Security Blog
Watch out for Phishing Attacks Using False Information on Infectious Disease
When many countries are doing their best to combat the novel coronavirus, cyber security researchers have found that hacker groups have been preying on the fears of human to launch a new round of malicious spam (malspam) attacks to spread the Emotet trojan.
According to researchers...
Release Date: 4 Feb 2020 6251 Views
Critical Citrix Application Delivery Controller Vulnerability (CVE-2019-19781) Alert
Multinational software and clouding computing company Citrix recently disclosed a vulnerability (CVE-2019-19781) in its application delivery controller (ADC) products. A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system. To address the vulnerability, ...
Release Date: 17 Jan 2020 4027 Views
Patch three critical Windows vulnerabilities (CVE-2020-0601, CVE-2020-0609 & CVE-2020-0610) immediately to prevent potential cyber attack
Microsoft recently released its monthly Patch Tuesday for January 2020. There are three critical vulnerabilities in two of its application components which demand attention and immediate action:
Windows Remote Desktop Protocol (RDP) Gateway Server
(CVE-2020-0609, CVE-2020-0610...
Release Date: 17 Jan 2020 5531 Views
Implementing IoT Security Best Practice
The adoption of Internet of Things (IoT) technology is a growing trend in various sectors. Startups, small and medium-sized enterprises (SMEs), and other enterprises have started adopting IoT technology to create business values for their products and bring about new customer experience...
Release Date: 14 Jan 2020 4001 Views
New Trends of Ransomware
Ransomware is among the most jeopardising and wide-spreading cyber security threats. It encrypts files on the user's device and demands payment of ransom in order to decrypt the files. HKCERT has been constantly monitoring the ransomware trends, providing security advice to users who...
Release Date: 30 Dec 2019 3779 Views
HKCERT and Microsoft Hong Kong Launch City's First Healthcare Cyber Security Watch Programme
In recent years, the HKSAR Government has advocated the use of innovative technology to enhance the services of the Hong Kong healthcare system to support the development of Smart City. These include setting up a big data analytics platform to facilitate healthcare-related research, adopting a...
Release Date: 13 Dec 2019 3478 Views
HKCERT Calls for Attention on End of Support for Windows 7, Windows Server 2008 and 2008 R2
From 14 January 2020, computers running on Windows 7, Windows Server 2008 and 2008 R2 operating systems (OSs) will no longer receive free technical support, software and security updates from Microsoft [1][2]. In other words, users whose machines are still...
Release Date: 22 Nov 2019 2771 Views
More than a year after GDPR comes into force…
The General Data Protection Regulation (GDPR) of the European Union (EU), dubbed the toughest privacy protection and security law in the world thus far, has been in force for more than a year. While the regulation aims to provide better safeguard on the storage...
Release Date: 30 Sep 2019 2962 Views
Critical Pulse Secure VPN Vulnerability (CVE-2019-11510) Alert
Bad Packets recently stated in a security blog [1] that they detected an internet-wide opportunistic scanning activity targeting Pulse Secure VPN endpoints vulnerable to CVE-2019-11510 [2]. This arbitrary file reading vulnerability allows sensitive information disclosure, enabling unauthenticated attackers to...
Release Date: 6 Sep 2019 4983 Views
New Vulnerabilities in Remote Desktop Service (RDS) Affecting Most Current Windows Versions
Microsoft has just released patches in its August Monthly Security Update for 2 newly discovered vulnerabilities in Remote Desktop Services (RDS). Similar to the “BlueKeep” vulnerability, the new vulnerabilities can be exploited to engineer a worm-like outbreak in the Internet, poising a...
Release Date: 15 Aug 2019 4024 Views