InfoSec: Search by News & Events

2020-11-22 to

2021-4-11

Cyber Security Competition 2020/21

Organised by Hong Kong Police Force (HKPF)

2020-12-29

Phishing Attack - Fraudulent website related to Industrial and Commercial Bank of China (Asia) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Industrial and Commercial Bank of China (Asia) Limited on fraudulent website, which has been reported to the HKMA.

2020-12-24

Phishing Attack - Fraudulent website and phishing email related to Citibank (Hong Kong) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Citibank (Hong Kong) Limited on fraudulent website and phishing email, which has been reported to the HKMA.

2020-12-17

CSA HKM Knowledge Sharing Event – Dec 2020

Organised by Cloud Security Alliance Hong Kong & Macau Chapter

2020-12-16

HKCERT - Security Blog: End-of-Support for Adobe Flash Player after 31 December 2020

Adobe had announced that Flash Player will no longer be supported after 31 December 2020, meaning the end of this life-long web content tool.

2020-12-16

Phishing Attack - Suspected fraudulent website

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public in Hong Kong to a suspected fraudulent website with the domain name https://www[.]blackbanx[.]co/. The website is operated by an alleged Black Banx Group/Black Banx Limited.

2020-12-16

GovCERT.HK - Security Alert (A20-12-06): Multiple Vulnerabilities in Firefox

Mozilla has published two security advisories (MFSA 2020-54 and MFSA 2020-55) to address multiple vulnerabilities in Firefox browser.

2020-12-15

GovCERT.HK - High Threat Security Alert (A20-12-05): Vulnerability in SolarWinds Orion Platform software

SolarWinds has released a security advisory warning customers about a supply chain attack on SolarWinds Orion Platform software.

2020-12-15

GovCERT.HK - Security Alert (A20-12-04): Multiple Vulnerabilities in Apple iOS and iPadOS

Apple has released iOS 14.3 and iPadOS 14.3 as well as iOS 12.5 to fix multiple vulnerabilities in various Apple devices.

2020-12-10

GovCERT.HK - Security Alert (A20-12-03): Vulnerability in Adobe Reader/Acrobat

Security update are released for Adobe Reader and Acrobat to address an input validation vulnerability.

2020-12-9

GovCERT.HK - Security Alert (A20-12-02): Vulnerability in Apache Struts

Apache has released the security bulletin (S2-061) to address a vulnerability in Apache Struts.

2020-12-9

GovCERT.HK - Security Alert (A20-12-01): Multiple Vulnerabilities in Microsoft Products (December 2020)

Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.

2020-12-9

LCQ3: Information that is false and prejudicial to public safety

Following is a question by the Hon Kwok Wai-keung and a reply by the Secretary for Home Affairs, Mr Caspar Tsui, in the Legislative Council today (December 9)…

2020-12-8

Privacy Commissioner Publishes an Article on Doxxing

The Privacy Commissioner for Personal Data, Hong Kong, Ms Ada CHUNG Lai-ling, published an article entitled “Doxxing can bring serious legal consequences” (《「起底」害己害人》) in Hong Kong Economic Journal yesterday (7 December), and in Sing Tao Daily, Hong Kong Economic Times, South China Morning Post and Oriental Daily (a contributed article for reporting) today (8 December). The full version of the article can be downloaded here.

2020-12-8

LCQ15: Virtual banks

Following is a question by the Hon Chan Chun-ying and a written reply by the Secretary for Financial Services and the Treasury, Mr Christopher Hui, in the Legislative Council today (December 9)…

2020-12-8

HKCERT - Security Blog: Patch FortiOS SSL VPN Vulnerability (CVE-2018-13379) Immediately

Recently a threat actor (attacker) shared a list of IP addresses related to the exploit of over 49,000 Fortinet VPN devices that are vulnerable to CVE-2018-13379.

2020-8-24 to

2020-12-7

Build a Secure Cyberspace 2020 – “Secure Use of Mobile Devices” Sticker Design Contest

Organised by Office of the Government Chief Information Officer (OGCIO) / Hong Kong Police Force (HKPF) / Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT)

2020-12-7

HKCERT - Security Blog: Hong Kong Security Watch Report (Q3 2020)

HKCERT is pleased to bring to you the "Hong Kong Security Watch Report" for the third quarter of 2020.

2020-12-7

Phishing Attack - Fraudulent website related to DBS Bank (Hong Kong) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited on fraudulent website, which has been reported to the HKMA.

2020-12-1

Phishing Attack - EDB alerts public on fake Telegram channel

A spokesman for the Education Bureau (EDB) today (December 1) reminded the public to be aware of a fake Telegram channel called "Hong Kong Education Bureau", set up in the name of the EDB, so as to avoid mistakenly receiving false and misleading information.

2020-11-30

PCPD Issues Three Practical Guidance Notes Relating to Work-from-Home Arrangements for Organisations, Employees and Users of Video Conferencing Software to Enhance Data Security and Protection of Personal Data Privacy

In relation to work-from-home (WFH) arrangements, the Office of the Privacy Commissioner for Personal Data, Hong Kong, (PCPD) today (30 November) issued three Guidance Notes under the series “Protecting Personal Data under Work-from-Home Arrangements” to provide practical advice to (1) organisations; (2) employees; and (3) users of video conferencing software to enhance data security and the protection of personal data privacy.

2020-11-30

Phishing Attack - Fraudulent websites related to Hang Seng Bank, Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited on fraudulent websites, which has been reported to the HKMA.

2020-11-30

Phishing Attack - Fraudulent website related to The Bank of East Asia, Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited on a fraudulent website, which has been reported to the HKMA.

2020-11-30

GovCERT.HK - High Threat Security Alert (A20-11-08): Multiple Vulnerabilities in Drupal

Drupal has released a security advisory to address two vulnerabilities in PEAR Archive_Tar library which is used in Drupal Core by default.

2020-11-27

Phishing Attack - Fraudulent website purporting to be HKMA's official website: https://hkma-gov[.]com/

The Hong Kong Monetary Authority (HKMA) would like to alert members of the public to a fraudulent website with the domain name https://hkma-gov[.]com/

2020-11-27

Phishing Attack - Fraudulent websites related to Bank of China (Hong Kong) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited on fraudulent websites, which has been reported to the HKMA.

2020-11-25

Phishing Attack - Fraudulent website related to Hang Seng Bank, Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited on fraudulent website, which has been reported to the HKMA.

2020-11-25

Phishing Attack - Fraudulent websites related to Chong Hing Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited on fraudulent websites, which has been reported to the HKMA.

2020-11-24

Phishing Attack - Hongkong Post again alerts public to phishing email

In view of the increasing number of cases of phishing emails alleged to have been sent by Hongkong Post that were found recently, Hongkong Post today (November 24) reminded members of the public again to stay vigilant to these cases.

2020-11-24

Phishing Attack - Phishing WhatsApp group related to DBS Bank (Hong Kong) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited on phishing WhatsApp group, which has been reported to the HKMA.

2020-11-23

Privacy Commissioner Calls for Greater Vigilance When Teenagers Go Online Beware of Swindlers of Personal Data

As a result of the pandemic, teenagers tend to spend more time on online learning and social networking. The Office of the Privacy Commissioner for Personal Data (PCPD) noted from the findings of a recent survey on online lewd traps that nearly 90% of the parents interviewed allowed their children to go online unsupervised.

2020-11-20

Phishing Attack - Fraudulent website related to The Bank of East Asia, Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited on fraudulent website, which has been reported to the HKMA.

2020-11-19

GovCERT.HK - Security Alert (A20-11-07): Vulnerability in Drupal

Drupal has released a security advisory to address a vulnerability of improper sanitisation of filenames on uploaded files in Drupal Core.

2020-11-18

LCQ5: "LeaveHomeSafe" mobile application

Following is a question by the Hon Charles Mok and a reply by the Secretary for Innovation and Technology, Mr Alfred Sit, in the Legislative Council today (November 18)…

2020-11-18

GovCERT.HK - Security Alert (A20-11-06): Multiple Vulnerabilities in Firefox

Mozilla has published two security advisories (MFSA 2020-50 and MFSA 2020-51) to address multiple vulnerabilities in Firefox browser.

2020-11-17

HKCERT - Security Blog: Case Study on Bitcoin Scam Incident - A Combined Social Engineering and Privilege Escalation Attacks

In this blog, HKCERT will provide advice for SMEs and the general public on defending against social engineering and privilege escalation attacks.

2020-11-17

Phishing Attack - Fraudulent website related to China CITIC Bank International Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited on fraudulent website, which has been reported to the HKMA.

2020-11-16

OGCIO explains access right issues on "LeaveHomeSafe" COVID-19 exposure notification mobile app

The "LeaveHomeSafe" COVID-19 exposure notification mobile app was officially launched today (November 16).

2020-11-13

Hong Kong Cyber Security New Generation Capture the Flag Challenge 2020 Webinar and Award Presentation Ceremony

Organised by Hong Kong Productivity Council / Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT)

2020-11-13

The "Capture the Flag Challenge 2020" Award Presentation Ceremony - Recognises Cyber Security Future Talents

(Hong Kong, 13 November 2020) The first “Hong Kong Cyber Security New Generation Capture the Flag Challenge 2020”, jointly organised by the Hong Kong Productivity Council (HKPC) and its Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT), held its award presentation ceremony today, recognising the outstanding efforts of students from local secondary schools and tertiary institutions in acquiring cyber security knowledge through leveraging creative thinking for problem solving

2020-11-12

GovCERT.HK - Security Alert (A20-11-05): Multiple Vulnerabilities in Palo Alto PAN-OS

Palo Alto has published security advisories to address multiple vulnerabilities in PAN-OS.

2020-11-11

GovCERT.HK - High Threat Security Alert (A20-11-04): Multiple Vulnerabilities in Microsoft Products (November 2020)

Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.

2020-11-10

GovCERT.HK - Security Alert (A20-11-03): Vulnerability in Firefox

Mozilla has published a security advisory (MFSA 2020-49) to address a vulnerability in Firefox browser.

2020-11-9

HKCERT - Security Blog: Enterprise VPN Security Guideline

The Enterprise VPN is a common technology to support remote working during global pandemic outbreak…

2020-11-6 to

2020-11-8

Hong Kong Cyber Security New Generation Capture the Flag Challenge 2020

Organised by Hong Kong Productivity Council / Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT)

2020-11-6

Phishing Attack - Fraudulent website related to DBS Bank (Hong Kong) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited on fraudulent website, which has been reported to the HKMA.

2020-11-6

GovCERT.HK - High Threat Security Alert (A20-11-02): Multiple Vulnerabilities in Apple iOS and iPadOS

Apple has released both iOS 14.2 and iPadOS 14.2 as well as iOS 12.4.9 to fix multiple vulnerabilities in various Apple devices.

2020-11-5

Phishing Attack - Fraudulent website related to The Bank of East Asia, Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited on fraudulent website, which has been reported to the HKMA.

2020-11-4

Phishing Attack - Hongkong Post alerts public to phishing email

Hongkong Post today (November 4) reminded members of the public to be alert to emails alleged to be sent by Hongkong Post requiring recipients to settle payment for mail delivery.

2020-11-4

GovCERT.HK - Security Alert (A20-11-01): Multiple Vulnerabilities in Adobe Reader/Acrobat

Security updates are released for Adobe Reader and Acrobat to address multiple vulnerabilities

2020-11-4

LCQ7: Measures against doxxing and cyber-bullying

Following is a question by the Hon Alice Mak and a written reply by the Acting Secretary for Constitutional and Mainland Affairs, Mr Andy Chan, in the Legislative Council today (November 4)…

2020-11-3

HKMA launches Cybersecurity Fortification Initiative 2.0

The Hong Kong Monetary Authority (HKMA) announced today (3 November 2020) the launch of an upgraded Cybersecurity Fortification Initiative (CFI) 2.0, following industry consultation.

2020-11-3

Phishing Attack - Phishing email related to The Hongkong and Shanghai Banking Corporation Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited on phishing email, which has been reported to the HKMA.

2020-10-29

Phishing Attack - Fraudulent website related to Hang Seng Bank, Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited on fraudulent website, which has been reported to the HKMA.

2020-10-28

HKCERT - Security Blog: Identity Theft Protection for Social Media and Instant Messaging Accounts

Social media and instant messaging software have become essential tools for our daily social interaction and communication. Therefore it is important to protect the user accounts of relevant software…

2020-10-28

Phishing Attack - Phishing email related to Oppenheim Bank

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a phishing email purported to be sent by Oppenheim Bank, with an email address "tommy@OppenheimBank[dot]com", claiming to be representing Oppenheim Bank Hong Kong branch and soliciting share financing business in Hong Kong.

2020-10-23

Phishing Attack - Fraudulent website related to The Bank of East Asia, Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited on fraudulent website, which has been reported to the HKMA.

2020-10-23

Phishing Attack - Phishing email related to Bank of China (Hong Kong) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited on phishing email, which has been reported to the HKMA.

2020-10-22

GovCERT.HK - Security Alert (A20-10-07): Multiple Vulnerabilities in Cisco Products

Cisco released security advisories to address multiple vulnerabilities in Cisco product running Cisco FXOS Software, Cisco Adaptive Security Appliance (ASA) Software, Firepower Threat Defense (FTD) Software or Cisco Firepower Management Center (FMC) Software.

2020-10-21

(ISC)² APAC Secure Webinar: Trusted Identities for a Digital World

Organised by ISC2 Asia Pacific

2020-10-21

GovCERT.HK - High Threat Security Alert (A20-10-06): Multiple Vulnerabilities in Oracle Java and Oracle Products (October 2020)

Oracle has released the Critical Patch Update (CPU) Advisory with collections of patches for multiple security vulnerabilities found in Java SE and various Oracle products.

2020-10-21

GovCERT.HK - Security Alert (A20-10-05): Multiple Vulnerabilities in VMware Products

VMware has published a security advisory to address multiple vulnerabilities in VMware products.

2020-10-21

GovCERT.HK - Security Alert (A20-10-04): Multiple Vulnerabilities in Firefox

Mozilla has published two security advisories (MFSA 2020-45 and MFSA 2020-46) to address multiple vulnerabilities in Firefox browser.

2020-10-20

Doxxing Case Defendant Sentenced for Breaching Injunction Order
Privacy Commissioner Urges the Public Not to Flout the Law

In a case which involved the posting of the personal data of a police officer on a social media platform in violation of an interim injunction order granted by the High Court, the defendant was convicted of civil contempt of court yesterday (October 19) and sentenced to 28 days’ imprisonment, suspended for one year.

2020-10-15

Phishing Attack - Fraudulent website related to DBS Bank (Hong Kong) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited on fraudulent website, which has been reported to the HKMA.

2020-10-15

GovCERT.HK - Security Alert (A20-10-03): Vulnerability in SonicWall Products

SonicWall released a security advisory to address a buffer overflow vulnerability in SonicOS which is the operating system for SonicWall firewalls.

2020-10-14

(ISC)² APAC Secure Webinar: Modern Threat Hunting Using MITRE ATT&CK

Organised by ISC2 Asia Pacific

2020-10-14

Phishing Attack - Fraudulent website related to Union Bancaire Privée, UBP SA

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Union Bancaire Privée, UBP SA on fraudulent website, which has been reported to the HKMA.

2020-10-14

GovCERT.HK - Security Alert (A20-10-02): Vulnerability in Adobe Flash Player

Adobe has released security updates to address a vulnerability in Adobe Flash Player.

2020-10-14

GovCERT.HK - High Threat Security Alert (A20-10-01): Multiple Vulnerabilities in Microsoft Products (October 2020)

Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.

2020-10-13

HKCERT - Security Blog: Ransomware: Double Extortion Attacks Continued - Intrusion via Exploiting VPN Gateway Vulnerability

During the back-to-school season, HKCERT noticed that ransomware attacks have been targeting educational institutions all over the world while the trend of double extortion attacks continued. Related ransomware, such as Maze and Netwalker, were also very active. Users must stay vigilant.

2020-10-12

Phishing Attack - Suspicious mobile applications related to Fusion Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Fusion Bank Limited on suspicious mobile applications (Apps), which has been reported to the HKMA.

