Security Blog

FEATURED BLOG

OpenClaw’s Rapid Adoption Exposes Skills Supply Chain and Fake Installer Risks in a High-Privilege AI Agent Platform

Release Date: 17 Mar 2026 48510 Views
Filter by:

Secure your Email - it is essential to the Overall Security of Mobile Payment Services

We are aware of recent security incidents related to mobile payment. In one of the incidents, it was reported that the attacker compromised a victim's email account to find way to take control of his mobile wallet and transfer money out to a prepared account of...
Release Date: 9 Nov 2018 4653 Views

Malicious browser extension caused Facebook sensitive information disclosure

HKCERT is aware a report which stated that there were 257,256 Facebook user profiles compromised, of which 81,208 private messages were leaked.   Security vendor Digital Shadows obtained the leaked data from BBC and performed assessment, and found that 30% of victims being...
Release Date: 3 Nov 2018 5155 Views

Favourite Security Reads of the Fortnight (2 Nov 2018)

  Favourite Security Reads of the Fortnight (2 Nov 2018) .   "Favourite Security Reads of the Fortnight". Every two weeks we share news or articles that we like. We hope you will love this column and we welcome your comment via email to [email protected].   Below is the favourite security reads of this fortnight.   Article written by HKCERT on Hong Kong Economic Times: 社交網資料外洩 用戶需自保 (2018-10-19, Chinese)遇「勒索」電郵先冷靜 勿亂交贖金 (2018-10-26, Chinese) Articles that we like...
Release Date: 2 Nov 2018 2793 Views

Beware of WebApp Programming Vulnerability leads to personal information leakage

It was reported that website of Hong Kong Airline has a vulnerability, the passenger's personal information can be seen by modifying the end of the URL. It probably falls into risks of Broken Authentication (A2) and Broken Access Control (A5) ...
Release Date: 30 Oct 2018 3826 Views

Beware of the unauthorized FPS transaction and SVF setup

Recently, there were reports about unauthorized money transfer between bank account and stored value facilities (SVF). On 30 Sep 2018, the Hong Kong Monetary Authority (HKMA) has launched Faster Payment System (FPS), which enables person-to-person interbank fund transfer...
Release Date: 25 Oct 2018 5506 Views

Security Advisory: Cathay Pacific and Cathay Dragon Passenger Data Breach

According to Cathay Pacific announcement on Hong Kong Stock Exchange, they have discovered unauthorized access to their 9.4 million passenger data including its subsidiary Cathay Dragon in early March 2018. The types of personal data accessed were the names of passengers, their nationalities, dates...
Release Date: 25 Oct 2018 9438 Views

Favourite Security Reads of the Fortnight (19 Oct 2018)

  Favourite Security Reads of the Fortnight (19 Oct 2018) .   "Favourite Security Reads of the Fortnight". Every two weeks we share news or articles that we like. We hope you will love this column and we welcome your comment via email to [email protected].   Below is the favourite security reads of this fortnight.   Article written by HKCERT on Hong Kong Economic Times: 培訓員工 守護網絡最後防綫 (2018-10-05, Chinese)黑客入侵方式多 勿掉以輕心 (2018-10-12, Chinese) Articles that we like:  Micro-...
Release Date: 19 Oct 2018 3141 Views

Favourite Security Reads of the Fortnight (5 Oct 2018)

  Favourite Security Reads of the Fortnight (5 Oct 2018) .   "Favourite Security Reads of the Fortnight". Every two weeks we share news or articles that we like. We hope you will love this column and we welcome your comment via email to [email protected].   Below is the favourite security reads of this fortnight.   Article written by HKCERT on Hong Kong Economic Times: 企業良好保安監察 防洩密 (2018-09-21, Chinese)規劃前中後事故處理 保企業形象 (2018-09-28, Chinese) Articles that we like: GandCrab...
Release Date: 5 Oct 2018 3974 Views

DNSSEC : ICANN scheduled Root Zone KSK Rollover on 11 October 2018

Domain Name System (DNS) is one of the most critical and common network infrastructure, almost every network application need to use DNS to convert the hostname to IP address, for executing the subsequent network activities.   DNS Security Extensions (DNSSEC) is a security extension...
Release Date: 4 Oct 2018 5865 Views

Please act now to enhance the protection of your Facebook account

It was reported that a vulnerability in "View as" function of Facebook was exploited and affected 50 million users. The vulnerability not only affected Facebook account. If you use Facebook account as authentication for other third party online services, it is possible that an attacker...
Release Date: 29 Sep 2018 5436 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY