Hong Kong Computer Emergency Response Team Coordination Center

Download "Incident Response Guideline for SMEs" for Cyber Security Incidents

Cyber attacks evolve rapidly as the costs and efforts required for hackers to launch attacks are decreasing due to the development of automation and computing powers. This leads to increased cyber attacks targeting different organisations (including public or private, multinational or local organisations). As most small and medium enterprises (SMEs) lack the resources to build a wider scope of cyber defence to prevent or block cyber attacks, this makes them an easy target.
To address the above-mentioned issues, HKCERT has developed the “Incident Response Guideline for SMEs” to help SMEs and other organisations

Learn more

Cyber Attacks Become More Complex and Diversified Phishing Attacks Reach New High HKCERT Calls ...

The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) of the Hong Kong Productivity Council today announced a review on the information security situation in Hong Kong in 2021 and the forecast for 2022. In the past year, the epidemic was still raging, which greatly changed how enterprises conduct their business and the living habits of individuals. Distance business, work from home, distance learning and online shopping have become the “new normal”. With the wider use of information technology, the threat of cyber attacks cannot be overlooked. Hence both enterprises and individual must raise their awareness of information security with preventative measures in place so that the community can effectively respond to the increasingly sophisticated and complex cyber attacks.

Learn more

Introducing the New “Fight Ransomware” Webpage

To keep pace with the changes in ransomware attacks, HKCERT recently consolidated the ransomware attack techniques, prevention and handling procedures to create a new dedicated “Fight Ransomware ” webpage.

Learn more

Introducing "Check your Cyber Security Readiness" Online Assessment Tool

• Improved user experience
• Enhanced usability
• Better reporting

Learn more

All 4 episodes of the 【Hack me if you can】animation series are now available

Focusing on hacker Ah Keung’s repeated attempts to hack into SME owner Ah Chun’s systems, and how Chun’s friend, Chi On, helps repel the attacks, the stories are light-hearted and down-to-earth.

Learn more

Hong Kong Computer Emergency Response Team Coordination Centre

Centre for coordination of computer security incident response for local enterprises and Internet Users

Facilitate information disseminating, provide advices on preventive measures against security threats and to promote information security awareness

Learn more

What Are You Looking for

Highlights

Microsoft Edge Multiple Vulnerabilities

Published on 9 Aug 2022

Email Account Theft to Bypass MFA Protection

Published on 2 Aug 2022

Incident Response Guideline for SMEs

Published on 29 Jul 2022

Incident Response Guideline for SMEs

Published on 29 Jul 2022

HKCERT and Cybersec Infohub Fully Support Open Threat Intelligence Campaign

Published on 20 Jul 2022

An Analysis of Microsoft Support Diagnostic Tool Vulnerability-Led QBot Phishing Email Attack

Published on 27 Jun 2022

Malicious Information Gathering - Now I See You

Published on 14 Jun 2022

Information Security Utopia Starts with Zero Trust Architecture

Published on 7 Jun 2022

Patch FortiOS SSL VPN Vulnerability (CVE-2018-13379) Immediately

Published on 8 Dec 2020

Our Core Services

Security Alert Monitoring and Early Warning

Monitor security vulnerability and development of viruses & worms. When necessary, we issue alerts to warn the public to mitigate the impact of these threats.

Learn More

Incident Report and Response

Provide free 24-hour hotline services for incident reporting and give advice on incident response and recovery. All the reported incidents will be kept confidential. For cross-border incidents, we can seek assistance from overseas CERT teams.

Learn More

Publication of Security Guidelines and Information

Publish security alerts, security guidelines, infosec express and news on our web site. We also publish monthly security newsletter to subscribers. The information is provided in both English and Chinese

Learn More

Promotion of Information Security Awareness

Organize free seminars and briefings to promote information security awareness among the general public.

Learn More

Security Bulletins

10 Aug 2022

Adobe Monthly Security Update (August 2022)

Adobe has released monthly security update for their products: Vulnerable Product Risk Level Impacts Notes Details (including CVE) Adobe Commerce Medium Risk Remote Code Execution Elevation of Privilege Cross-site Scripting Security Restriction Bypass APSB22...