2020-10-8

CSA HKM Knowledge Sharing Event – October 2020

Organised by Cloud Security Alliance Hong Kong & Macau Chapter

2020-10-8

Phishing Attack - Suspicious mobile application related to Livi Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Livi Bank Limited on suspicious mobile application (App), which has been reported to the HKMA.

2020-10-8

Phishing Attack - Phishing email related to The Bank of East Asia, Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited on phishing email, which has been reported to the HKMA.

2020-10-7

(ISC)² APAC Secure Webinar: Ransomware Steps Up: New Variants & Better Tactics to Defend and Defeat Threats

Organised by ISC2 Asia Pacific

2020-10-6

Phishing Attack - Fraudulent website related to DBS Bank (Hong Kong) Limited

he Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited on fraudulent website, which has been reported to the HKMA.

2020-10-5

Phishing Attack - Suspicious mobile applications related to Airstar Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Airstar Bank Limited on suspicious mobile applications (Apps), which has been reported to the HKMA.

2020-9-30

(ISC)² Secure Webinars APAC - Tycoon Ransomware and Zero Trust Threat Prevention

Organised by ISC2 Asia Pacific

2020-9-30

(ISC)² Secure Webinars APAC - Tycoon Ransomware and Zero Trust Threat Prevention

Organised by ISC2 Asia Pacific

2020-9-28

GovCERT.HK - Security Alert (A20-09-08): Multiple Vulnerabilities in FortiGate and FortiOS

FortiNet released security advisories to address multiple vulnerabilities in FortiGate and FortiOS software.

2020-9-22 to

2020-9-25

HKPC Academy - Cyber Security Workshop: RED / BLUE Team Pentest Kungfu Series

Organised by Hong Kong Productivity Council

2020-9-25

Phishing Attack - Fraudulent website related to Airstar Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Airstar Bank Limited on fraudulent website, which has been reported to the HKMA.

2020-9-25

GovCERT.HK - Security Alert (A20-09-07): Multiple Vulnerabilities in Cisco Products

Cisco released security advisories to address multiple vulnerabilities in Cisco products running Cisco IOS and IOS XE.

2020-9-24

Phishing Attack - Fraudulent website and phishing email related to The Hongkong and Shanghai Banking Corporation Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited on fraudulent website and phishing email, which has been reported to the HKMA.

2020-9-24

Phishing Attack - Suspicious mobile application related to Mox Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Mox Bank Limited on suspicious mobile application (App), which has been reported to the HKMA

2020-9-23

GovCERT.HK - Security Alert (A20-09-06): Multiple Vulnerabilities in Firefox

Mozilla has published two security advisories (MFSA 2020-42 and MFSA 2020-43) to address multiple vulnerabilities in Firefox browser.

2020-9-22

Phishing Attack - Fraudulent website related to DBS Bank (Hong Kong) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited on fraudulent website, which has been reported to the HKMA.

2020-9-22

Phishing Attack - Phishing WhatsApp message related to Bank of China (Hong Kong) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited on phishing WhatsApp message, which has been reported to the HKMA.

2020-9-21

Phishing Attack - Fraudulent websites related to China CITIC Bank International Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited on fraudulent websites, which has been reported to the HKMA.

2020-9-21

Phishing Attack - Suspected fraudulent website

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public in Hong Kong to a suspected fraudulent website with the domain name https://www[dot]wangshuonline[dot]com.

2020-9-18

GovCERT.HK - Security Alert (A20-09-05): Multiple Vulnerabilities in Citrix Products

Multiple vulnerabilities have been found in Citrix Application Delivery Controller, Citrix Gateway and Citrix SD-WAN WANOP.

2020-9-17

GovCERT.HK - Security Alert (A20-09-04): Multiple Vulnerabilities in Drupal

Drupal has released security advisories to address multiple vulnerabilities in Drupal Core.

2020-9-17

GovCERT.HK - Security Alert (A20-09-03): Multiple Vulnerabilities in Apple iOS and iPadOS

Apple has released iOS 14 and iPadOS 14 to fix multiple vulnerabilities in various Apple devices.

2020-9-17

Phishing Attack - Suspicious mobile application related to WeLab Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by WeLab Bank Limited on suspicious mobile application (App), which has been reported to the HKMA.

2020-9-17

Phishing Attack - Fraudulent website related to Airstar Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Airstar Bank Limited on fraudulent website, which has been reported to the HKMA.

2020-8-28 to

2020-9-11

The 12th InfoSecurity Virtual Summit 2020

Organised by Market Intelligence Group Limited

2020-9-10

Phishing Attack - HKMA alerts public on bogus messages

The Hong Kong Monetary Authority (HKMA) received an enquiry from the public about the HKMA demanding for charges on money transfer through instant messaging application LINE. The HKMA wishes to clarify that it does not impose charges of any kind on money transfer.

2020-9-10

GovCERT.HK - Security Alert (A20-09-02): Multiple Vulnerabilities in Palo Alto PAN-OS

Palo Alto has published security advisories to address multiple vulnerabilities in PAN-OS.

2020-9-9

GovCERT.HK - Security Alert (A20-09-01): Multiple Vulnerabilities in Microsoft Products (September 2020)

Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.

2020-9-7

Phishing Attack - Suspicious mobile application (App) related to ZA Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by ZA Bank Limited on suspicious App, which has been reported to the HKMA.

2020-9-3

CSA HKM Knowledge Sharing Event – September 2020

Organised by Cloud Security Alliance Hong Kong & Macau Chapter

2020-9-3

Phishing Attack - Suspicious mobile applications related to DBS Bank (Hong Kong) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited on suspicious mobile applications (Apps), which has been reported to the HKMA.

2020-9-3

Phishing Attack - Phishing email related to The Hongkong and Shanghai Banking Corporation Limited

2020-9-2

Phishing Attack - Fraudulent website related to Livi Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Livi Bank Limited on fraudulent website, which has been reported to the HKMA.

2020-9-2

Phishing Attack - Fraudulent website related to China CITIC Bank International Limited

2020-9-2

Phishing Attack - Fraudulent website related to Fusion Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Fusion Bank Limited on fraudulent website, which has been reported to the HKMA.

2020-9-2

Phishing Attack - Suspicious mobile applications related to Fubon Bank (Hong Kong) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Fubon Bank (Hong Kong) Limited on suspicious mobile applications (Apps), which has been reported to the HKMA.

2020-9-1

Phishing Attack - Suspicious mobile applications related to Airstar Bank Limited

2020-8-31

HKCERT - Security Blog: Beware of Latest DDoS Extortion Attacks

In the past weeks, various financial organisations over the world have been on the receving end of Distributed Denial of Service (DDoS) extortion attacks, with disruption to their online service.

2020-8-31

GovCERT.HK - High Threat Security Alert (A20-08-09): Vulnerability in Cisco Products

Cisco released a security advisory to address a vulnerability in Cisco IOS XR software.

2020-8-31

Phishing Attack - Fraudulent website related to Bank of Singapore Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited on fraudulent website, which has been reported to the HKMA

2020-8-27

GovCERT.HK - Security Alert (A20-08-08): Multiple Vulnerabilities in Pulse Secure Products

Pulse Secure released security advisories to address multiple vulnerabilities in the Pulse Connect Secure and Pulse Policy Secure server software.

2020-8-27

GovCERT.HK - Security Alert (A20-08-07): Multiple Vulnerabilities in Cisco Products

Cisco released 7 security advisories to address vulnerabilities in Cisco products running FXOS and NX-OS as well as those in Cisco Nexus 3000 and 9000 series switches.

2020-8-26

GovCERT.HK - Security Alert (A20-08-06): Multiple Vulnerabilities in Firefox

Mozilla has published three security advisories (MFSA 2020-36, MFSA 2020-37 and MFSA 2020-38) to address multiple vulnerabilities in Firefox browser.

2020-8-24

Phishing Attack - Suspected fraudulent website

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public in Hong Kong to a suspected fraudulent website with the domain name https://trustfundalliance[dot]com.

2020-8-21

Half-Day Workshop - Coaching Techniques for Audit & Risk Management Professionals

Organised by Information Systems Audit and Control Association, China Hong Kong Chapter

2020-8-21

Government further promotes cross-sector cyber security information sharing

The Office of the Government Chief Information Officer (OGCIO) announced today (August 21) that the Partnership Programme for Cyber Security Information Sharing, also known as Cybersec Infohub, will be formalised from September 1 onwards.

