Hong Kong Computer Emergency Response Team Coordination Center

Hong Kong Cyber Security New Generation Capture the Flag Challenge 2021

Register Now

Fabulous prizes for winners
in 3 groups. Join now to test
your cyber security skill !

Learn more

Check your cyber security readiness

Introducing "Check your Cyber Security Readiness" Online Assessment Tool

• Improved user experience
• Enhanced usability
• Better reporting

Learn more

Check your cyber security readiness
All 4 episodes of the 【Hack me if you can】animation series are now available

All 4 episodes of the 【Hack me if you can】animation series are now available

Focusing on hacker Ah Keung’s repeated attempts to hack into SME owner Ah Chun’s systems, and how Chun’s friend, Chi On, helps repel the attacks, the stories are light-hearted and down-to-earth.

Learn more

All 4 episodes of the 【Hack me if you can】animation series are now available
HKPC Urges Enterprises for Cyber Security Strategy for the New Normal and New Technologies

HKPC Urges Enterprises for Cyber Security Strategy for the New Normal and New Technologies

The Hong Kong Productivity Council (HKPC) today urged enterprises to quickly put in place cyber security strategy for the new normal and new technologies, in order to combat an anticipated surge in cyber attacks in 2021 arising from accelerated digital transformation amid the COVID-19 pandemic and the use of emerging technologies such as 5G communications, Internet of Things (IoT) and AI.

Learn more

HKPC Urges Enterprises for Cyber Security Strategy for the New Normal and New Technologies
Hong Kong Computer Emergency Response Team Coordination Centre

Centre for coordination of computer security incident response for local enterprises and Internet Users


Facilitate information disseminating, provide advices on preventive measures against security threats and to promote information security awareness

Learn more

What Are You Looking for

Top Search:
Microsoft Exchange Server
Ransomware
Phishing
Kaseya
VPN

Highlights

Security Blog

HKCERT Urges Microsoft Windows Users to be Vigilant Against Malicious Exploit of Critical Vulnerability

Published on 15 Sep 2021

Security BulletinRISK: High Risk

Microsoft Windows Remote Code Execution Vulnerability

Published on 8 Sep 2021

High Risk
Security Blog

Introducing “Check Your Cyber Security Readiness” Online Self-Assessment Tools

Published on 7 Sep 2021

Security Blog

Patch Vulnerabilities in Remote Access and Remote Storage Now

Published on 1 Sep 2021

Security Blog

End-of-Support for Adobe Flash Player after 31 December 2020

Published on 16 Dec 2020

Security Blog

Patch FortiOS SSL VPN Vulnerability (CVE-2018-13379) Immediately

Published on 8 Dec 2020

Security Guideline

Personal VPN Security Guideline

Published on 24 Nov 2020

Security Guideline

Enterprise VPN Security Guideline

Published on 9 Nov 2020

Security Blog

HKCERT proposes 10 measures to secure Zoom Meetings

Published on 2 Apr 2020

Our Core Services

Security Alert Monitoring and Early Warning

Monitor security vulnerability and development of viruses & worms. When necessary, we issue alerts to warn the public to mitigate the impact of these threats.

Learn More

Incident Report and Response

Provide free 24-hour hotline services for incident reporting and give advice on incident response and recovery. All the reported incidents will be kept confidential. For cross-border incidents, we can seek assistance from overseas CERT teams.

Learn More

Publication of Security Guidelines and Information

Publish security alerts, security guidelines, infosec express and news on our web site. We also publish monthly security newsletter to subscribers. The information is provided in both English and Chinese

Learn More

Promotion of Information Security Awareness

Organize free seminars and briefings to promote information security awareness among the general public.

Learn More

Security Bulletins

15 Sep 2021

Microsoft Monthly Security Update (September 2021)

Microsoft has released monthly security update for their products:   Note: Microsoft has released the patch to fix the vulnerability (CVE-2021-40444) in MSHTML component affecting Microsoft Windows in this update. The risk level of that vulnerability is previously rated as extremely...

RISK: High Risk

High Risk

20 Sep 2021

Linux Kernel Multiple Vulnerabilities

Multiple vulnerabilities were identified in Linux Kernel, a remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution, sensitive information disclosure, elevation of privilege and security restriction bypass on the targeted system.

RISK: Medium Risk

Medium Risk

20 Sep 2021

Apache HTTP Server Multiple Vulnerabilities

Multiple vulnerabilities were identified in Apache HTTP Server, a remote attacker could exploit some of these vulnerabilities to trigger denial of service, security restriction bypass, sensitive information disclosure and spoofing on the targeted system.

RISK: Medium Risk

Medium Risk

20 Sep 2021

OpenSSL Denial of Service Vulnerability

A vulnerability was identified in OpenSSL, a remote attacker could exploit some of these vulnerabilities to trigger denial of service condition.

RISK: Medium Risk

Medium Risk

16 Sep 2021

Apache Tomcat Denial of Service Vulnerability

A vulnerability has been identified in Apache Tomcat, a remote user can exploit this vulnerability to trigger denial of service condition on the targeted system.

RISK: Medium Risk

Medium Risk

16 Sep 2021

Drupal Multiple Vulnerabilities

Multiple vulnerabilities were identified in Drupal, a remote attacker could exploit some of these vulnerabilities to trigger sensitive information disclosure, cross-site scripting and security restriction bypass on the targeted system.

RISK: Medium Risk

Medium Risk

8 Sep 2021

Microsoft Windows Remote Code Execution Vulnerability

A vulnerability has been identified in Microsoft Windows, a remote user can exploit this vulnerability to trigger remote code execution on the targeted system.   This vulnerability impacts MSHTML, a component used in Office applications to render web-hosted content. The attacker can exploit this vulnerability...

RISK: High Risk

High Risk

16 Aug 2021

Microsoft Windows Remote Code Execution Vulnerability

A vulnerability has been identified in Microsoft Windows, a remote user can exploit this vulnerability to trigger remote code execution on the targeted system.   [Updated on 2021-09-16] Patch is currently available. The risk level is changed from high risk to...

RISK: Medium Risk

Medium Risk

15 Sep 2021

Adobe Monthly Security Update (September 2021)

Adobe has released monthly security update for their products:   Vulnerable Product Risk Level Impacts Notes Details (including CVE) Adobe XMP Toolkit SDK Medium Risk Information Disclosure   APSB21-85 Adobe Photoshop Medium Risk Remote Code Execution   ...

RISK: Medium Risk

Medium Risk

15 Sep 2021

Palo Alto PAN-OS Multiple vulnerabilities

Multiple vulnerabilities were identified in Palo Alto PAN-OS, a remote user could exploit some of these vulnerabilities to trigger cross site scripting, remote code execution and denial of service on the targeted system.

RISK: Medium Risk

Medium Risk

Featured Security Blog

Introducing “Check Your Cyber Security Readiness” Online Self-Assessment Tools7 Sep 2021
Patch Vulnerabilities in Remote Access and Remote Storage Now1 Sep 2021
End-of-Support for Adobe Flash Player after 31 December 202016 Dec 2020
Case Study on Bitcoin Scam Incident - A Combined Social Engineering and Privilege Escalation Attacks17 Nov 2020

HKCERT Releases New Study to Raise Security Awareness of ZigBee Devices

HKCERT Releases New Study to Raise Security Awareness of Wi-Fi Devices

Enterprise VPN Security Guideline

Events / Trainings

FEATURED

Build a Secure Cyberspace 2021 “Be Smart Online, Stay Away from Pitfalls” Webinar cum GIF Graphic Design Contest Award Ceremony

24 Sep 2021

Time: 09:30 - 17:00 Venue: Webinar – Participant shall prepare his/her own electronic device (e.g. Desktop, Notebook or Mobile, etc.) with Internet access.

Learn More

11 Sep 2021

Cyber Security Innovation Challenge

Time: 10:00 - 12:00 Venue: Live Webinar

13 Sep 2021

Cyber Security Professionals Awards (CSPA)

24 Sep 2021

Build a Secure Cyberspace 2021 “Be Smart Online, Stay Away from Pitfalls” Webinar cum GIF Graphic Design Contest Award Ceremony

Time: 09:30 - 17:00 Venue: Webinar – Participant shall prepare his/her own electronic device (e.g. Desktop, Notebook or Mobile, etc.) with Internet access.

19 Oct 2021

Cyber Security Certification | CISSP® – Certified Information Systems Security Professional Official Training (2021 New Version)

Time: 09:00 - 18:00 Venue: Zoom, 1/F, HKPC Building, 78 Tat Chee Avenue, Kowloon, Hong Kong

Statistics

The figure for each type of cyber attack is aggregated by the security incident reported to us. This dataset starts from Jan 2018 to current month. To learn more, please click here.

 

15170

+

Botnet

10869

+

Phishing

4657

+

Malware

149

+

Web Defacement/Intrusion

114

+

Distributed Denial-of-service

2284

+

Others

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY