Security Blog

FEATURED BLOG

CyberSecurity Tips for Travelling

It's summer vacation travel season again, and while everyone is relaxing and taking a break, hackers don't take vacations. The Hong Kong Computer Emergency Response Team (HKCERT) has prepared the following travel tips to help you protect your online security while...
Release Date: 11 Jul 2024 3316 Views
FEATURED BLOG

Weaponisation of AI: The New Frontier in Cybersecurity

The advent of artificial intelligence (AI) ushers in an era of unprecedented technological advancements, assisting various industries for further development. However, alongside these benefits, the misuse of artificial intelligence has also facilitated hackers and been "weaponised" by them to carry out cyber...
Release Date: 10 Jul 2024 3196 Views
Filter by:

A Milestone of HKCERT

The opening of the new HKCERT centre marks a milestone since our establishment in 2001. With more spaces and more funding support from the Office of the Government Chief Information Officer of the HKSAR, this centre will expand its service to handle smartphone and mobile device security incident...
Release Date: 26 Apr 2012 3535 Views

Flashback malware infecting hundreds of thousands of Mac computers

Once upon a time there was a myth like this “Mac OS is safe and does not need antivirus”.   Today this myth has been challenged by the “Flashback” malware. According to a Russian security antivirus product provider, “Flashback” malware had infected more than...
Release Date: 17 Apr 2012 4646 Views

Anonymous threatened to make Internet Blackout 31 March 2012

When you read this article, you do not need to be a fortune teller to “predict” if an Internet blackout really occurred on 31 March 2012. Our analysis was that Anonymous’ intention to blackout the Internet via DDoS attack to DNS root servers would not...
Release Date: 2 Apr 2012 4381 Views

Windows Remote Desktop Vulnerability may be used to spread worms

  Working exploits for a recent Windows vulnerability on Remote Desktop is publicly available on the Internet. This has lowered the technical hurdle for attackers to perform attacks. Some security researchers have warned that this vulnerability has potential to make a wide spreading worm. Users are...
Release Date: 20 Mar 2012 4926 Views

Impact of terminating the DNS server of DNSChanger

Recently, the Information Security News reported that the U.S. Federal Bureau of Investigation (FBI) would shut down those domain name servers (DNS - Note 1) associated with the DNSChanger Botnet on March 8. What is the impact of this incident...
Release Date: 29 Feb 2012 11267 Views

Review of Information Security Threats 2011

Over the year Information Security threats are continuously growing, we summarized and recapped it below. We can learn from the past and equipped ourselves to fight off the new challenge next year.New Dimension of Motivations of Cyber AttackSince 2005, the dominating motivation of cyber attacks...
Release Date: 3 Jan 2012 5960 Views

Trust of website certificate questioned - reflection of the Comodo and DigiNotar incidents

We are educated to check the validity of a website when we need to provide sensitive information to them, e.g. online banking, webmail, by identifying the "padlock" (i.e. secure HTTPS connection) and the name of the organization shown...
Release Date: 21 Sep 2011 4763 Views

DigiNotar CA security breach resulting in issuance of fake certificates

DigiNotar, a Dutch Certificate Authority (CA) reported that their company had a security breach in July 2011 which resulted in fraudulent issuance of public key certificates. DigiNotar issues SSL (Secure Sockets Layer) and EVSSL (Extended Validation) certificates. When a user visits...
Release Date: 1 Sep 2011 6228 Views

Large scale Injection incidents targeting osCommerce websites

A large scale injection targeting websites using osCommerce is reported.  Injected "<iframe>" and "<script>" pointing to malicious links such as "willysy.com" and "exero.eu" will infect computers via various exploits.  Google indicates more than 90,000...
Release Date: 26 Jul 2011 83112 Views

Fraudsters eyeing on the Japan earthquake disaster

It was reported in Japan CERT (JPCERT/CC) website that fake Japan earthquake donation sites were found. These sites are taking advantage of people's wants to help in Japan's immense tragedy. http://blog.jpcert.or.jp/...
Release Date: 15 Mar 2011 84940 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY