Hong Kong Computer Emergency Response Team Coordination Center

HKCERT Capture the Flag Challenge 2024



Visit the CTF 2024 website and join now !

HKCERT Releases Annual Information Security Outlook and Forecast Next Level Phishing Attacks Difficult to Distinguish Hackers Exploit AI for Crimes Could Become a New Normal

HKCERT Releases Annual Information Security Outlook and Forecast Next Level Phishing Attacks Difficult to Distinguish Hackers Exploit AI for Crimes Could Become a New Normal

The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) held a briefing, and summarised the information security situation in Hong Kong in 2023 as well as released a security outlook for 2024. Emerging technologies, such as artificial intelligence (AI), can bring additional benefits to businesses. However, with the development of these technologies, cyber attacks come one after another, and cyber threats become more complicated. Organisations and citizens must not underestimate them. It is important for organisations and citizens to have a better understanding of cyber security and to enhance their ability to respond to cyber security risks.

Learn more

HKCERT Releases Annual Information Security Outlook and Forecast Next Level Phishing Attacks Difficult to Distinguish Hackers Exploit AI for Crimes Could Become a New Normal
Protect your Personal Digital Keys, Beware of Fraudulent Links!

Protect your Personal Digital Keys, Beware of Fraudulent Links!

Internet banking login ID and passwords are as important as the keys to your house. Don’t give them to others recklessly!

Learn more

Protect your Personal Digital Keys, Beware of Fraudulent Links!
Download Incident Response Guideline for SMEs for Cyber Security Incidents

Download "Incident Response Guideline for SMEs" for Cyber Security Incidents

Cyber attacks evolve rapidly as the costs and efforts required for hackers to launch attacks are decreasing due to the development of automation and computing powers. This leads to increased cyber attacks targeting different organisations (including public or private, multinational or local organisations). As most small and medium enterprises (SMEs) lack the resources to build a wider scope of cyber defence to prevent or block cyber attacks, this makes them an easy target.
To address the above-mentioned issues, HKCERT has developed the “Incident Response Guideline for SMEs” to help SMEs and other organisations

Learn more

Download Incident Response Guideline for SMEs for Cyber Security Incidents
“Fight Ransomware” Webpage

Introducing the New “Fight Ransomware” Webpage

To keep pace with the changes in ransomware attacks, HKCERT recently consolidated the ransomware attack techniques, prevention and handling procedures to create a new dedicated “Fight Ransomware ” webpage.

Learn more

“Fight Ransomware” Webpage
Check your cyber security readiness

Introducing "Check your Cyber Security Readiness" Online Assessment Tool

• Improved user experience
• Enhanced usability
• Better reporting

Learn more

Check your cyber security readiness
All 4 episodes of the 【Hack me if you can】animation series are now available

All 4 episodes of the 【Hack me if you can】animation series are now available

Focusing on hacker Ah Keung’s repeated attempts to hack into SME owner Ah Chun’s systems, and how Chun’s friend, Chi On, helps repel the attacks, the stories are light-hearted and down-to-earth.

Learn more

All 4 episodes of the 【Hack me if you can】animation series are now available
Hong Kong Computer Emergency Response Team Coordination Centre

Centre for coordination of computer security incident response for local enterprises and Internet Users


Facilitate information disseminating, provide advices on preventive measures against security threats and to promote information security awareness

Learn more

What Are You Looking for

Top Search:
Incident Response
Capture the Flag
Phishing
QR code
Ransomware

Highlights

Newsletter

HKCERT Security Newsletter (November 2024 Issue)

Published on 1 Nov 2024

Security Watch Report

Hong Kong Security Watch Report (Q3 2024)

Published on 29 Oct 2024

Security Blog

Massive "911 S5" Botnet Affecting Nearly 19 Million IP Addresses Worldwide was Dismantled

Published on 28 Oct 2024

Security BulletinRISK: Extremely High Risk

Cisco Products Multiple Vulnerabilities

Published on 25 Oct 2024

Extremely High Risk
Security BulletinRISK: Extremely High Risk

Fortinet FortiManager Remote Code Execution Vulnerability

Published on 24 Oct 2024

Extremely High Risk

Our Core Services

Security Alert Monitoring and Early Warning

Monitor security vulnerability and development of viruses & worms. When necessary, we issue alerts to warn the public to mitigate the impact of these threats.