2020-8-21

Phishing Attack - Suspicious mobile applications (Apps) related to WeLab Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by WeLab Bank Limited on suspicious Apps, which has been reported to the HKMA.

2020-8-21

Phishing Attack - Suspicious mobile applications related to Chong Hing Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited on suspicious mobile applications (Apps), which has been reported to the HKMA.

2020-8-21

GovCERT.HK - Security Alert (A20-08-05): Multiple Vulnerabilities in ISC BIND

ISC has released security updates to fix multiple security vulnerabilities in BIND.

2020-8-20

Phishing Attack - Suspicious mobile application related to Livi Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Livi Bank Limited on suspicious mobile application (Apps) which has been reported to the HKMA

2020-8-20

Phishing Attack - Fraudulent website related to The Bank of East Asia, Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited on a fraudulent website, which has been reported to the HKMA.

2020-8-19

Phishing Attack - Fraudulent websites related to Bank of China (Hong Kong) Limited

2020-8-18

HKCERT - Security Blog: Learn About Personal VPN Services, Protect Online Privacy and Security

This blog not only examines personal VPN services in-depth but also helps users understand the principles of VPN technology and the security features provided by personal VPN services so that this technology can be used correctly.

2020-8-17

Phishing Attack - Suspicious mobile applications related to Livi Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Livi Bank Limited on suspicious mobile applications (Apps), which has been reported to the HKMA.

2020-8-17

GovCERT.HK - Security Alert (A20-08-04): Multiple Vulnerabilities in Apache HTTP Server

The Apache Software Foundation released a security update to address multiple vulnerabilities in the HTTP Server and its modules, including mod_proxy_uwsgi and mod_http2.

2020-8-14

Phishing Attack - Fraudulent website related to Bank of Singapore Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited on fraudulent website, which has been reported to the HKMA.

2020-8-14

Phishing Attack - Fraudulent websites related to Hang Seng Bank, Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited on fraudulent websites, which has been reported to the HKMA.

2020-8-14

GovCERT.HK - Security Alert (A20-08-03): Multiple Vulnerabilities in Apache Struts

Apache has released the security bulletins (S2-059, S2-060) to address the vulnerabilities in Apache Struts

2020-8-13

Phishing Attack - Fraudulent website related to Livi Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Livi Bank Limited on fraudulent website, which has been reported to the HKMA.

2020-8-12

HKCERT - Security Blog: Hong Kong Security Watch Report (Q2 2020)

HKCERT is pleased to bring to you the "Hong Kong Security Watch Report" for the second quarter of 2020.

2020-8-12

GovCERT.HK - Security Alert (A20-08-02): Multiple Vulnerabilities in Adobe Reader/Acrobat

Security updates are released for Adobe Reader and Acrobat to address multiple vulnerabilities.

2020-8-12

GovCERT.HK - High Threat Security Alert (A20-08-01): Multiple Vulnerabilities in Microsoft Products (August 2020)

Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.

2020-8-10

Data Privacy Assessment and ISO/IEC 27701 Webinar

Organised by Professional Information Security Association

2020-8-6

CSA HKM Knowledge Sharing Event – Aug 2020

Organised by Cloud Security Alliance Hong Kong & Macau Chapter

2020-8-6

Phishing Attack - Fraudulent website and phishing email related to Bank of China (Hong Kong) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited on fraudulent website and phishing email, which has been reported to the HKMA.

2020-8-4

Phishing Attack - Suspicious mobile applications related to WeLab Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by WeLab Bank Limited on suspicious mobile applications (Apps), which has been reported to the HKMA.

2020-8-3

Phishing Attack - Suspicious mobile application related to Industrial and Commercial Bank of China (Asia) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Industrial and Commercial Bank of China (Asia) Limited on suspicious mobile application (App), which has been reported to the HKMA.

2020-7-31

Phishing Attack - Suspicious mobile application related to banks

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to press releases issued by the following banks (refer to Annex) on suspicious mobile applications (Apps), which have been reported to the HKMA.

2020-7-31

Phishing Attack - Phishing emails related to Bank of China (Hong Kong) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited on phishing emails, which has been reported to the HKMA.

2020-7-30

Phishing Attack - Fraudulent website related to The Bank of East Asia, Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited on fraudulent website, which has been reported to the HKMA.

2020-7-28 to

2020-7-29

HKPC Academy - Securing Microservices in Kubernetes Container Environment for Serverless PaaS Cloud

Organised by Hong Kong Productivity Council

2020-7-29

GovCERT.HK - Security Alert (A20-07-09): Multiple Vulnerabilities in Firefox

Mozilla has published three security advisories (MFSA 2020-30, MFSA 2020-31 and MFSA 2020-32) to address multiple vulnerabilities in Firefox browser.

2020-7-27

Half-Day Workshop - Don’t poke the lion! A cyber-attack case-study deep-dive.

Organised by Information Systems Audit and Control Association, China Hong Kong Chapter

2020-7-27

Phishing Attack - Fraudulent website related to Union Bancaire Privée, UBP SA

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Union Bancaire Privée, UBP SA on fraudulent website, which has been reported to the HKMA.

2020-7-27

Phishing Attack - Fraudulent website related to Hang Seng Bank, Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited on fraudulent website, which has been reported to the HKMA.

2020-7-20 to

2020-7-24

HKPC Academy - Certified Cloud Security Professional (CCSP®) Official Training

Organised by Hong Kong Productivity Council

2020-7-24

GovCERT.HK - High Threat Security Alert (A20-07-08): Multiple Vulnerabilities in Cisco Products

Cisco released security advisories to address vulnerabilities in the Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software as well as in the Treck IP stack implementation.

2020-7-23

Phishing Attack - Fraudulent website and suspicious mobile application related to DBS Bank (Hong Kong) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited on fraudulent website and suspicious mobile application (App), which has been reported to the HKMA.

2020-7-23

Phishing Attack - Suspicious mobile application related to ZA Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by ZA Bank Limited on suspicious mobile application (App), which has been reported to the HKMA.

2020-7-13 to

2020-7-22

HKPC Academy - Cyber Threat Intelligence Training Series

Organised by Hong Kong Productivity Council

2020-7-20

Phishing Attack - Fraudulent website related to China Merchants Bank Co., Ltd.

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Merchants Bank Co., Ltd. on fraudulent website, which has been reported to the HKMA.

2020-7-16

Phishing Attack - Fraudulent website related to Livi Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Livi Bank Limited on fraudulent website, which has been reported to the HKMA.

2020-7-16

GovCERT.HK - Security Alert (A20-07-07): Multiple Vulnerabilities in Apple iOS and iPadOS

Apple has released iOS 13.6 and iPadOS 13.6 to fix multiple vulnerabilities in various Apple devices.

2020-7-15

Phishing Attack - Fraudulent website related to Airstar Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Airstar Bank Limited on fraudulent website, which has been reported to the HKMA.

2020-7-15

GovCERT.HK - Security Alert (A20-07-06): Multiple Vulnerabilities in Oracle Java and Oracle Products (July 2020)

Oracle has released Critical Patch Update (CPU) Advisory with collections of patches for multiple security vulnerabilities found in Java SE and various Oracle products.

2020-7-15

GovCERT.HK - High Threat Security Alert (A20-07-05): Multiple Vulnerabilities in Microsoft Products (July 2020)

Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.

2020-7-13

HKCERT - Security Blog: Ransomware Evolved: Double Extortion and Fake Decryptor

Ransomware is among the most detrimental and wide-spread cyber security threats. Hackers are using it to encrypt files on the user's device and demand ransom payments for file decryption…

2020-7-9

Phishing Attack - Suspected fraudulent website

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public in Hong Kong to a suspected fraudulent website with the domain name http://www[dot]macauoscuhk[dot]com.

2020-7-9

Phishing Attack - Phishing emails related to The Hongkong and Shanghai Banking Corporation Limited

2020-7-8

GovCERT.HK - Security Alert (A20-07-04): Multiple Vulnerabilities in Citrix Products

Multiple vulnerabilities have been found in Citrix Application Delivery Controller, Citrix Gateway and Citrix SD-WAN WANOP.

2020-7-6

Phishing Attack - Fraudulent website related to ZA Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by ZA Bank Limited on fraudulent website, which has been reported to the HKMA.

2020-7-6

Phishing Attack - Fraudulent websites related to Bank of Singapore Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited on fraudulent websites, which has been reported to the HKMA.

2020-7-6

Phishing Attack - Phishing email related to The Hongkong and Shanghai Banking Corporation Limited

2020-7-3

GovCERT.HK - High Threat Security Alert (A20-07-03): Multiple Vulnerabilities in F5 BIG-IP

F5 has published security advisories to address multiple vulnerabilities in the Traffic Management User Interface (TMUI) of F5 BIG-IP system.

2020-7-2

GovCERT.HK - Security Alert (A20-07-02): Vulnerability in Palo Alto PAN-OS

Palo Alto has published a security advisory to address a Security Assertion Markup Language (SAML) authentication vulnerability in PAN-OS.

2020-7-2

GovCERT.HK - Security Alert (A20-07-01): Multiple Vulnerabilities in Firefox

Mozilla has published two security advisories (MFSA 2020-24 and MFSA 2020-25) to address multiple vulnerabilities in Firefox browser.

2020-6-30

Phishing Attack - Fraudulent websites related to Bank of Singapore Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited on fraudulent websites, which has been reported to the HKMA.

2020-6-29

Phishing Attack - Fraudulent website related to China CITIC Bank International Limited

2020-6-29

GovCERT.HK - Security Alert (A20-06-11): Vulnerability in Apache Tomcat

Apache Software Foundation has released new versions of Apache Tomcat 8.5 and 9 to address a vulnerability in the Apache Tomcat.

2020-6-29

Cybersecurity Risks Soar amid COVID-19 Privacy Commissioner Provides Security Advisories

Please refer to the Chinese version.

2020-6-26

Phishing Attack - Fraudulent websites related to Livi Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Livi Bank Limited on fraudulent websites, which has been reported to the HKMA.

2020-6-24

GovCERT.HK - Security Alert (A20-06-10): Multiple Vulnerabilities in VMware Products

VMware has published a security advisory to address multiple vulnerabilities in VMware products.

2020-6-22

Phishing Attack - Fraudulent website related to Bank of Communications (Hong Kong) Limited

he Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Communications (Hong Kong) Limited on fraudulent website, which has been reported to the HKMA.

2020-6-19

Phishing Attack - Fraudulent website related to Standard Chartered Bank (Hong Kong) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Standard Chartered Bank (Hong Kong) Limited on fraudulent website, which has been reported to the HKMA.

2020-6-19

Phishing Attack - Fraudulent website related to Hang Seng Bank, Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited on fraudulent website, which has been reported to the HKMA.

2020-6-18

Phishing Attack - Fraudulent website related to Bank of Singapore Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited on fraudulent website, which has been reported to the HKMA.

2020-6-18

Phishing Attack - Fraudulent website related to OCBC Wing Hang Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by OCBC Wing Hang Bank Limited on fraudulent website, which has been reported to the HKMA.

2020-6-18

GovCERT.HK - Security Alert (A20-06-09): Multiple Vulnerabilities in Drupal

Drupal has released security advisories to address multiple vulnerabilities in Drupal Core.

2020-6-17

Phishing Attack - Fraudulent websites related to Livi VB Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Livi VB Limited on fraudulent websites, which has been reported to the HKMA.

2020-6-8 to

2020-6-12

HKPC Academy - Certified Information Systems Security Professional (CISSP®) Official Training

Organised by Hong Kong Productivity Council

2020-6-11

Phishing Attack - Fraudulent website related to ZA Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by ZA Bank Limited on fraudulent website, which has been reported to the HKMA.

2020-6-11

Phishing Attack - Fraudulent website and phishing email related to The Hongkong and Shanghai Banking Corporation Limited

2020-6-11

The Privacy Commissioner Revised the Booklet “European Union General Data Protection Regulation 2016”

Please refer to the Chinese version.

2020-6-10

GovCERT.HK - Security Alert (A20-06-08): Vulnerability in Adobe Flash Player

Adobe has released security updates to address a vulnerability in Adobe Flash Player.

2020-6-10

GovCERT.HK - High Threat Security Alert (A20-06-07): Multiple Vulnerabilities in Microsoft Products (June 2020)

Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.

2020-6-9

Phishing Attack - Fraudulent website related to Union Bancaire Privée, UBP SA

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Union Bancaire Privée, UBP SA on fraudulent website, which has been reported to the HKMA.

2020-6-8

Phishing Attack - Fraudulent website related to Hang Seng Bank, Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited on fraudulent website, which has been reported to the HKMA.

2020-6-4

Phishing Attack - IRD alerts public on fraudulent website and fake email account

The Inland Revenue Department (IRD) today (June 4) alerted members of the public to a fraudulent website with the domain name "http://ird-govhk[.]info/www[.]ird[.]gov[.]hk" and the fake email account "taxfaq@ird-govhk[.]info". The IRD has no connection with the fraudulent website and the email account.

2020-6-4

Phishing Attack - Fraudulent websites related to Bank of Singapore Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited on fraudulent websites, which has been reported to the HKMA.

2020-6-4

GovCERT.HK - Security Alert (A20-06-06): Multiple Vulnerabilities in Cisco Products

Cisco released 38 security advisories to address multiple vulnerabilities in Cisco products running Cisco IOS, IOS XE, IOS XR, NX-OS software and Cisco IOx application environment.

2020-6-3

Phishing Attack - Fraudulent website related to Union Bancaire Privée, UBP SA

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Union Bancaire Privée, UBP SA on fraudulent website, which has been reported to the HKMA.

2020-6-3

Phishing Attack - Fraudulent website and phishing email related to Bank of China (Hong Kong) Limited

2020-6-3

Phishing Attack - Fraudulent websites related to Livi VB Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Livi VB Limited on fraudulent websites, which has been reported to the HKMA.

2020-6-3

GovCERT.HK - Security Alert (A20-06-05): Vulnerabilities in Android

Google has released Android Security Bulletin June 2020 to fix multiple security vulnerabilities in Android operating system.

2020-6-3

GovCERT.HK - High Threat Security Alert (A20-06-04): Vulnerability in Cisco Products

Cisco released security advisory to address a vulnerability in Cisco NX-OS Software.

2020-6-3

GovCERT.HK - Security Alert (A20-06-03): Multiple Vulnerabilities in Firefox

Mozilla has published two security advisories (MFSA 2020-20 and MFSA 2020-21) to address multiple vulnerabilities in Firefox browser.

2020-6-3

LCQ6: Protection of consumers' rights of online shoppers

Following is a question by the Hon Andrew Wan and a written reply by the Secretary for Commerce and Economic Development, Mr Edward Yau, in the Legislative Council today (June 3)…

2020-6-2

Phishing Attack - Fraudulent website related to OCBC Wing Hang Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by OCBC Wing Hang Bank Limited on fraudulent website, which has been reported to the HKMA.

2020-6-2

Phishing Attack - Fraudulent website related to China CITIC Bank International Limited

2020-6-2

GovCERT.HK - Security Alert (A20-06-02): Multiple Vulnerabilities in VMware Products

VMware has published a security advisory to address a Time-of-check Time-of-use (TOCTOU) issue in the service opener, an issue in the shader functionality and a memory leak vulnerability in the VMCI module.

2020-6-2

GovCERT.HK - Security Alert (A20-06-01): Vulnerability in Apple iOS and iPadOS

Apple has released iOS 13.5.1 and iPadOS 13.5.1 to fix a security vulnerability in various Apple devices.

2020-6-1

Phishing Attack - Phishing email related to Bank of Taiwan

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Taiwan on phishing email, which has been reported to the HKMA.

2020-5-27

Phishing Attack - Phishing email related to The Bank of East Asia, Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited on phishing email, which has been reported to the HKMA.

2020-5-27

Phishing Attack - Fraudulent website related to Union Bancaire Privée, UBP SA

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Union Bancaire Privée, UBP SA on fraudulent website, which has been reported to the HKMA.

