Security Blog

FEATURED BLOG

CyberSecurity Tips for Travelling

It's the summertime travel season.  While you are on holiday, remember that hackers don't take time off. HKCERT has prepared the following travel tips to help you enjoy your trip and keep your network safe: 1. Protect your devices and keep...
Release Date: 11 Jul 2024 1225 Views
FEATURED BLOG

Weaponisation of AI: The New Frontier in Cybersecurity

The advent of artificial intelligence (AI) ushers in an era of unprecedented technological advancements, assisting various industries for further development. However, alongside these benefits, the misuse of artificial intelligence has also facilitated hackers and been "weaponised" by them to carry out cyber...
Release Date: 10 Jul 2024 2051 Views
Filter by:

Favourite Security Reads of the Fortnight (7 Dec 2018)

  Favourite Security Reads of the Fortnight (7 Dec 2018) .   "Favourite Security Reads of the Fortnight". Every two weeks we share news or articles that we like. We hope you will love this column and we welcome your comment via email to [email protected].   Below is the favourite security reads of this fortnight.   Article written by HKCERT on Hong Kong Economic Times: 杜絕保安漏洞 由設計程式開始 (2018-11-16, Chinese) 遠端桌面連綫 4招確保安全 (2018-11-23, Chinese) 網上漏洞多 慎...
Release Date: 7 Dec 2018 3577 Views

Best Practice Guide of Remote Desktop (for corporate administrator)

Remote Desktop is a useful tool for remote control a computer, but misconfigured Remote Desktop is risky. Using weak password to protect Internet accessible remote desktop and sharing password to the technical support vendor are some of these examples. They could lead to server...
Release Date: 5 Dec 2018 3767 Views

The die was cast: Always handle customer information with caution

Again, another data leakage incident was found from a famous credit scoring company in Hong Kong. Someone might obtain your credit scoring report by abusing your personal information e.g. HKID, and pass the authentication process easily.    Failed to protect customer information is a...
Release Date: 29 Nov 2018 3293 Views

Favourite Security Reads of the Fortnight (16 Nov 2018)

  Favourite Security Reads of the Fortnight (16 Nov 2018) .   "Favourite Security Reads of the Fortnight". Every two weeks we share news or articles that we like. We hope you will love this column and we welcome your comment via email to [email protected].   Below is the favourite security reads of this fortnight.   Article written by HKCERT on Hong Kong Economic Times: 航空公司洩私隱 企業借鑑減風險 (2018-11-02, Chinese) 資料外洩 恐被用作網絡攻擊 (2018-11-09, Chinese) Articles that we like:  ...
Release Date: 16 Nov 2018 3938 Views

Security and Privacy by Design - Crucial to Web Application

HKCERT is aware that some sensitive information were public accessible from an online application system of a sport event. Personal information including applicant name, part of HKID, address and telephone number were leaked.    Although that vulnerable web application was stopped and remediated once the data leakage...
Release Date: 10 Nov 2018 4258 Views

Secure your Email - it is essential to the Overall Security of Mobile Payment Services

We are aware of recent security incidents related to mobile payment. In one of the incidents, it was reported that the attacker compromised a victim's email account to find way to take control of his mobile wallet and transfer money out to a prepared account of...
Release Date: 9 Nov 2018 3879 Views

Malicious browser extension caused Facebook sensitive information disclosure

HKCERT is aware a report which stated that there were 257,256 Facebook user profiles compromised, of which 81,208 private messages were leaked.   Security vendor Digital Shadows obtained the leaked data from BBC and performed assessment, and found that 30% of victims being...
Release Date: 3 Nov 2018 3798 Views

Favourite Security Reads of the Fortnight (2 Nov 2018)

  Favourite Security Reads of the Fortnight (2 Nov 2018) .   "Favourite Security Reads of the Fortnight". Every two weeks we share news or articles that we like. We hope you will love this column and we welcome your comment via email to [email protected].   Below is the favourite security reads of this fortnight.   Article written by HKCERT on Hong Kong Economic Times: 社交網資料外洩 用戶需自保 (2018-10-19, Chinese)遇「勒索」電郵先冷靜 勿亂交贖金 (2018-10-26, Chinese) Articles that we like...
Release Date: 2 Nov 2018 2271 Views

Beware of WebApp Programming Vulnerability leads to personal information leakage

It was reported that website of Hong Kong Airline has a vulnerability, the passenger's personal information can be seen by modifying the end of the URL. It probably falls into risks of Broken Authentication (A2) and Broken Access Control (A5) ...
Release Date: 30 Oct 2018 3149 Views

Beware of the unauthorized FPS transaction and SVF setup

Recently, there were reports about unauthorized money transfer between bank account and stored value facilities (SVF). On 30 Sep 2018, the Hong Kong Monetary Authority (HKMA) has launched Faster Payment System (FPS), which enables person-to-person interbank fund transfer...
Release Date: 25 Oct 2018 3887 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY