Security Guideline
HKCERT Releases New Study to Raise Security Awareness of Bluetooth Low Energy Devices
The applications of the Internet of Things (IoT) are becoming more diverse with the rapid development of wireless technology. Each type of IoT devices has to adopt the appropriate wireless technology in accordance with their application requirements. Among various wireless technologies, Bluetooth Low Energy (...
Release Date: 9 Mar 2020
2725 Views
HKCERT Released Guideline for Upgrading TLS to Secure Versions
Communication security protocol Transport Layer Security (TLS) ensures data transmission can stand attack of sniffing and data tampering. The protocol has evolved over time with better security and performance. In March of 2020, insecure versions of the protocol TLS 1. and TLS 1....
Release Date: 28 Feb 2020
2586 Views
Implementing IoT Security Best Practice
The adoption of Internet of Things (IoT) technology is a growing trend in various sectors. Startups, small and medium-sized enterprises (SMEs), and other enterprises have started adopting IoT technology to create business values for their products and bring about new customer experience...
Release Date: 14 Jan 2020
3458 Views
IoT Device (Webcam) Security Study
Background Today, more and more gadgets, devices and systems are connected to the Internet. Known as the “Internet of Things (IoT)”, this trend has made networked connections more meaningful through greater convergence of people, processes, data and many things else...
Release Date: 24 Jan 2019
7991 Views
Best Practice Guide of Remote Desktop (for corporate administrator)
Remote Desktop is a useful tool for remote control a computer, but misconfigured Remote Desktop is risky. Using weak password to protect Internet accessible remote desktop and sharing password to the technical support vendor are some of these examples. They could lead to server being compromised or...
Release Date: 5 Dec 2018
18908 Views
Ransomware Decryption Guideline
If computer or smart device were infected with ransomware, please do not pay the ransom. Users can search for the decryption tool in the following webpage: https://www.nomoreransom.org/en/decryption-tools.html Most ransomware variants do not...
Release Date: 27 Sep 2018
4156 Views
Seven Habits of Cyber Security for SMEs
Background:
The WannaCry ransomware swept the world in May 2017. Many local SMEs were frightened. Those which became victims were threatened to pay ransom to get back their data.
With the popularisation of smart technology, more and more business transactions are conducted over the network...
Release Date: 11 Sep 2018
5850 Views
How to configure your Windows PC to use the secure DNS service? (For home users only)
Table of Contents:
Window 11
Window 10
Window 7
[Updated on 17 Feb 2022] Added procedures for Windows 11
Many security incidents are used to lure user to access the malicious site via a phishing URL or malware background execution. To avoid and...
Release Date: 10 Jul 2018
4838 Views
The Ten Most Critical Web Application Security Risks (OWASP Top 10) – 2017
The Ten Most Critical Web Application Security Risks OWASP (Open Web Application Security Project) community helps organizations develop secure applications. They come up with standards, freeware tools and conferences that help organizations as well as researches. OWASP top 10 is the list of top...
Release Date: 15 Jun 2018
7732 Views
Understanding and Tackling Supply Chain Attack
Table of Contents: BackgroundWhat is Supply Chain Attack?Forms of Supply Chain AttacksNew challenges to the supply chain in digital transformationTackling Supply Chain AttacksReferences Background HKCERT named the Supply Chain Attack as one of the five Potential Cyber Security Trends in January 2018 in our annual...
Release Date: 12 Apr 2018
6003 Views