: Text Size: Default Size (A) Text Size: Larger (A) Text Size: Largest (A)
general user youngsters and students parents and teachers IT professionals sme

Navigation Menu 2

 

  

 
 

News and Newsletters

 
Date News Title Description
Apr 2020
2-Apr-2020 Recent Phishing Attack – Fraudulent website related to Hang Seng Bank, Limited The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited on fraudulent website, which has been reported to the HKMA.
2-Apr-2020 HKCERT - Security Blog: HKCERT proposes 10 measures to secure Zoom Meetings HKCERT advises the public to take the following security measures if applicable to protect the meeting in Zoom...
1-Apr-2020 PCPD – Zoom Data Security Incident The Privacy Commissioner for Personal Data, Hong Kong, Mr Stephen Kai-yi WONG noted that overseas users of Zoom, including governments, have been warned about the risks of the use of the app.
1-Apr-2020 Recent Phishing Attack – Fraudulent websites related to The Hongkong and Shanghai Banking Corporation Limited The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited on fraudulent websites, which has been reported to the HKMA.
Mar 2020
31-Mar-2020 HKCERT - Security Blog: HKCERT Releases New Study to Raise Security Awareness of Wi-Fi Devices The applications of the Internet of Things (IoT) are becoming more diverse with the rapid development of wireless technology...
31-Mar-2020 Recent Phishing Attack – Fraudulent website related to China CITIC Bank International Limited The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited on fraudulent website, which has been reported to the HKMA.
30-Mar-2020 GovCERT.HK - Weekly IT Security News Bulletin (23 March 2020 – 29 March 2020) - Proliferation of hacking tools against industrial control systems
- Mobile malware targeting Hong Kong iOS users
30-Mar-2020 Recent Phishing Attack – Phishing email related to The Hongkong and Shanghai Banking Corporation Limited The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited on phishing email, which has been reported to the HKMA.
27-Mar-2020 OGCIO clarifies online rumours In response to online rumours about potential security risk in the StayHomeSafe system, a spokesman for the Office of the Government Chief Information Officer made the following clarification today (March 27)…
27-Mar-2020 GovCERT.HK - High Threat Security Alert (A20-03-09): Multiple Vulnerabilities in Red Hat JBoss Red Hat has released new versions of JBoss Enterprise Application Platform to address multiple vulnerabilities in the Apache JServ Protocol (AJP), Apache Thrift and OpenSSL security provider.
25-Mar-2020 GovCERT.HK - Security Alert (A20-03-08): Multiple Vulnerabilities in Apple iOS and iPadOS Apple has released iOS 13.4 and iPadOS 13.4 to fix multiple security vulnerabilities in various Apple devices.
24-Mar-2020 GovCERT.HK - Security Alert (A20-03-07): Multiple Vulnerabilities in Microsoft Windows Multiple vulnerabilities have been found in the Microsoft Windows Adobe Type Manager library.
24-Mar-2020 Recent Phishing Attack – Phishing email related to Bank of China (Hong Kong) Limited The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited on phishing email, which has been reported to the HKMA.
23-Mar-2020 GovCERT.HK - Weekly IT Security News Bulletin (16 March 2020 – 22 March 2020) - Ransomware deployment trends
- Mind the risks of virtual meetings
19-Mar-2020 GovCERT.HK - Security Alert (A20-03-06): Vulnerability in Drupal Drupal has released a security update to fix the vulnerability in the third-party CKEditor library.
19-Mar-2020 Recent Phishing Attack – Phishing email related to Bank of China (Hong Kong) Limited The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited on phishing email, which has been reported to the HKMA.
18-Mar-2020 GovCERT.HK - Security Alert (A20-03-05): Multiple Vulnerabilities in Adobe Reader/Acrobat Security updates are released for Adobe Reader and Acrobat to address multiple vulnerabilities.
17-Mar-2020 GovCERT.HK - Security Alert (A20-03-04): Multiple Vulnerabilities in VMware Products VMware has published a security advisory to address use-after-free vulnerability in vmnetdhcp, improper file permissions in Cortado Thinprint, and improper protection for the configuration files of the VMware USB arbitration service.
15-Mar-2020 GovCERT.HK - Weekly IT Security News Bulletin (9 March 2020 – 15 March 2020) - Time to deploy multi-factor authentication
- Conficker revives on Internet of Things
13-Mar-2020 Recent Phishing Attack – Phishing emails related to The Hongkong and Shanghai Banking Corporation Limited The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited on phishing emails, which has been reported to the HKMA
12-Mar-2020 Recent Phishing Attack – Fraudulent website related to OCBC Wing Hang Bank Limited The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by OCBC Wing Hang Bank Limited on fraudulent website, which has been reported to the HKMA.
11-Mar-2020 GovCERT.HK - Security Alert (A20-03-03): Multiple Vulnerabilities in Firefox Mozilla has published two security advisories to address multiple browser vulnerabilities.
11-Mar-2020 GovCERT.HK - High Threat Security Alert (A20-03-02): Multiple Vulnerabilities in Microsoft Products (March 2020) Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components. Reports indicate that active exploitation against the vulnerability in Microsoft Exchange Server for remote code execution have been observed. Microsoft also identified a new vulnerability in its Server Message Block 3.1.1 (SMBv3) protocol.
9-Mar-2020 GovCERT.HK - Weekly IT Security News Bulletin (2 March 2020 – 8 March 2020) - SurfingAttack: exploitation of mobile phones by ultrasound across tables
- Robot vacuum cleaners may leave consumers' privacy at risk
6-Mar-2020 GovCERT.HK - Security Alert (A20-03-01): Vulnerability in Point-to-Point Protocol Daemon (pppd) A vulnerability was found in Extensible Authentication Protocol (EAP) packet processing in eap_request and eap_response of the pppd (Point-to-Point Protocol Daemon).
6-Mar-2020 Recent Phishing Attack – Fraudulent website related to Bank of China (Hong Kong) Limited The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited on fraudulent website, which has been reported to the HKMA.
5-Mar-2020 HKCERT – Security Blog: HKCERT Releases New Study to Raise Security Awareness of Bluetooth Low Energy Devices Among various wireless technologies, Bluetooth Low Energy (BLE) has become one of the most widely used wireless technology for IoT devices due to its low power consumption, low cost and feasibility on applications.
4-Mar-2020 Recent Phishing Attack – Suspected fraudulent website The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public in Hong Kong to a suspected fraudulent website with the domain name https://ofchk[dot]com/index-en[dot]htm.
2-Mar-2020 GovCERT.HK - Weekly IT Security News Bulletin (24 February 2020 – 1 March 2020) - Be ready for handling a data breach
- Recommended use of longer passwords
Feb 2020
28-Feb-2020 HKCERT – Security Blog: HKCERT Released Guideline for Upgrading TLS to Secure Versions In March of 2020, insecure versions of the protocol TLS 1.0 and TLS 1.1 will approach end-of-support. For the sake of security, IT infrastructure supported by TLS needs to be upgraded to the secure versions of TLS 1.2 and TLS 1.3…
28-Feb-2020 HKCERT – Security Blog: Beware of Juice Jacking when Charging Mobile Phones at Public Charging Stations Known as “juice jacking”, hackers would load malwares on charging stations or cables they leave plugged in at the stations through special USB devices so they could infect the phones of unsuspecting users…
28-Feb-2020 Recent Phishing Attack – Suspected fraudulent website The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public in Hong Kong to a suspected fraudulent website with the domain name http://hk[dot]alisteronlines[dot]com/.
27-Feb-2020 Recent Phishing Attack – Public urged to stay alert to emails purported to be issued by CE's Office A spokesman for the Chief Executive's Office today (February 27) appealed to members of the public to stay alert to fraudulent emails purported to be issued by the Chief Executive's Office.
27-Feb-2020 GovCERT.HK - Security Alert (A20-02-08): Vulnerability in Broadcom and Cypress Wireless Chipset ESET has published a security report revealing technical details about a vulnerability in FullMAC wireless chipset manufactured by Broadcom and Cypress.
27-Feb-2020 GovCERT.HK - High Threat Security Alert (A20-02-07): Multiple Vulnerabilities in Google Chrome Google released a security update to address multiple vulnerabilities in ICU, streams and V8 of the Google Chrome.
26-Feb-2020 PCPD – The Use of Information on Social Media for Tracking Potential Carriers of COVID-19 In response to media enquiry about the use of information on social media for tracking potential carriers of COVID-19, the office of the Privacy Commissioner for Personal Data (PCPD) makes the following response...
25-Feb-2020 HKCERT – Security Blog: Beware of "Are you available?" phishing scam email HKCERT has recently noticed that some students from local universities have received a phishing scam email with the subject "Are you available?".
25-Feb-2020 Recent Phishing Attack – Suspicious mobile application related to Bank of Singapore Limited The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited on suspicious mobile application (App), which has been reported to the HKMA.
25-Feb-2020 Recent Phishing Attack – Fraudulent website related to Tai Yau Bank, Limited The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Tai Yau Bank, Limited on fraudulent website, which has been reported to the HKMA.
24-Feb-2020 GovCERT.HK - Weekly IT Security News Bulletin (17 February 2020 – 23 February 2020)

- Firmware security for peripheral devices
- Credential stuffing attacks on application programming interfaces (APIs)

24-Feb-2020 GovCERT.HK - High Threat Security Alert (A20-02-06): Vulnerability in Apache Tomcat Apache Software Foundation has released new versions of Apache Tomcat 7, 8.5 and 9 to address a vulnerability in the Apache JServ Protocol (AJP).
21-Feb-2020 Recent Phishing Attack - Hospital Authority appeals to stay alert against fraudulent emails The Hospital Authority (HA) today (February 21) appeals to members of the public to stay alert against fraudulent act to collect information and request for quotations on behalf of HA.
20-Feb-2020 HKCERT – Security Blog: Six Security Tips for Home Office To address the issue, Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) has summarized some security tips for companies and those employees working at home to refer to and implement...
20-Feb-2020 HKCERT – Security Blog: Assessing the Security of Remote Access Services Guideline This guideline aims to give companies some useful tips in identifying a remote access service sufficient enough to fulfil both their operating and security needs.
19-Feb-2020 Recent Phishing Attack – Fraudulent websites related to Bank of China (Hong Kong) Limited The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited on fraudulent websites, which has been reported to the HKMA.
19-Feb-2020 Recent Phishing Attack – Phishing email related to ZA Bank Limited The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by ZA Bank Limited on phishing email, which has been reported to the HKMA.
17-Feb-2020 GovCERT.HK - Weekly IT Security News Bulletin (10 February 2020 – 16 February 2020) - Google Chrome stops Hyper Text Transfer Protocol (HTTP) downloads
- Potential distributed Denial-of-Service (DDoS) attacks from 12,000 servers
12-Feb-2020 GovCERT.HK - Security Alert (A20-02-05): Multiple Vulnerabilities in Firefox Mozilla has published two security advisories (MFSA 2020-05 and MFSA 2020-06) to address multiple browser vulnerabilities.
12-Feb-2020 GovCERT.HK - Security Alert (A20-02-04): Multiple Vulnerabilities in Adobe Flash Player and Adobe Reader/Acrobat Security updates are released for Adobe Flash Player and Adobe Reader/Acrobat to address multiple vulnerabilities.
12-Feb-2020 GovCERT.HK - High Threat Security Alert (A20-02-03): Multiple Vulnerabilities in Microsoft Products (February 2020) Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
12-Feb-2020 Recent Phishing Attack – Phishing email related to The Hongkong and Shanghai Banking Corporation Limited The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited on phishing email, which has been reported to the HKMA.
11-Feb-2020 GovCERT.HK - Security Alert (A20-02-02): Vulnerability in Android A vulnerability called BlueFrag was found in some Android systems.
11-Feb-2020 GovCERT.HK - Security Alert (A20-02-01): Multiple Vulnerabilities in Cisco Products Cisco released security advisories to address the vulnerabilities in the Cisco Discovery Protocol implementation of several Cisco products.
10-Feb-2020 GovCERT.HK - Weekly IT Security News Bulletin (3 February 2020 – 9 February 2020) - Know what Internet of Things (IoT) devices are connected to your network
- Mitigating cloud vulnerabilities
6-Feb-2020 Recent Phishing Attack – Phishing email related to The Hongkong and Shanghai Banking Corporation Limited The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited on phishing email, which has been reported to the HKMA.
4-Feb-2020 HKCERT – Security Blog: Watch out for Phishing Attacks Using False Information on Infectious Disease When many countries are doing their best to combat the novel coronavirus, cyber security researchers have found that hacker groups have been preying on the fears of human to launch a new round of malicious spam (malspam) attacks to spread the Emotet trojan.
4-Feb-2020 Recent Phishing Attack – Suspicious mobile application related to Bank of Singapore Limited The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited on suspicious application (App), which has been reported to the HKMA.
3-Feb-2020 GovCERT.HK - Weekly IT Security News Bulletin (27 January 2020 – 2 February 2020) - Strong data privacy practices make profit
- Implementation faults lead to vulnerable LoRaWAN networks
Jan 2020
31-Jan-2020 HKCERT – Security Blog: Hong Kong Security Watch Report (Q4 2019) HKCERT is pleased to bring to you the "Hong Kong Security Watch Report" for the fourth quarter of 2019.
31-Jan-2020 Recent Phishing Attack – Alert on Fraudulent Website Hong Kong Interbank Clearing Limited (HKICL) would like to alert members of the public of a fraudulent website impersonating HKICL’s official website:interbanksettlementshk[dot]com
29-Jan-2020 GovCERT.HK - Security Alert (A20-01-06): Multiple Vulnerabilities in Apple iOS and iPadOS Microsoft has published a security advisory (ADV200001) to mitigate a remote code execution vulnerability in the JScript.dll of the Microsoft Internet Explorer.
29-Jan-2020 GovCERT.HK - Weekly IT Security News Bulletin (20 January 2020 – 26 January 2020) - FTCODE Ransomware upgraded to steal credentials
- Underground markets selling access to managed service providers
20-Jan-2020 GovCERT.HK - High Threat Security Alert (A20-01-05): Vulnerability in Microsoft Internet Explorer Microsoft has published a security advisory (ADV200001) to mitigate a remote code execution vulnerability in the JScript.dll of the Microsoft Internet Explorer.
20-Jan-2020 GovCERT.HK - Weekly IT Security News Bulletin (13 January 2020 – 19 January 2020) - Mind juice jacking on your mobile devices
- Top 10 API security risks
17-Jan-2020 HKCERT – Security Blog: Patch three critical Windows vulnerabilities immediately to prevent potential cyber attack Microsoft recently released its monthly Patch Tuesday for January 2020. There are three critical vulnerabilities in two of its application components which demand attention and immediate action…
17-Jan-2020 HKCERT – Security Blog: Critical Citrix Application Delivery Controller Vulnerability Alert Multinational software and clouding computing company Citrix recently disclosed a vulnerability (CVE-2019-19781) in its application delivery controller (ADC) products.
16-Jan-2020 HKPC Urges for Greater Vigilance Against New Technologies-related Cyber Attacks (Hong Kong, 16 January 2020) The Hong Kong Productivity Council (HKPC) today urged enterprises and the public to keep up their vigilance against an anticipated surge in cyber attacks arising from the use of new technologies…
15-Jan-2020 GovCERT.HK - Security Alert (A20-01-04): Multiple Vulnerabilities in Oracle Java and Oracle Products (January 2020) Oracle has released Critical Patch Update (CPU) Advisory with collections of patches for multiple security vulnerabilities found in Java SE and various Oracle products.
15-Jan-2020 GovCERT.HK - High Threat Security Alert (A20-01-03): Multiple Vulnerabilities in Microsoft Products (January 2020) Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
14-Jan-2020 HKCERT – Security Blog: Implementing IoT Security Best Practice As focus remains on the functions and features that IoT technology brings, not many people fully understand the accompanying potential security risks.
13-Jan-2020 Administration's paper on update on information security This paper briefs Members on the latest situation of information security in Hong Kong and Government’s work in information security in the past year.
13-Jan-2020 GovCERT.HK - Weekly IT Security News Bulletin (6 January 2020 – 12 January 2020) - Cyber-attacks on smart cars
- SNAKE is the next ransomware to fight against
13-Jan-2020 GovCERT.HK - High Threat Security Alert (A20-01-02): Vulnerability in Citrix Application Delivery Controller and Citrix Gateway A vulnerability has been found in Citrix ADC and Citrix Gateway. An unauthenticated remote attacker may send a specially crafted command to an affected system to exploit the vulnerability.
8-Jan-2020 GovCERT.HK - High Threat Security Alert (A20-01-01): Multiple Vulnerabilities in Firefox Mozilla has published two security advisories (MFSA 2020-01 and MFSA 2020-02) to address multiple browser vulnerabilities. Reports indicate that active exploitation against the vulnerability has been observed.
8-Jan-2020 LCQ5: Access to communications information by law enforcement agencies Following is a question by the Hon Charles Peter Mok and a reply by the Secretary for Security, Mr John Lee, in the Legislative Council today (January 8)…
8-Jan-2020 LCQ2: Measures against doxxing Following is a question by the Hon Alice Mak and a reply by the Secretary for Constitutional and Mainland Affairs, Mr Patrick Nip, in the Legislative Council today (January 8)…
7-Jan-2020 Recent Phishing Attack - Fraudulent website related to Bank of Singapore Limited The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited on fraudulent website, which has been reported to the HKMA.
6-Jan-2020 GovCERT.HK - Weekly IT Security News Bulletin (30 December – 5 January 2020) - Official email server compromised for phishing attacks
- Exposure of an API key
6-Jan-2020 Recent Phishing Attack - Fraudulent website related to Shanghai Commercial Bank Limited The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited on fraudulent website, which has been reported to the HKMA.

News Archive
 
 
     
Back Top
 

Footer Menu

Sitemap | Contact Us | Privacy Policy | Important Notices
 
General Users Youngsters & Students Parents & Teachers IT Professionals SME