Learn More

Incident Report and Response

Provide free 24-hour hotline services for incident reporting and give advice on incident response and recovery. All the reported incidents will be kept confidential. For cross-border incidents, we can seek assistance from overseas CERT teams.

Learn More

Publication of Security Guidelines and Information

Publish security alerts, security guidelines, infosec express and news on our web site. We also publish monthly security newsletter to subscribers. The information is provided in both English and Chinese

Learn More

Promotion of Information Security Awareness

Organize free seminars and briefings to promote information security awareness among the general public.

Learn More

Security Bulletins

6 Nov 2024

Google Chrome Multiple Vulnerabilities

Multiple vulnerabilities were identified in Google Chrome. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition and remote code execution on the targeted system.

RISK: Medium Risk

Medium Risk

6 Nov 2024

RedHat Linux Kernel Multiple Vulnerabilities

Multiple vulnerabilities were identified in RedHat Linux Kernel. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, sensitive information disclosure, denial of service condition and elevation of privilege on the targeted system.  

RISK: Medium Risk

Medium Risk

5 Nov 2024

Android Multiple Vulnerabilities

Multiple vulnerabilities were identified in Android. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information disclosure, denial of service condition, elevation of privilege and remote code execution on the targeted system.   Note: There are indications that CVE-2024-...

RISK: Medium Risk

Medium Risk

5 Nov 2024

Samsung Products Multiple Vulnerabilities

Multiple vulnerabilities were identified in Samsung Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege and sensitive information disclosure on the targeted system.   Note: There are indications that CVE-2024-43093 may be...

RISK: Medium Risk

Medium Risk

4 Nov 2024

Ubuntu Linux Kernel Multiple Vulnerabilities

Multiple vulnerabilities were identified in Ubuntu Linux Kernel. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition on the targeted system.   [Updated on 2024-11-05] Updated Solutions and Related Links.  

RISK: Medium Risk

Medium Risk

1 Nov 2024

SUSE Linux Kernel Multiple Vulnerabilities

Multiple vulnerabilities were identified in SUSE Linux Kernel. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, sensitive information disclosure, remote code execution and security restriction bypass on the targeted system.   [Updated on 2024-11-05] Updated...

RISK: Medium Risk

Medium Risk

4 Nov 2024

Splunk Products Multiple Vulnerabilities

Multiple vulnerabilities were identified in Splunk products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution, security restriction bypass and sensitive information disclosure on the targeted system.

RISK: Medium Risk

Medium Risk

4 Nov 2024

Synology Products Remote Code Execution Vulnerability

A vulnerability was identified in Synology products. A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.

RISK: Medium Risk

Medium Risk

1 Nov 2024

Microsoft Edge Multiple Vulnerabilities

Multiple vulnerabilities were identified in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities to trigger data manipulation, denial of service condition and remote code execution on the targeted system.

RISK: Medium Risk

Medium Risk

31 Oct 2024

QNAP NAS Remote Code Execution Vulnerability

A vulnerability was identified in QNAP NAS. A remote attacker can exploit this vulnerability to trigger remote code execution on the targeted system.

RISK: Medium Risk

Medium Risk

Featured Security Blog

Massive "911 S5" Botnet Affecting Nearly 19 Million IP Addresses Worldwide was Dismantled28 Oct 2024

Incident Response Guideline for SMEs

Ransomware Trends Q2 2023: Surge in Attacks Across Asia-Pacific, Persistent Multiple Extortion, and Evolving Threat Landscape

Adopt Good Cyber Security Practices to Make AI Your Friends not Foes

Events / Trainings

FEATURED

HKCERT Capture the Flag Challenge 2024

13 Sep 2024 - 10 Nov 2024

Learn More

13 Sep 2024

HKCERT Capture the Flag Challenge 2024

Statistics

The figure for each type of cyber attack is aggregated by the security incident reported to us. This dataset starts from Jan 2018 to current month. To learn more, please click here.

26550

+

Botnet

24841

+

Phishing

5691

+

Malware

223

+

Web Defacement/Intrusion

122

+

Distributed Denial-of-service

4348

+

Others

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY