Security Alerts

• 16

  May
  Security Alert (A19-05-09): Multiple Vulnerabilities in Intel Products Intel has recently disclosed a new group of vulnerabilities collectively known as Microarchitectural Data Sampling (MDS) affecting some Intel processors.
• 15

  May
  Security Alert (A19-05-08): Multiple Vulnerabilities in Adobe Flash Player and Adobe Reader/Acrobat Security updates are released for Adobe Flash Player and Adobe Reader/Acrobat to address multiple vulnerabilities.
• 15

  May
  High Threat Security Alert (A19-05-07): Multiple Vulnerabilities in Microsoft Products (May 2019) Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
• 14

  May
  Security Alert (A19-05-06): Vulnerability in WhatsApp leading to spyware attacks on mobile devices A security vulnerability has been identified in WhatsApp which would allow a remote attacker to install malicious code such as spyware, on a targeted mobile device by making a WhatsApp call.
• 14

  May
  Security Alert (A19-05-05): Multiple Vulnerabilities in Apple iOS Apple has released a security update in its latest iOS version 12.3 to fix 40 vulnerabilities identified in various iOS devices.

Security Bulletins

• GovCERT.HK Weekly IT Security News Bulletin (6 May 2019 – 12 May 2019) - First backdoor targeting Microsoft Exchange
  - New WordPress to keep websites safer
• GovCERT.HK Weekly IT Security News Bulletin (29 Apr 2019 – 5 May 2019) - People are ready to replace passwords with biometrics
  - Lessons of malware attack on industrial safety systems
  - UK’s regulatory proposals on consumer IoT security
• GovCERT.HK Weekly IT Security News Bulletin (22 Apr 2019 – 28 Apr 2019) - Adobe vulnerabilities subjected to increased exploits in 2018
  - Ransomware comes back to businesses
• GovCERT.HK Weekly IT Security News Bulletin (15 Apr 2019 – 21 Apr 2019) - New threats from rootkit-enabled spyware
  - Bad security hygiene is still a major risk
• GovCERT.HK Annual Report 2018 To enhance the city’s overall defensive capability and resilience against cyber attacks, we officially launched a Partnership Programme for Cyber Security Information Sharing named “Cybersec Infohub” and the first cross sector cyber security information sharing and collaborative platform (Cybersechub.hk) in September 2018.　 A keen appreciation of the threat landscape could help organisations and individuals to understand better the cyber threat environment so as to adopt early and appropriate mitigation measures. In 2018, we continued publishing threat trends, security alerts and mitigation advice through the Government Computer Emergency Response Team Hong Kong (GovCERT.HK) web portal for reference by the general public. We further tailored specific threat awareness updates for government departments.

Cyber Security Threat Landscape