RISK: Medium Risk

10 Aug 2022

Citrix Products Elevation of Privilege Vulnerability

A vulnerability was identified in Citrix Products. A remote attacker could exploit a vulnerability to trigger elevation of privilege on the targeted system.

RISK: Medium Risk

10 Aug 2022

Microsoft Monthly Security Update (August 2022)

Microsoft has released monthly security update for their products: Vulnerable Product Risk Level Impacts Notes Windows Medium Risk Remote Code Execution Information Disclosure Elevation of Privilege Security Restriction Bypass Denial of Service CVE-2022-34713 is...

RISK: Medium Risk

10 Aug 2022

RedHat Linux Kernel Multiple Vulnerabilities

Multiple vulnerabilities have been identified in RedHat Linux Kernal, a remote attacker could exploit some of these vulnerabilities to trigger remote code execution, information disclosure and data manipulation on the targeted system.

RISK: Medium Risk

10 Aug 2022

VMWare Products Multiple Vulnerabilities

Multiple vulnerabilities were identified in VMware products. An attacker could exploit some of these vulnerabilities to trigger information disclosure, security restriction bypass and elevation of privilege.

RISK: Medium Risk

9 Aug 2022

Microsoft Edge Multiple Vulnerabilities

Multiple vulnerabilities were identified in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, security restriction bypass and elevation of privilege on the targeted system.

RISK: Medium Risk

4 Aug 2022

Cisco Products Multiple Vulnerabilities

Multiple vulnerabilities were identified in Cisco Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote Code execution, cross-site scripting, information disclosure and security restriction bypass on the targeted system.

RISK: Medium Risk

4 Aug 2022

F5 Products Multiple Vulnerabilities

Multiple vulnerabilities were identified in F5 Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, sensitive information disclosure and security restriction bypass on the targeted system.

RISK: Medium Risk

4 Aug 2022

VMWare Products Multiple Vulnerabilities

Multiple vulnerabilities were identified in VMware products. An attacker could exploit some of these vulnerabilities to trigger security restriction bypass, remote code execution, cross-site scripting and elevation of privilege.

RISK: Medium Risk

3 Aug 2022

Google Chrome Multiple Vulnerabilities

Multiple vulnerabilities were identified in Google Chrome. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, sensitive information disclosure and security restriction bypass on the targeted system.

RISK: Medium Risk

Featured Security Blog

HKCERT Publishes Incident Response Guideline for SMEs to Enhance Information Security Incident Handling Competence 8 Aug 2022

Email Account Theft to Bypass MFA Protection 2 Aug 2022

Incident Response Guideline for SMEs29 Jul 2022

HKCERT and Cybersec Infohub Fully Support Open Threat Intelligence Campaign20 Jul 2022

Incident Response Guideline for SMEs

HKCERT Releases New Study to Raise Security Awareness of Wi-Fi Devices

Enterprise VPN Security Guideline

Events / Trainings

FEATURED

Information Security Summit 2022

6 Sep 2022 - 7 Sep 2022

Time: 09:00 – 18:00 Venue: Hong Kong Convention and Exhibition Centre

Learn More

16 Aug 2022

Cyber Security Certification | CISSP® – Certified Information Systems Security Professional Official Training (2021 New Version)

Time: 09:00 - 18:00 Venue: Zoom, 1/F, HKPC Building, 78 Tat Chee Avenue, Kowloon, Hong Kong

6 Sep 2022

Information Security Summit 2022

Time: 09:00 – 18:00 Venue: Hong Kong Convention and Exhibition Centre

14 Sep 2022

Pentest "Kungfu" - Advanced Cyber Security Exploit Workshop

Time: 09:30 - 17:00 Venue: 1/F, HKPC Building, 78 Tat Chee Avenue, Kowloon, Hong Kong

17 Sep 2022

Cyber Security Expo 2022

Venue: Convention Centre 2 & 3, Hong Kong Science Park, Shatin

Statistics

The figure for each type of cyber attack is aggregated by the security incident reported to us. This dataset starts from Jan 2018 to current month. To learn more, please click here.

19175

Botnet

13601

Phishing

4761

Malware

182

Web Defacement/Intrusion

118

Distributed Denial-of-service

2617

Others