Security Alerts

• 17

  Jul
  Security Alert (A19-07-03): Multiple Vulnerabilities in Oracle Java and Oracle Products (July 2019) Oracle has released Critical Patch Update (CPU) Advisory with collections of patches for multiple security vulnerabilities found in Java SE and various Oracle products.
• 10

  Jul
  High Threat Security Alert (A19-07-02): Multiple Vulnerabilities in Firefox Mozilla has published security advisories to address multiple vulnerabilities found in Firefox. Reports indicate that the vulnerabilities allow an attacker to run arbitrary code.
• 10

  Jul
  High Threat Security Alert (A19-07-01): Multiple Vulnerabilities in Microsoft Products (July 2019) Microsoft has released security updates addressing multiple vulnerabilities and which affect several Microsoft products or components.
• 24

  Jun
  Security Alert (A19-06-09): Vulnerability in Dell SupportAssist Dell released a security update to address a vulnerability in the PC Doctor component of the Dell SupportAssist software.
• 21

  Jun
  Security Alert (A19-06-08): Vulnerability in Apache Tomcat Apache Software Foundation has released new versions of Apache Tomcat 8 and 9 to address a vulnerability in HTTP/2.

Security Bulletins

• GovCERT.HK Weekly IT Security News Bulletin (8 July 2019 – 14 July 2019) - "Sea Turtle" DNS hijacking campaign
  - Security awareness training as a defence
• GovCERT.HK Weekly IT Security News Bulletin (1 July 2019 – 7 July 2019) - Outlook vulnerability exploited for attacks
  - Is instant messaging the answer to stop email threats?
• GovCERT.HK Weekly IT Security News Bulletin (24 June 2019 – 30 June 2019) - Cloud Security Threat Report 2019
  - Lessons learnt from a data leakage incident
  - Malvertising is a threat to your systems
• GovCERT.HK Weekly IT Security News Bulletin (17 June 2019 – 23 June 2019) - Domain fraud threats trends
  - The state of insecure IoT devices at homes
• GovCERT.HK Annual Report 2018 To enhance the city’s overall defensive capability and resilience against cyber attacks, we officially launched a Partnership Programme for Cyber Security Information Sharing named “Cybersec Infohub” and the first cross sector cyber security information sharing and collaborative platform (Cybersechub.hk) in September 2018.　 A keen appreciation of the threat landscape could help organisations and individuals to understand better the cyber threat environment so as to adopt early and appropriate mitigation measures. In 2018, we continued publishing threat trends, security alerts and mitigation advice through the Government Computer Emergency Response Team Hong Kong (GovCERT.HK) web portal for reference by the general public. We further tailored specific threat awareness updates for government departments.

Cyber Security Threat Landscape