Skip to main content

Security Blog

Filter by:

Patch three critical Windows vulnerabilities (CVE-2020-0601, CVE-2020-0609 & CVE-2020-0610) immediately to prevent potential cyber attack

Microsoft recently released its monthly Patch Tuesday for January 2020. There are three critical vulnerabilities in two of its application components which demand attention and immediate action:     Windows Remote Desktop Protocol (RDP) Gateway Server (CVE-2020-0609, CVE-2020-0610...
Release Date: 17 Jan 2020 7571 Views

Implementing IoT Security Best Practice

The adoption of Internet of Things (IoT) technology is a growing trend in various sectors. Startups, small and medium-sized enterprises (SMEs), and other enterprises have started adopting IoT technology to create business values for their products and bring about new customer experience...
Release Date: 14 Jan 2020 6732 Views

New Trends of Ransomware

Ransomware is among the most jeopardising and wide-spreading cyber security threats. It encrypts files on the user's device and demands payment of ransom in order to decrypt the files. HKCERT has been constantly monitoring the ransomware trends, providing security advice to users who...
Release Date: 30 Dec 2019 6304 Views

HKCERT and Microsoft Hong Kong Launch City's First Healthcare Cyber Security Watch Programme

In recent years, the HKSAR Government has advocated the use of innovative technology to enhance the services of the Hong Kong healthcare system to support the development of Smart City. These include setting up a big data analytics platform to facilitate healthcare-related research, adopting a...
Release Date: 13 Dec 2019 5267 Views

HKCERT Calls for Attention on End of Support for Windows 7, Windows Server 2008 and 2008 R2

[Updated on 2023-01-06]  Microsoft will stop providing security updates and technical support to all Windows 7 and Windows 8.1 systems (including those subscribed the Extended Security Update) on January 10, 2023. According to the latest figures, about...
Release Date: 22 Nov 2019 4324 Views

More than a year after GDPR comes into force…

The General Data Protection Regulation (GDPR) of the European Union (EU), dubbed the toughest privacy protection and security law in the world thus far, has been in force for more than a year. While the regulation aims to provide better safeguard on the storage...
Release Date: 30 Sep 2019 4182 Views

Critical Pulse Secure VPN Vulnerability (CVE-2019-11510) Alert

Bad Packets recently stated in a security blog [1] that they detected an internet-wide opportunistic scanning activity targeting Pulse Secure VPN endpoints vulnerable to CVE-2019-11510 [2]. This arbitrary file reading vulnerability allows sensitive information disclosure, enabling unauthenticated attackers to...
Release Date: 6 Sep 2019 6867 Views

New Vulnerabilities in Remote Desktop Service (RDS) Affecting Most Current Windows Versions

Microsoft has just released patches in its August Monthly Security Update for 2 newly discovered vulnerabilities in Remote Desktop Services (RDS). Similar to the “BlueKeep” vulnerability, the new vulnerabilities can be exploited to engineer a worm-like outbreak in the Internet, poising a...
Release Date: 15 Aug 2019 5589 Views

New Trends in Ransom Email Attacks

Recently, HKCERT has received scores of reports of ransom emails. It suspected that cyber criminals were using local email addresses collected from the past information leakage incidents to launch large-scale attacks for profit. To raise public vigilance on such email attacks, HKCERT wishes to...
Release Date: 6 Jun 2019 8173 Views

Stay Vigilant Against IoT Security Risks at Home

The use of smart home appliances has become ever more prevalent in our daily lives where Internet of Things (IoT) are applied to connect various types of devices, bringing greater convenience to our lives like never before. However, sometimes IoT devices are designed to deliver...
Release Date: 2 Jun 2019 4613 Views