Skip to main content

Security Guideline

Filter by:

HKCERT Releases New Study to Raise Security Awareness of Bluetooth Low Energy Devices

The applications of the Internet of Things (IoT) are becoming more diverse with the rapid development of wireless technology. Each type of IoT devices has to adopt the appropriate wireless technology in accordance with their application requirements. Among various wireless technologies, Bluetooth Low Energy (...
9 Mar 2020 2587 Views

HKCERT Released Guideline for Upgrading TLS to Secure Versions

Communication security protocol Transport Layer Security (TLS) ensures data transmission can stand attack of sniffing and data tampering. The protocol has evolved over time with better security and performance. In March of 2020, insecure versions of the protocol TLS 1. and TLS 1....
28 Feb 2020 2476 Views

Implementing IoT Security Best Practice

The adoption of Internet of Things (IoT) technology is a growing trend in various sectors. Startups, small and medium-sized enterprises (SMEs), and other enterprises have started adopting IoT technology to create business values for their products and bring about new customer experience...
14 Jan 2020 3236 Views

IoT Device (Webcam) Security Study

  Background   Today, more and more gadgets, devices and systems are connected to the Internet. Known as the “Internet of Things (IoT)”, this trend has made networked connections more meaningful through greater convergence of people, processes, data and many things else...
24 Jan 2019 7542 Views

Best Practice Guide of Remote Desktop (for corporate administrator)

Remote Desktop is a useful tool for remote control a computer, but misconfigured Remote Desktop is risky. Using weak password to protect Internet accessible remote desktop and sharing password to the technical support vendor are some of these examples. They could lead to server being compromised or...
5 Dec 2018 18305 Views

Ransomware Decryption Guideline

If computer or smart device were infected with ransomware, please do not pay the ransom. Users can search for the decryption tool in the following webpage: https://www.nomoreransom.org/en/decryption-tools.html   Most ransomware variants do not...
27 Sep 2018 3947 Views

Seven Habits of Cyber Security for SMEs

Background: The WannaCry ransomware swept the world in May 2017. Many local SMEs were frightened. Those which became victims were threatened to pay ransom to get back their data.   With the popularisation of smart technology, more and more business transactions are conducted over the network...
11 Sep 2018 5326 Views

How to configure your Windows PC to use the secure DNS service? (For home users only)

Table of Contents:   Window 11 Window 10 Window 7   [Updated on 17 Feb 2022]  Added procedures for Windows 11   Many security incidents are used to lure user to access the malicious site via a phishing URL or malware background execution. To avoid and...
10 Jul 2018 4570 Views

The Ten Most Critical Web Application Security Risks (OWASP Top 10) – 2017

The Ten Most Critical Web Application Security Risks   OWASP (Open Web Application Security Project) community helps organizations develop secure applications. They come up with standards, freeware tools and conferences that help organizations as well as researches. OWASP top 10 is the list of top...
15 Jun 2018 7380 Views

Understanding and Tackling Supply Chain Attack

Table of Contents: BackgroundWhat is Supply Chain Attack?Forms of Supply Chain AttacksNew challenges to the supply chain in digital transformationTackling Supply Chain AttacksReferences   Background   HKCERT named the Supply Chain Attack as one of the five Potential Cyber Security Trends in January 2018 in our annual...
12 Apr 2018 5651 Views