Security Blog

Botnet is one of the major security threats nowadays. If our devices are part of botnet, they will be controlled by attackers to participate in some illegal activities; with botnet, attackers can launch sophisticated and destructive attacks, which result in wider information leak and serious...

The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) of the Hong Kong Productivity Council (HKPC) today (21 January 2014) alerts businesses and the public of rising security threats as it recorded 1,593 security incidents in 2013, up 52% ...

  Favourite Security Reads of the Week (17 Jan 2014)   "Favourite Security Reads of the Week". Each week we share five news or articles that we like. We hope you will love this column and we welcome your comment via email to hkcert@hkcert....

  Favourite Security Reads of the Week (10 Jan 2014)   "Favourite Security Reads of the Week". Each week we share five news or articles that we like. We hope you will love this column and we welcome your comment via email to hkcert@hkcert....

  Favourite Security Reads of the Week (03 Jan 2014)   "Favourite Security Reads of the Week". Each week we share five news or articles that we like. We hope you will love this column and we welcome your comment via email to hkcert@hkcert....

January 2014 Issue of Security Newsletter is available now: /my_url/en/newsletter/1401   Cover Story ZeroAccess Botnet Detection and Cleanup in Hong Kong Hong Kong Industry Network Clusters (HK-INC) cross-sector consultation meeting Hong Kong Cyber Drill Strengthens...

  Favourite Security Reads of the Week (27 Dec 2013)   "Favourite Security Reads of the Week". Each week we share five news or articles that we like. We hope you will love this column and we welcome your comment via email to [email protected].    Below is the Favourite Security Reads of this Week.   1.Don't Focus on Predictions: What are Your 2014 IT Security Resolutions? (Security Week, 26 Dec 2013) 2.Study: Mobile Devices Escalating Endpoint Security Risks (DarkReading, 26 Dec 2013) 3.Tomcat伺服器首度成為攻擊鎖定目標，臺灣公務機關淪為駭客指揮中心 (iThome online, 17 Dec 2013, 中文) 4.Dynamoo's Blog: Video: Chinese...

  Hong Kong Computer Emergency Response Team (HKCERT) Coordination Centre cooperates with the National Institute of Network and Information Security (NINIS) for detecting malicious and suspicious behaviors of Apps from the Google Play Store, in order to study the security risk of apps in the Google Play Store in Hong Kong area. NINIS provides us analyzed result, and we collate the detection result and publish security alerts to the public.   In the report of December, we have downloaded 165 apps from Play Store, where 3 apps have been identified as high risk. 2 of them were removed from Play Store (on or before 27-December). The detail of report is shown as follow.   Target scope: Top 50 Free Applications in Hong Kong area Top 50 New Free Applications in Hong Kong area Top 50 Free Games in Hong Kong area Top 50 New Free Games in Hong Kong area   Scanned Apps Successful downloaded and scanned: 165 apps Unable to download via the system: 35 apps Downloaded date: 5-December 2013 List of the downloaded apps: "Appendix 1" [download]   Analysis Overview   In this analysis, 165 apps were scanned for bad behaviors. Based on the level of security threat, the apps were divided into 2 categories: apps with malicious and apps with suspicious behaviors. Malicious behavior refers to apps behavior pose malicious level of security risk, which can be identified explicitly, that causes security threat to users. Suspicious behavior refers to apps behavior pose certain level of security risk, but no malicious behavior can be explicitly identified.   1. Scanning Result   Among the 165 scanned apps, 3 apps were identified as security high risk. These 3 Apps were identified with the following high risk behavior signatures Android.Adware.Adwo, Android.Trojan.Generic, Android.Adware.AirPush, Android.AdWare.AdMogo, ApplicUnwnt, Android.Adware.Plankton, Android.Adware.Mobclick.   List of security high risk apps   Application High risk behavior signature / Ad plug-in Malware detection ratio by VirusTotal Status # 1. 2014桃花運 精准分析桃花走勢 v1..2 Category: New Free Applications Installs: 10,000-50,000 High risk behavior description: It can obtain SIM serial number, obtain SIM status, ...

The objective of the “Be a Smart Netizen” video contest is to promote the awareness of information security and adoption of best security practices in the community.  The video should tell a story on how a smart netizen could prevent and respond to the...

  Favourite Security Reads of the Week (20 Dec 2013)   "Favourite Security Reads of the Week". Each week we share five news or articles that we like. We hope you will love this column and we welcome your comment via email to hkcert@hkcert....