Skip to main content

Security Guideline

Filter by:

Help: Report security incidents and get help

The following information is about reporting security incidents and getting help.   ATTENTION: HKCERT is not a law enforcement authority. If your personal safety is threatened or financial loss is encountered, please report to police.   Moreover, HKCERT is not a regulatory body either. To...
6 Apr 2018 2379 Views

Mirai Malware Cleanup and Prevention

1. What is Mirai?  Mirai, believed to originate from Japanese mirai (未来) which means ‘future’, is a Linux based malware, which targets devices connected to the Internet (or ‘Internet of Things’ also known as ‘IoT devices’) ...
24 Jan 2017 3405 Views

Magento eCommerce Web Application Security Guide

  Image source: magento.com   . Foreword Magento (magento.com) is a web based eCommerce application, widely used by online merchants to provide online transaction on shopping or eCommerce website.   HKCERT was aware that a Dutch security researcher Willem de Groot (...
12 Jan 2017 2240 Views

SSL/TLS Protocols Security Guidelines

  Introduction SSL/TLS1 protocols are pervasive throughout information systems and the Internet. They protect the confidentiality of communication. HTTPS protocol is one of the more common applications that make use of SSL/TLS for encrypting communication between browsers and websites2. A typical...
3 Mar 2016 4602 Views

Personal Internet Service Account Security Management Guideline

 To prevent your personal information stolen by hackers, account management is very important. Using a strong password can help to against brute force attack launched by hackers. However, nowadays, a strong password is not enough to protect your account from cyber criminals. HKCERT...
24 Feb 2016 3190 Views

Best Practice Guide (SSL Implementation) for Mobile App Development

Mobile platform is increasingly become a choice for delivering services. As more sensitive data and transaction data will be transported on mobile communication channels, the security risks associated with untrusted communication, such as public Wi-Fi have to be addressed, for example, fraudster can...
14 Sep 2015 3759 Views

Mobile Instant Messaging Security Guidelines

  What is IM? IM (Instant Messaging) is a real-time communication system that allows two or more users to transfer text messages, files, voice and video via a network immediately. With the rise of smartphones, IM application turned from PC to...
31 Mar 2015 4351 Views

Cloud Storage Security

  In light of the rapid development of the Internet and the popularity of mobile devices, the demand in cloud storage continuously increases. Cloud storage has no geographical restriction, making the service available around the globe; plus that the requirement in information...
31 Mar 2014 3596 Views

Near Field Communication Security Guidelines

Near Field Communication (NFC), the name often appears in smartphone. Many electronic devices such as speakers and Bluetooth headsets also support NFC communication. In fact, NFC technology has been used since 1997 in Hong Kong in a popular payment service – the Octopus.   Most...
31 Oct 2013 3328 Views

Bring Your Own Device (BYOD) Security Guidelines

  What is BYOD?   In the past, corporations purchase electronic devices, such as laptops and mobile phones, for staff worked outside of the office. Security of these electronic devices are centralized and managed by IT departments.   In recent years, as the mobile devices...
26 Sep 2013 3478 Views