Skip to main content

Security Blog

Filter by:

"SSH Hong Kong Enterprise Cyber Security Readiness Index Survey" Up 3.7 Points to 49.3. Enterprises still needs to improve on Cyber Security Readiness

The Hong Kong Productivity Council (HKPC) released the latest results of the “SSH Hong Kong Enterprise Cyber Security Readiness Index Survey”, which reports an Overall Index at 49.3 (maximum being 100), a slight increase of 3.7 from the inaugural survey...
Release Date: 12 Apr 2019 5223 Views

Security Advisory: Facebook stored plain text user passwords on their internal servers

Recently, Facebook discovered that there were hundreds of millions account passwords stored in plain text on their internal company servers, which means that these passwords were searchable and readable by over 20,000 Facebook employees. The impact of this incident including hundreds of millions of Facebook...
Release Date: 22 Mar 2019 3699 Views

Favourite Security Reads of the Fortnight (15 Mar 2019)

  Favourite Security Reads of the Fortnight (15 Mar 2019)   "Favourite Security Reads of the Fortnight". Every two weeks we share news or articles that we like. We hope you will love this column and we welcome your comment via email to [email protected].   Below is the favourite security reads of this fortnight. Article written by HKCERT on Hong Kong Economic Times: 黑客新招 假招聘信息藏病毒 (2019-03-01, Chinese) Articles that we like:  New GarrantyDecrypt ransomware variant impersonates the security team for Proton Technologies (Cyware, 2019-03-04) 色情敲...
Release Date: 15 Mar 2019 4478 Views

Favourite Security Reads of the Fortnight (1 Mar 2019)

  Favourite Security Reads of the Fortnight (1 Mar 2019)   "Favourite Security Reads of the Fortnight". Every two weeks we share news or articles that we like. We hope you will love this column and we welcome your comment via email to [email protected].   Below is the favourite security reads of this fortnight. Article written by HKCERT on Hong Kong Economic Times: 網絡安全關鍵 加強保護DNS (2019-02-15, Chinese) 資料外洩覆水難收 雙重認證自保 (2019-02-22, Chinese) Articles that we like:  Almost 18000 Android Apps track users online activity by violating...
Release Date: 1 Mar 2019 3589 Views

Beware of the unauthorized SMS forwarding

Recently, there was a report about SMS authentication code in some stored value facilities (SVF) can be forwarded to other phone number by fraudsters.  SMS was used to deliver One-time password (OTP) by many online services. Because of the security concern...
Release Date: 26 Feb 2019 6129 Views

Favourite Security Reads of the Fortnight (15 Feb 2019)

  Favourite Security Reads of the Fortnight (15 Feb 2019)   "Favourite Security Reads of the Fortnight". Every two weeks we share news or articles that we like. We hope you will love this column and we welcome your comment via email to [email protected].   Below is the favourite security reads of this fortnight. Article written by HKCERT on Hong Kong Economic Times: 網絡攝影機 或淪黑客工具 (2019-02-01, Chinese) 選購網絡攝影機 「預防勝於治療」 (2019-02-08, Chinese) Articles that we like:  Attackers...
Release Date: 15 Feb 2019 3080 Views

Favourite Security Reads of the Fortnight (1 Feb 2019)

  Favourite Security Reads of the Fortnight (1 Feb 2019)   "Favourite Security Reads of the Fortnight". Every two weeks we share news or articles that we like. We hope you will love this column and we welcome your comment via email to [email protected].   Below is the favourite security reads of this fortnight. Article written by HKCERT on Hong Kong Economic Times: 保障智能手機 6招助減風險 (2019-01-18, Chinese) Articles that we like:  10 Steps to Creating a Secure IT Environment (Alien Vault, 2019-01-23) Information Security Manager Roles and...
Release Date: 1 Feb 2019 3929 Views

HKCERT provides open data for the count of monthly security incidents

In December 2018, over 80 government bureaux and departments released their first annual open data plan. HKCERT supports the initiative, and follows suit to release ours. The dataset contains the count of different types of security incidents reported every month. It is released monthly starting...
Release Date: 25 Jan 2019 4148 Views

Security Advisory: Securing DNS Infrastructure

In late 2018 and early 2019, Talos [1] and FireEye [2] have released alerts on emerging DNS hijacking attacks. Following the alerts, Cybersecurity and Infrastructure Security Agency (CISA) of US has issued an emergency directive [3] to US government...
Release Date: 25 Jan 2019 5552 Views

Mind your Webcam, Protect your Privacy

Among all IoT devices, webcam is one of the most popular IoT devices used in Hong Kong. However, these devices may not be installed securely in household.   In August 2016, there was a public uproar over an exhibition in the UK showing still images of...
Release Date: 24 Jan 2019 4148 Views