Skip to main content

Security Guideline

Filter by:

Help: How to handle ransomware infection

The following information is about preventing and handling ransomware infection.   Cyber criminals make use of ransomware to encrypt computer files, and demand for ransom from the victim for decrypting the files. But even if the victim pays, there is no guarantee that the files can be...
6 Apr 2018 3303 Views

Help: How to handle security incidents related to mobile devices

The following information is about how to handle security incidents related to mobile devices such as smart phones, tablets. If you encounter security incidents related to mobile devices: You should scan the device with the latest version of security tool. If any malware is found through...
6 Apr 2018 3047 Views

Help: How to handle theft or suspension of online services accounts

The following information is about how to handle theft or suspension of online services accounts such as email, social network.   If online service accounts are stolen, the data and address book might be stolen. The account might also be used to deliver scam messages to your...
6 Apr 2018 2828 Views

Help: How to remove malware and obtain information of security tools selection

The following information is about how to remove malware, and obtain information of security tools selection.   Most malware pretend to be legitimate software or document to trick user to open them, for example, free software or games, software crackers, Office documents or PDF documents...
6 Apr 2018 2005 Views

Help: Report security incidents and get help

The following information is about reporting security incidents and getting help.   ATTENTION: HKCERT is not a law enforcement authority. If your personal safety is threatened or financial loss is encountered, please report to police.   Moreover, HKCERT is not a regulatory body either. To...
6 Apr 2018 2782 Views

Mirai Malware Cleanup and Prevention

1. What is Mirai?  Mirai, believed to originate from Japanese mirai (未来) which means ‘future’, is a Linux based malware, which targets devices connected to the Internet (or ‘Internet of Things’ also known as ‘IoT devices’) ...
24 Jan 2017 5032 Views

Magento eCommerce Web Application Security Guide

  Image source: magento.com   . Foreword Magento (magento.com) is a web based eCommerce application, widely used by online merchants to provide online transaction on shopping or eCommerce website.   HKCERT was aware that a Dutch security researcher Willem de Groot (...
12 Jan 2017 2597 Views

SSL/TLS Protocols Security Guidelines

  Introduction SSL/TLS1 protocols are pervasive throughout information systems and the Internet. They protect the confidentiality of communication. HTTPS protocol is one of the more common applications that make use of SSL/TLS for encrypting communication between browsers and websites2. A typical...
3 Mar 2016 5225 Views

Personal Internet Service Account Security Management Guideline

 To prevent your personal information stolen by hackers, account management is very important. Using a strong password can help to against brute force attack launched by hackers. However, nowadays, a strong password is not enough to protect your account from cyber criminals. HKCERT...
24 Feb 2016 3746 Views

Best Practice Guide (SSL Implementation) for Mobile App Development

Mobile platform is increasingly become a choice for delivering services. As more sensitive data and transaction data will be transported on mobile communication channels, the security risks associated with untrusted communication, such as public Wi-Fi have to be addressed, for example, fraudster can...
14 Sep 2015 4428 Views