2020-5-27

Phishing Attack - Phishing email related to The Hongkong and Shanghai Banking Corporation Limited

2020-5-27

GovCERT.HK - Security Alert (A20-05-06): Multiple Vulnerabilities in Apple iOS and iPadOS

Apple has released iOS 12.4.7, iOS 13.5 and iPadOS 13.5 to fix multiple security vulnerabilities in various Apple devices.

2020-5-26

Phishing Attack - Fraudulent websites related to Livi VB Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Livi VB Limited on fraudulent websites, which has been reported to the HKMA.

2020-5-25

Phishing Attack - Fraudulent website related to Livi VB Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Livi VB Limited on fraudulent website, which has been reported to the HKMA.

2020-5-22

GovCERT.HK - Security Alert (A20-05-05): Multiple Vulnerabilities in Drupal

Drupal has released security advisories to address cross site scripting and open redirect vulnerabilities in the jQuery library and the "drupal_goto" function of Drupal Core.

2020-5-21

Phishing Attack - Suspicious mobile application (App) related to Fubon Bank (Hong Kong) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Fubon Bank (Hong Kong) Limited on suspicious App, which has been reported to the HKMA.

2020-5-20

GovCERT.HK - Security Alert (A20-05-04): Vulnerability in ISC BIND

A vulnerability was found in Internet Systems Consortium (ISC) BIND software.

2020-5-20

HKCERT - Security Blog: Hong Kong Security Watch Report (Q1 2020)

The Hong Kong Security Watch Report aims to raise public awareness of the problem of compromised systems in Hong Kong, enabling them to make better decision in information security.

2020-5-19

Phishing Attack - Fraudulent website related to Fubon Bank (Hong Kong) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Fubon Bank (Hong Kong) Limited on fraudulent website, which has been reported to the HKMA.

2020-5-19

Privacy Commissioner Investigates Recent Doxxing of Government Officials, Legislative Council Security Personnels, Teachers and Students

The Privacy Commissioner for Personal Data, Hong Kong (Privacy Commissioner), Mr Stephen Kai-yi WONG expressed concerns about a U-shape rebound of deplorable doxxing, particularly about 30 recent cases involving Government officials, Legislative Council security personnels, teachers and students.

2020-5-19

Phishing Attack - Fraudulent website related to Shanghai Commercial Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited on fraudulent website, which has been reported to the HKMA.

2020-5-15

Hong Kong Customs combats online sale of infringing HKDSE Examination teaching notes

Hong Kong Customs yesterday (May 14) conducted an operation to combat the online sale of infringing teaching notes for the Hong Kong Diploma of Secondary Education (HKDSE) Examination.

2020-5-14

Phishing Attack - Suspected fraudulent website

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public in Hong Kong to a suspected fraudulent website with the domain name https://dinosaurciti[dot]com.

2020-5-13

HKCERT - Security Blog: "SSH Hong Kong Enterprise Cyber Security Readiness Index Survey" Down 2.4 Points to 46.9 Staying Vigilant for Cyber Threats in Stormy Times

The Hong Kong Productivity Council (HKPC) released the latest results of the “SSH Hong Kong Enterprise Cyber Security Readiness Index Survey”, which reports an Overall Index at 46.9 (maximum being 100), a slight decrease of 2.4 from the survey last year.

2020-5-13

Phishing Attack - PCPD Warns Against Phishing Email and Fraudulent Website

The office of the Privacy Commissioner for Personal Data, Hong Kong (PCPD) would like to alert members of the public to the following phishing email and fraudulent website. The email was not issued by the PCPD and the website was not set up by the PCPD.

2020-5-13

Phishing Attack - Fraudulent websites related to Livi VB Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Livi VB Limited on fraudulent websites, which has been reported to the HKMA.

2020-5-13

LCQ7: Distribution of pornography and obscene articles in social media groups

Following is a question by the Hon Yung Hoi-yan and a written reply by the Secretary for Commerce and Economic Development, Mr Edward Yau, in the Legislative Council today (May 13)…

2020-5-13

GovCERT.HK - Security Alert (A20-05-03): Multiple Vulnerabilities in Adobe Reader/Acrobat

Security updates are released for Adobe Reader and Acrobat to address multiple vulnerabilities.

2020-5-13

GovCERT.HK - Security Alert (A20-05-02): Multiple Vulnerabilities in Microsoft Products (May 2020)

Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.

2020-5-12

IT 人疫景求生自強版の2 Survival During The Epidemic Part II -The Struggling of Using Video Conferencing Tools

Organised by Professional Information Security Association / ISC2 Hong Kong Chapter

2020-5-8

Build a Secure Cyberspace 2020 - “Cyber Security Challenges in the Pandemic” Webinar

Organised by Office of the Government Chief Information Officer (OGCIO) / Hong Kong Police Force (HKPF) / Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT)

2020-5-8

HKCERT - Security Blog: HKCERT Releases New Study to Raise Security Awareness of ZigBee Devices

ZigBee, as one of the wireless technologies with low-power consumption and a simple set-up, has been widely adopted in the development and market application of IoT devices…

2020-5-6

GovCERT.HK - Security Alert (A20-05-01): Multiple Vulnerabilities in Firefox

Mozilla has published two security advisories (MFSA 2020-16 and MFSA 2020-17) to address multiple vulnerabilities in Firefox browser.

2020-5-6

Phishing Attack - Phishing emails related to BNP Paribas

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by BNP Paribas on phishing emails, which has been reported to the HKMA.

2020-5-5

Phishing Attack - Fraudulent websites related to Airstar Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Airstar Bank Limited on fraudulent websites, which has been reported to the HKMA.

2020-5-5

Phishing Attack - Phishing email related to The Hongkong and Shanghai Banking Corporation Limited

2020-5-5

Phishing Attack - Fraudulent website related to ZA Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by ZA Bank Limited on fraudulent website, which has been reported to the HKMA.

2020-5-4

Phishing Attack - Suspected fraudulent website: https://hcbankltd[dot]com/

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public in Hong Kong to a suspected fraudulent website with the domain name https://hcbankltd[dot]com.

2020-5-4

Phishing Attack - Fraudulent website related to Tai Yau Bank, Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Tai Yau Bank, Limited on fraudulent website, which has been reported to the HKMA.

2020-5-4

Phishing Attack - Phishing email related to WeLab Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by WeLab Bank Limited on phishing email, which has been reported to the HKMA.

2020-4-29

Phishing Attack - Fraudulent website related to Bank of China (Hong Kong) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited on fraudulent website, which has been reported to the HKMA.

2020-4-28

HKCERT - Security Blog: Beware of Attacks on Remote Access Services

HKCERT urges organisations to raise their awareness of the risks relating to remote access services, and immediately implement necessary security measures and conduct security assessments to ensure that these services are used in a safe manner.

2020-4-28

GovCERT.HK - High Threat Security Alert (A20-04-06): Vulnerability in Sophos XG Firewall

Sophos has released a security hotfix to address a SQL injection vulnerability in Sophos XG Firewall firmware.

2020-4-28

GovCERT.HK - Security Alert (A20-04-05): Vulnerability in Squid

Squid has published a security advisory (SQUID-2020:4) to address an integer overflow vulnerability.

2020-4-22 to

2020-4-23

Securing Microservices in Kubernetes Container Environment for Serverless PaaS Cloud

Organised by Hong Kong Productivity Council

2020-4-23

Phishing Attack - Phishing emails related to The Hongkong and Shanghai Banking Corporation Limited

2020-4-22

LCQ7: Information security measures of the Government

Following is a question by the Hon Yung Hoi-yan and a written reply by the Secretary for Innovation and Technology, Mr Nicholas W Yang, in the Legislative Council today (April 22)…

2020-4-21

Phishing Attack - Phishing email related to CTBC Bank Co., Ltd.

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by CTBC Bank Co., Ltd. on phishing email, which has been reported to the HKMA.

2020-4-20

Phishing Attack - Fraudulent website and phishing SMS message related to The Hongkong and Shanghai Banking Corporation Limited

2020-4-17

Phishing Attack - Suspected fraudulent website

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public in Hong Kong to a suspected fraudulent website with the domain name http://clippercoin[dot]com/#/programIndex.

2020-4-17

Phishing Attack - Fraudulent website related to Bank of Singapore Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited on fraudulent website, which has been reported to the HKMA.

2020-4-15

GovCERT.HK - Security Alert (A20-04-04): Multiple Vulnerabilities in Oracle Java and Oracle Products (April 2020)

Oracle has released Critical Patch Update (CPU) Advisory with collections of patches for multiple security vulnerabilities found in Java SE and various Oracle products.

2020-4-15

GovCERT.HK - High Threat Security Alert (A20-04-03): Multiple Vulnerabilities in Microsoft Products (April 2020)

Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components. These security updates addressed multiple remote code execution vulnerabilities that are under active exploitation.

2020-4-15

Phishing Attack - Phishing email related to Bank of Taiwan

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Taiwan on phishing email, which has been reported to the HKMA.

2020-4-9

Phishing Attack - Fraudulent website and phishing email related to The Hongkong and Shanghai Banking Corporation Limited

2020-4-8

GovCERT.HK - Security Alert (A20-04-02): Multiple Vulnerabilities in Firefox

Mozilla has published two security advisories (MFSA 2020-12, MFSA 2020-13) to address multiple vulnerabilities in Firefox browser.

2020-4-6

GovCERT.HK - High Threat Security Alert (A20-04-01): Multiple Vulnerabilities in Firefox

Mozilla has published the security advisory (MFSA 2020-11) to address the use-after-free vulnerabilities in Firefox browser.

2020-4-3

Cyber Security Campaign - Security Settings and Recommendations on "Zoom"

Cyber Security Campaign website offers the Security Settings and Recommendations on “Zoom”

2020-4-2

Phishing Attack - Fraudulent website related to Hang Seng Bank, Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited on fraudulent website, which has been reported to the HKMA.

2020-4-2

HKCERT - Security Blog: HKCERT proposes 10 measures to secure Zoom Meetings

HKCERT advises the public to take the following security measures if applicable to protect the meeting in Zoom...

2020-4-1

PCPD – Zoom Data Security Incident

The Privacy Commissioner for Personal Data, Hong Kong, Mr Stephen Kai-yi WONG noted that overseas users of Zoom, including governments, have been warned about the risks of the use of the app.

2020-4-1

Phishing Attack - Fraudulent websites related to The Hongkong and Shanghai Banking Corporation Limited

2020-3-31

HKCERT - Security Blog: HKCERT Releases New Study to Raise Security Awareness of Wi-Fi Devices

The applications of the Internet of Things (IoT) are becoming more diverse with the rapid development of wireless technology...

2020-3-31

Phishing Attack - Fraudulent website related to China CITIC Bank International Limited

2020-3-30

Phishing Attack - Phishing email related to The Hongkong and Shanghai Banking Corporation Limited

2020-3-27

OGCIO clarifies online rumours

In response to online rumours about potential security risk in the StayHomeSafe system, a spokesman for the Office of the Government Chief Information Officer made the following clarification today (March 27)…

2020-3-27

GovCERT.HK - High Threat Security Alert (A20-03-09): Multiple Vulnerabilities in Red Hat JBoss

Red Hat has released new versions of JBoss Enterprise Application Platform to address multiple vulnerabilities in the Apache JServ Protocol (AJP), Apache Thrift and OpenSSL security provider.

2020-3-17 to

2020-3-25

CCSP® – Certified Cloud Security Professional Official Training

Organised by Hong Kong Productivity Council

2020-3-25

GovCERT.HK - Security Alert (A20-03-08): Multiple Vulnerabilities in Apple iOS and iPadOS

Apple has released iOS 13.4 and iPadOS 13.4 to fix multiple security vulnerabilities in various Apple devices.

2020-3-24

GovCERT.HK - Security Alert (A20-03-07): Multiple Vulnerabilities in Microsoft Windows

Multiple vulnerabilities have been found in the Microsoft Windows Adobe Type Manager library.

2020-3-24

Phishing Attack - Phishing email related to Bank of China (Hong Kong) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited on phishing email, which has been reported to the HKMA.

2020-3-19

GovCERT.HK - Security Alert (A20-03-06): Vulnerability in Drupal

Drupal has released a security update to fix the vulnerability in the third-party CKEditor library.

2020-3-19

Phishing Attack - Phishing email related to Bank of China (Hong Kong) Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited on phishing email, which has been reported to the HKMA.

2020-3-18

GovCERT.HK - Security Alert (A20-03-05): Multiple Vulnerabilities in Adobe Reader/Acrobat

Security updates are released for Adobe Reader and Acrobat to address multiple vulnerabilities.

2020-3-17

GovCERT.HK - Security Alert (A20-03-04): Multiple Vulnerabilities in VMware Products

VMware has published a security advisory to address use-after-free vulnerability in vmnetdhcp, improper file permissions in Cortado Thinprint, and improper protection for the configuration files of the VMware USB arbitration service.

2020-3-13

Phishing Attack - Phishing emails related to The Hongkong and Shanghai Banking Corporation Limited

2020-3-9 to

2020-3-12

Cyber Security Workshop: Red / Blue Team Pentest Kungfu Series

Organised by Hong Kong Productivity Council

2020-3-12

Phishing Attack - Fraudulent website related to OCBC Wing Hang Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by OCBC Wing Hang Bank Limited on fraudulent website, which has been reported to the HKMA.

2020-3-11

GovCERT.HK - Security Alert (A20-03-03): Multiple Vulnerabilities in Firefox

Mozilla has published two security advisories to address multiple browser vulnerabilities.

2020-3-11

GovCERT.HK - High Threat Security Alert (A20-03-02): Multiple Vulnerabilities in Microsoft Products (March 2020)

Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components. Reports indicate that active exploitation against the vulnerability in Microsoft Exchange Server for remote code execution have been observed. Microsoft also identified a new vulnerability in its Server Message Block 3.1.1 (SMBv3) protocol.

2020-3-6

GovCERT.HK - Security Alert (A20-03-01): Vulnerability in Point-to-Point Protocol Daemon (pppd)

A vulnerability was found in Extensible Authentication Protocol (EAP) packet processing in eap_request and eap_response of the pppd (Point-to-Point Protocol Daemon).

2020-3-6

Phishing Attack - Fraudulent website related to Bank of China (Hong Kong) Limited

2020-3-5

HKCERT – Security Blog: HKCERT Releases New Study to Raise Security Awareness of Bluetooth Low Energy Devices

Among various wireless technologies, Bluetooth Low Energy (BLE) has become one of the most widely used wireless technology for IoT devices due to its low power consumption, low cost and feasibility on applications.

2020-3-4

Phishing Attack - Suspected fraudulent website

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public in Hong Kong to a suspected fraudulent website with the domain name https://ofchk[dot]com/index-en[dot]htm.

2020-2-28

HKCERT – Security Blog: HKCERT Released Guideline for Upgrading TLS to Secure Versions

In March of 2020, insecure versions of the protocol TLS 1.0 and TLS 1.1 will approach end-of-support. For the sake of security, IT infrastructure supported by TLS needs to be upgraded to the secure versions of TLS 1.2 and TLS 1.3…

2020-2-28

HKCERT – Security Blog: Beware of Juice Jacking when Charging Mobile Phones at Public Charging Stations

Known as “juice jacking”, hackers would load malwares on charging stations or cables they leave plugged in at the stations through special USB devices so they could infect the phones of unsuspecting users…

2020-2-28

Phishing Attack - Suspected fraudulent website

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public in Hong Kong to a suspected fraudulent website with the domain name http://hk[dot]alisteronlines[dot]com/.

2020-2-27

Phishing Attack - Public urged to stay alert to emails purported to be issued by CE's Office

A spokesman for the Chief Executive's Office today (February 27) appealed to members of the public to stay alert to fraudulent emails purported to be issued by the Chief Executive's Office.

2020-2-27

GovCERT.HK - Security Alert (A20-02-08): Vulnerability in Broadcom and Cypress Wireless Chipset

ESET has published a security report revealing technical details about a vulnerability in FullMAC wireless chipset manufactured by Broadcom and Cypress.

2020-2-27

GovCERT.HK - High Threat Security Alert (A20-02-07): Multiple Vulnerabilities in Google Chrome

Google released a security update to address multiple vulnerabilities in ICU, streams and V8 of the Google Chrome.

2020-2-26

PCPD – The Use of Information on Social Media for Tracking Potential Carriers of COVID-19

In response to media enquiry about the use of information on social media for tracking potential carriers of COVID-19, the office of the Privacy Commissioner for Personal Data (PCPD) makes the following response...

2020-2-25

HKCERT – Security Blog: Beware of "Are you available?" phishing scam email

HKCERT has recently noticed that some students from local universities have received a phishing scam email with the subject "Are you available?".

2020-2-25

Phishing Attack - Suspicious mobile application related to Bank of Singapore Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited on suspicious mobile application (App), which has been reported to the HKMA.

2020-2-25

Phishing Attack - Fraudulent website related to Tai Yau Bank, Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Tai Yau Bank, Limited on fraudulent website, which has been reported to the HKMA.

2020-2-24

GovCERT.HK - High Threat Security Alert (A20-02-06): Vulnerability in Apache Tomcat

Apache Software Foundation has released new versions of Apache Tomcat 7, 8.5 and 9 to address a vulnerability in the Apache JServ Protocol (AJP).

2020-2-21

Phishing Attack - Hospital Authority appeals to stay alert against fraudulent emails

The Hospital Authority (HA) today (February 21) appeals to members of the public to stay alert against fraudulent act to collect information and request for quotations on behalf of HA.

2020-2-20

HKCERT – Security Blog: Six Security Tips for Home Office

To address the issue, Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) has summarised some security tips for companies and those employees working at home to refer to and implement...

2020-2-20

HKCERT – Security Blog: Assessing the Security of Remote Access Services Guideline

This guideline aims to give companies some useful tips in identifying a remote access service sufficient enough to fulfil both their operating and security needs.

2020-2-19

Phishing Attack - Fraudulent websites related to Bank of China (Hong Kong) Limited

2020-2-19

Phishing Attack - Phishing email related to ZA Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by ZA Bank Limited on phishing email, which has been reported to the HKMA.

2020-2-10 to

2020-2-14

Certified Information Systems Security Professional (CISSP®) Official Training.

Organised by Hong Kong Productivity Council

2020-2-13

CPD Seminar - Apply AI to Cybersecurity

Organised by Information Systems Audit and Control Association, China Hong Kong Chapter

2020-2-12

GovCERT.HK - Security Alert (A20-02-05): Multiple Vulnerabilities in Firefox

Mozilla has published two security advisories (MFSA 2020-05 and MFSA 2020-06) to address multiple browser vulnerabilities.

2020-2-12

GovCERT.HK - Security Alert (A20-02-04): Multiple Vulnerabilities in Adobe Flash Player and Adobe Reader/Acrobat

Security updates are released for Adobe Flash Player and Adobe Reader/Acrobat to address multiple vulnerabilities.

2020-2-12

GovCERT.HK - High Threat Security Alert (A20-02-03): Multiple Vulnerabilities in Microsoft Products (February 2020)

Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.

2020-2-12

Phishing Attack - Phishing email related to The Hongkong and Shanghai Banking Corporation Limited

2020-2-11

GovCERT.HK - Security Alert (A20-02-02): Vulnerability in Android

A vulnerability called BlueFrag was found in some Android systems.

2020-2-11

GovCERT.HK - Security Alert (A20-02-01): Multiple Vulnerabilities in Cisco Products

Cisco released security advisories to address the vulnerabilities in the Cisco Discovery Protocol implementation of several Cisco products.

2020-2-6

Phishing Attack - Phishing email related to The Hongkong and Shanghai Banking Corporation Limited

2020-2-4

HKCERT – Security Blog: Watch out for Phishing Attacks Using False Information on Infectious Disease

When many countries are doing their best to combat the novel coronavirus, cyber security researchers have found that hacker groups have been preying on the fears of human to launch a new round of malicious spam (malspam) attacks to spread the Emotet trojan.

2020-2-4

Phishing Attack - Suspicious mobile application related to Bank of Singapore Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited on suspicious application (App), which has been reported to the HKMA.

2020-1-31

HKCERT – Security Blog: Hong Kong Security Watch Report (Q4 2019)

HKCERT is pleased to bring to you the "Hong Kong Security Watch Report" for the fourth quarter of 2019.

2020-1-31

Phishing Attack - Alert on Fraudulent Website

Hong Kong Interbank Clearing Limited (HKICL) would like to alert members of the public of a fraudulent website impersonating HKICL’s official website:interbanksettlementshk[dot]com

2020-1-29

GovCERT.HK - Security Alert (A20-01-06): Multiple Vulnerabilities in Apple iOS and iPadOS

Microsoft has published a security advisory (ADV200001) to mitigate a remote code execution vulnerability in the JScript.dll of the Microsoft Internet Explorer.

2020-1-21

CPD Seminar - How Blockchain Solves a Real Business Problem

Organised by Information Systems Audit and Control Association, China Hong Kong Chapter

2020-1-20

GovCERT.HK - High Threat Security Alert (A20-01-05): Vulnerability in Microsoft Internet Explorer

Microsoft has published a security advisory (ADV200001) to mitigate a remote code execution vulnerability in the JScript.dll of the Microsoft Internet Explorer.

2020-1-17

HKCERT – Security Blog: Patch three critical Windows vulnerabilities immediately to prevent potential cyber attack

Microsoft recently released its monthly Patch Tuesday for January 2020. There are three critical vulnerabilities in two of its application components which demand attention and immediate action…

2020-1-17

HKCERT – Security Blog: Critical Citrix Application Delivery Controller Vulnerability Alert

Multinational software and clouding computing company Citrix recently disclosed a vulnerability (CVE-2019-19781) in its application delivery controller (ADC) products.

2020-1-16

HKPC Urges for Greater Vigilance Against New Technologies-related Cyber Attacks

(Hong Kong, 16 January 2020) The Hong Kong Productivity Council (HKPC) today urged enterprises and the public to keep up their vigilance against an anticipated surge in cyber attacks arising from the use of new technologies…

2020-1-15

GovCERT.HK - Security Alert (A20-01-04): Multiple Vulnerabilities in Oracle Java and Oracle Products (January 2020)

Oracle has released Critical Patch Update (CPU) Advisory with collections of patches for multiple security vulnerabilities found in Java SE and various Oracle products.

2020-1-15

GovCERT.HK - High Threat Security Alert (A20-01-03): Multiple Vulnerabilities in Microsoft Products (January 2020)

Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.

2020-1-14

HKCERT – Security Blog: Implementing IoT Security Best Practice

As focus remains on the functions and features that IoT technology brings, not many people fully understand the accompanying potential security risks.

2020-1-13

Administration's paper on update on information security

This paper briefs Members on the latest situation of information security in Hong Kong and Government’s work in information security in the past year.

2020-1-13

GovCERT.HK - High Threat Security Alert (A20-01-02): Vulnerability in Citrix Application Delivery Controller and Citrix Gateway

A vulnerability has been found in Citrix ADC and Citrix Gateway. An unauthenticated remote attacker may send a specially crafted command to an affected system to exploit the vulnerability.

2020-1-9 to

2020-1-10

Two-Day Workshop: IT Governance, Security and Audit – From Concepts to Practice

Organised by Information Systems Audit and Control Association, China Hong Kong Chapter

2020-1-6 to

2020-1-10

Cyber Threat Intelligence Training Series

Organised by Hong Kong Productivity Council

2020-1-8

GovCERT.HK - High Threat Security Alert (A20-01-01): Multiple Vulnerabilities in Firefox

Mozilla has published two security advisories (MFSA 2020-01 and MFSA 2020-02) to address multiple browser vulnerabilities. Reports indicate that active exploitation against the vulnerability has been observed.

2020-1-8

LCQ5: Access to communications information by law enforcement agencies

Following is a question by the Hon Charles Peter Mok and a reply by the Secretary for Security, Mr John Lee, in the Legislative Council today (January 8)…

2020-1-8

LCQ2: Measures against doxxing

Following is a question by the Hon Alice Mak and a reply by the Secretary for Constitutional and Mainland Affairs, Mr Patrick Nip, in the Legislative Council today (January 8)…

2020-1-7

Phishing Attack - Fraudulent website related to Bank of Singapore Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited on fraudulent website, which has been reported to the HKMA.

2020-1-6

Phishing Attack - Fraudulent website related to Shanghai Commercial Bank Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited on fraudulent website, which has been reported to the HKMA.