Security Blog

FEATURED BLOG

End-of-Support for Adobe Flash Player after 31 December 2020

Release Date: 16 Dec 2020 2973 Views
FEATURED BLOG

Case Study on Bitcoin Scam Incident - A Combined Social Engineering and Privilege Escalation Attacks

Release Date: 17 Nov 2020 2464 Views
FEATURED BLOG

Identity Theft Protection for Social Media and Instant Messaging Accounts

Release Date: 28 Oct 2020 2348 Views
FEATURED BLOG

Ransomware: Double Extortion Attacks Continued - Intrusion via Exploiting VPN Gateway Vulnerability

Release Date: 13 Oct 2020 1866 Views
Filter by:

Favourite Security Reads of the Fortnight (4 Jan 2019)

  Favourite Security Reads of the Fortnight (4 Jan 2019) .   "Favourite Security Reads of the Fortnight". Every two weeks we share news or articles that we like. We hope you will love this column and we welcome your comment via email to [email protected]   Below is the favourite security reads of this fortnight.   Article written by HKCERT on Hong Kong Economic Times: 網絡安全7攻略 助中小企評估 (2018-12-07, Chinese) 身份監察服務 無助防洩私隱 (2018-12-14, Chinese) 加強網絡保安...
Release Date: 4 Jan 2019 2321 Views

Advice to Email Administrators for Preventing Extortion Email

Recently, HKCERT received a number of reports from students and alumni of a local university who received extortion emails asking for ransom. The content of the extortion email is similar to the one we seen before. The email sender pretends to be the recipient's email...
Release Date: 21 Dec 2018 3327 Views

Favourite Security Reads of the Fortnight (21 Dec 2018)

  Favourite Security Reads of the Fortnight (21 Dec 2018) .   "Favourite Security Reads of the Fortnight". Every two weeks we share news or articles that we like. We hope you will love this column and we welcome your comment via email to [email protected]
Release Date: 21 Dec 2018 2497 Views

Favourite Security Reads of the Fortnight (7 Dec 2018)

  Favourite Security Reads of the Fortnight (7 Dec 2018) .   "Favourite Security Reads of the Fortnight". Every two weeks we share news or articles that we like. We hope you will love this column and we welcome your comment via email to [email protected]   Below is the favourite security reads of this fortnight.   Article written by HKCERT on Hong Kong Economic Times: 杜絕保安漏洞 由設計程式開始 (2018-11-16, Chinese) 遠端桌面連綫 4招確保安全 (2018-11-23, Chinese) 網上漏洞多 慎...
Release Date: 7 Dec 2018 2630 Views

Best Practice Guide of Remote Desktop (for corporate administrator)

Remote Desktop is a useful tool for remote control a computer, but misconfigured Remote Desktop is risky. Using weak password to protect Internet accessible remote desktop and sharing password to the technical support vendor are some of these examples. They could lead to server...
Release Date: 5 Dec 2018 2745 Views

The die was cast: Always handle customer information with caution

Again, another data leakage incident was found from a famous credit scoring company in Hong Kong. Someone might obtain your credit scoring report by abusing your personal information e.g. HKID, and pass the authentication process easily.    Failed to protect customer information is a...
Release Date: 29 Nov 2018 2265 Views

Favourite Security Reads of the Fortnight (16 Nov 2018)

  Favourite Security Reads of the Fortnight (16 Nov 2018) .   "Favourite Security Reads of the Fortnight". Every two weeks we share news or articles that we like. We hope you will love this column and we welcome your comment via email to [email protected]   Below is the favourite security reads of this fortnight.   Article written by HKCERT on Hong Kong Economic Times: 航空公司洩私隱 企業借鑑減風險 (2018-11-02, Chinese) 資料外洩 恐被用作網絡攻擊 (2018-11-09, Chinese) Articles that we like:  ...
Release Date: 16 Nov 2018 3094 Views

Security and Privacy by Design - Crucial to Web Application

HKCERT is aware that some sensitive information were public accessible from an online application system of a sport event. Personal information including applicant name, part of HKID, address and telephone number were leaked.    Although that vulnerable web application was stopped and remediated once the data leakage...
Release Date: 10 Nov 2018 3193 Views

Secure your Email - it is essential to the Overall Security of Mobile Payment Services

We are aware of recent security incidents related to mobile payment. In one of the incidents, it was reported that the attacker compromised a victim's email account to find way to take control of his mobile wallet and transfer money out to a prepared account of...
Release Date: 9 Nov 2018 2827 Views

Malicious browser extension caused Facebook sensitive information disclosure

HKCERT is aware a report which stated that there were 257,256 Facebook user profiles compromised, of which 81,208 private messages were leaked.   Security vendor Digital Shadows obtained the leaked data from BBC and performed assessment, and found that 30% of victims being...
Release Date: 3 Nov 2018 2713 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY