GovCERT.HK keeps observing the cyber security threat trends and shares some observations in May 2020 as follows:
Vulnerable or outdated open source components increase security risks to organisations yet they are easily neglected. Organisations should stocktake their software in use regularly to uncover any unpatched or obsolete components for security updates or product upgrades respectively.
Access credentials are the common data type exposed in data breaches. Users should not use the same password for different systems / services, and multi-factor authentication should be adopted whenever applicable.
A local surge of malware hosting events in 2020 Q1 broke the downtrending throughout 2019. System administrators should stay alert and follow security best practices including but not limited to keeping IT asset inventory up-to-date, patching system components timely, hardening server configuration, and reviewing logs regularly.
For details, please read the "Cyber Security Threat Trends 2020-M05" report.
GovCERT.HK keeps observing the cyber security threat trends and shares some observations in April 2020 as follows:
Threat actors continue their attempts to exploit system vulnerabilities no matter the vulnerabilities are new or old. System administrators should timely patch known system vulnerabilities and conduct vulnerability scanning regularly to uncover any unfixed loopholes.
Cyber attacks related to the COVID-19 pandemic evolve with the emergence of new phishing themes as lures. Users should always stay alert and be careful on handling any forms of electronic messages.
Macro-enabled documents keep commonly used by attackers for malware delivery. Office macros should not be enabled by default when opening office documents. End users should exercise prudence in handling macro-embedded documents.
For details, please read the "Cyber Security Threat Trends 2020-M04" report.
GovCERT.HK keeps observing the cyber security threat trends and shares some observations in March 2020 as follows:
Hot topics, such as the recent Coronavirus pandemic, are favourite lures used by culprits to launch scamming, phishing, smishing, pharming or similar attacks. Users should always remain vigilant when clicking links or opening attachments in electronic messages.
Use of unauthorised mobile apps could lead to security breaches in organisations. Organisations should establish a policy to control the installation and use of mobile apps on corporate devices. A Mobile Device Management (MDM) system could be an effective solution to enforce the policy.
Malware becomes increasingly evasive. Organisations could adopt and keep updating multi-layer defences at networks, servers and end-points to detect and stop the attacks.
For details, please read the "Cyber Security Threat Trends 2020-M03" report.
GovCERT.HK keeps observing the cyber security threat trends and shares some observations in February 2020 as follows:
Default credentials and security weaknesses in IoT devices are targeted by attackers for taking control of the devices to form botnets. General users and organisations should change the default credentials for the devices, adopt strong administrator passwords, and disable unnecessary features (e.g. remote management).
Multi-vector attacks are increasingly popular among threat actors to conduct attacks at both network and application levels. Organisations are advised to adopt multi-layer anomaly detection solutions to defend against complex attacks.
Use of weak passwords has been a common problem for a long time. Users could consider using long passwords made up of multiple phrases. Organisations should enforce strict password policies for important systems.
For details, please read the "Cyber Security Threat Trends 2020-M02" report.
GovCERT.HK keeps observing the cyber security threat trends and shares some observations in January 2020 as follows:
Phishing attacks become more targeted and personalised. Organisation-wide awareness training on new phishing techniques should be conducted, supplemented by focus training to specific groups of high risk users.
Threat actors target new attack surface on public cloud, 5G network and Internet of Things (IoT) technologies. Organisations should fully understand threats introduced by adopting the technologies and deploy risk mitigations together with the technologies.
Worm-based malware always spreads laterally across networks. Network administrators should adopt network segmentation, least privilege access control and zero-trust defense approach to contain the spread of malware.
For details, please read the "Cyber Security Threat Trends 2020-M01" report.