Security Blog

FEATURED BLOG

Browser’s Anti-phishing feature: What is it and how it helps to block phishing attack?

Over the past four years, HKCERT has handled an average of about 8,900 local cyber security incidents per year, with phishing attacks accounting for 48% of all incidents in 2021 [1]. Even globally, phishing attacks account for 36% of total security...
Release Date: 15 Sep 2022 3094 Views
FEATURED BLOG

Adopt Good Cyber Security Practices to Make AI Your Friends not Foes

Artificial intelligence (AI) has experienced a rapid growth in its adoption by businesses in recent years. According to the International Data Corporation, companies around the world plan to increase their spending on AI solutions (e.g. hardware, software, services, etc...
Release Date: 30 Aug 2022 3184 Views
FEATURED BLOG

HKCERT Publishes Incident Response Guideline for SMEs to Enhance Information Security Incident Handling Competence

Release Date: 8 Aug 2022 4241 Views
FEATURED BLOG

Email Account Theft to Bypass MFA Protection

Microsoft researchers recently discovered a large-scale phishing campaign that steals users' email accounts even they have multi-factor authentication (MFA) enabled. Research shows that this type of phishing attack has been active since September 2021 and has attempted to target at least 10...
Release Date: 2 Aug 2022 3316 Views
Filter by:

Case Study on Bitcoin Scam Incident - A Combined Social Engineering and Privilege Escalation Attacks

In this blog, HKCERT will provide advice for SMEs and the general public on defending against social engineering and privilege escalation attacks.   1. Background   On 15 July 2020, a total of 130 high-profile accounts in a major social networking platform were compromised by...
Release Date: 17 Nov 2020 6905 Views

Enterprise VPN Security Guideline

    The Enterprise VPN is a common technology to support remote working during global pandemic outbreak. However, adopting enterprise VPN without proper risk assessment and corresponding mitigation measures could lead to a security incident. ...
Release Date: 9 Nov 2020 8094 Views

Identity Theft Protection for Social Media and Instant Messaging Accounts

Social media and instant messaging software have become essential tools for our daily social interaction and communication. Therefore it is important to protect the user accounts of relevant software. In many cases, users have not changed or strengthened the security settings of the account after first registering...
Release Date: 28 Oct 2020 6268 Views

Ransomware: Double Extortion Attacks Continued - Intrusion via Exploiting VPN Gateway Vulnerability

During the back-to-school season, HKCERT noticed that ransomware attacks have been targeting educational institutions all over the world while the trend of double extortion attacks continued. Related ransomware, such as Maze and Netwalker, were also very active. Users must stay vigilant...
Release Date: 13 Oct 2020 4608 Views

Beware of Latest DDoS Extortion Attacks

In the past weeks, various financial organisations over the world have been on the receiving end of Distributed Denial of Service (DDoS) extortion attacks, with disruption to their online service.   According to an international anti-DDoS service provider, the attackers would target multiple...
Release Date: 31 Aug 2020 6322 Views

Learn About Personal VPN Services, Protect Online Privacy and Security

Objective   Virtual private network (VPN) is one of the commonly used security technologies that have been widely used in an enterprise environment for employee remote access. On the other hand, it is also applied in protecting personal online privacy and security, which is known...
Release Date: 18 Aug 2020 6375 Views

Ransomware Evolved: Double Extortion and Fake Decryptor

Ransomware is among the most detrimental and wide-spread cyber security threats. Hackers are using it to encrypt files on the user's device and demand ransom payments for file decryption. HKCERT has been continually monitoring ransomware trends, providing security advice to users. In...
Release Date: 13 Jul 2020 7813 Views

"SSH Hong Kong Enterprise Cyber Security Readiness Index Survey" Down 2.4 Points to 46.9 Staying Vigilant for Cyber Threats in Stormy Times

(Hong Kong, 12 May 2020) The Hong Kong Productivity Council (HKPC) released the latest results of the “SSH Hong Kong Enterprise Cyber Security Readiness Index Survey”, which reports an Overall Index at 46.9 (maximum being 100), a slight decrease...
Release Date: 13 May 2020 9377 Views

HKCERT Releases New Study to Raise Security Awareness of ZigBee Devices

Industries all over the world are keeping up with the trend of Internet of Things (IoT), by developing and applying products with built-in IoT-related function. ZigBee, as one of the wireless technologies with low-power consumption and a simple set-...
Release Date: 8 May 2020 9326 Views

Beware of Attacks on Remote Access Services

Rush to Remote Access Services Opens More Opportunities for Hackers   As the COVID-19 pandemic continues its spread globally, many organisations are implementing work from home arrangement, using a variety of remote access services to ensure employees can connect to the organisation’s internal network...
Release Date: 28 Apr 2020 6375 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY