Security Blog
An Analysis of Microsoft Support Diagnostic Tool Vulnerability-Led QBot Phishing Email Attack
HKCERT earlier issued a security bulletin (CVE-2022-30190) about the vulnerability of Microsoft Support Diagnostic Tool (MSDT). Since hackers can exploit the vulnerability to execute arbitrary code, and it has been exploited in the wild, the vulnerability was rated as extremely...
Release Date: 27 Jun 2022 6706 Views

Malicious Information Gathering - Now I See You
The rapid development of information and communication technology, coupled with the COVID-19 pandemic, has led to an increasing demand for Internet usage. While online shopping and investment have become part of life for the general public, SMEs are building their own computer network systems...
Release Date: 14 Jun 2022 5925 Views

Information Security Utopia Starts with Zero Trust Architecture
For a long time, as commonly perceived, stable and secure relationship between people and nations is built on the important cornerstone of “trust”. However, in recent years, those in the cyber security sector have suggested the contrary that only "Zero Trust" can...
Release Date: 7 Jun 2022 5640 Views

Please sign them. Smart contracts?
Smart contract is a program stored in the blockchain. Different from traditional contracts, it does not require third-party intervention. When the contract conditions are met, the program will automatically execute the contract and it cannot be changed
In the past, there were...
Release Date: 4 Apr 2022 8143 Views

What You Know about the Cyber Security of NFT
Previously, we have introduced the non-fungible token (NFT) and how to protect crypto wallets. This time, we will discuss the ecosystem of NFT as well as various related parts that can be attacked or defrauded by criminals, and the corresponding security advice...
Release Date: 11 Mar 2022 9963 Views

NFT Boom, How to Protect Your NFT Assets
What is NFT?
NFT stands for Non-Fungible Token which is issued in according to the Ethereum ERC721 standard. Different from other cryptocurrencies, each NFT token has a unique ID, so it cannot be duplicated. Also, it can only be traded in its...
Release Date: 24 Jan 2022 12280 Views

Introduction of QR code attacks and countermeasures
QR code, first used by car manufacturers to trace parts, is now widely applied across different sectors. Not long along, we introduced some basic information and common applications of QR code, as well as their related security threats and advices. In this blog, ...
Release Date: 20 Jan 2022 8203 Views

Business as Usual under COVID-19 with Sound “Work from Home” Cyber Security
With the COVID-19 pandemic worsening again, many companies have arranged their staff to work from home (WFH) to reduce the risk of spreading the disease in the community. In light of this development, the Hong Kong Computer Emergency Response Team Coordination Centre (...
Release Date: 10 Jan 2022 6050 Views

Secure Use of QR Code
QR codes have become a part of our daily life. For example, in terms of consumption, three of the four electronic payment platforms that support the Consumption Voucher Scheme of the HKSAR Government offer QR code payment. Also, in terms of epidemic prevention, QR...
Release Date: 7 Jan 2022 5421 Views

Beware of Cyber Security Risks from Online Shopping and Long Holiday
With Christmas and New Year long holidays just around the corner, the strong festive atmosphere spells another peak season of shopping. Nowadays, as most of us have become accustomed to do our shopping online, we must always maintain good awareness of cyber security. To help...
Release Date: 21 Dec 2021 4312 Views
