GovCERT.HK Weekly IT Security News Bulletin
View the news bulletin in PDF formatWeekly IT Security News Bulletin (5 Nov – 11 Nov 2018)

- Artificial intelligence could be weaponised in future cyber attacks
- Guidelines for managing privileged accounts

View the news bulletin in PDF formatWeekly IT Security News Bulletin (29 Oct – 4 Nov 2018)

- Proper disposal of your electronic devices
- Cloud adoption and risk

View the news bulletin in PDF formatWeekly IT Security News Bulletin (22 Oct – 28 Oct 2018)

- jQuery plugin vulnerability being exploited for years
- The latest state of software application security

View the news bulletin in PDF formatWeekly IT Security News Bulletin (15 Oct – 21 Oct 2018)

- Over 60 percent of Internet web sites risk running unsupported PHP in 2019
- End of browser support for TLS 1.0 and TLS 1.1 in 2020

View the news bulletin in PDF formatWeekly IT Security News Bulletin (8 Oct – 14 Oct 2018)

- Keep your cloud safe
- New phishing emails delivered as replies to conversations

View the news bulletin in PDF formatWeekly IT Security News Bulletin (1 Oct – 7 Oct 2018)

- Patch your Smart TV
- New Application developments produce more vulnerabilities

View the news bulletin in PDF formatWeekly IT Security News Bulletin (24 Sep – 30 Sep 2018)

- Millions of Facebook accounts breached
- 全港首個跨行業「網絡安全資訊共享夥伴試驗計劃」正式啟動
- Evolving State of Threat Detection

View the news bulletin in PDF formatWeekly IT Security News Bulletin (17 Sep – 23 Sep 2018)

- Five cyber security questions to answer
- DNSSEC root zone Key Signing Key rollover

View the news bulletin in PDF formatWeekly IT Security News Bulletin (10 Sep – 16 Sep 2018)

- Data breaches continue to be costly
- IoT botnets shift target to organization

View the news bulletin in PDF formatWeekly IT Security News Bulletin (3 Sep – 9 Sep 2018)

- Windows Task Scheduler zero day vulnerability being exploited
- Security Knowledge Framework for application developers

View the news bulletin in PDF formatWeekly IT Security News Bulletin (27 Aug – 2 Sep 2018)

- Emerging consensus on ICS security
- Globelmposter ransomware on the rise

View the news bulletin in PDF formatWeekly IT Security News Bulletin (20 Aug – 26 Aug 2018)

- Spam and phishing in Q2 2018
- Common attacks against cloud-based web applications

View the news bulletin in PDF formatWeekly IT Security News Bulletin (13 Aug – 19 Aug 2018)

- New SharePoint Phishing Attack
- Fax machine could be the weakest link of your network for exploitation
- IoT security needs more effective solutions

View the news bulletin in PDF formatWeekly IT Security News Bulletin (6 Aug – 12 Aug 2018)

- Virtual browsers on trial by Singapore to reduce attack surface
- A new breed of malware powered by AI

View the news bulletin in PDF formatWeekly IT Security News Bulletin (30 Jul – 5 Aug 2018)

- Spam tops the menu for online criminals
- Magniber Ransomware targeting Asian countries

View the news bulletin in PDF formatWeekly IT Security News Bulletin (23 Jul – 29 Jul 2018)

- Bluetooth implementation flaw risks data leakage
- Five ways that Office documents can attack

View the news bulletin in PDF formatWeekly IT Security News Bulletin (16 Jul – 22 Jul 2018)

- Cyber attack on SingHealth’s IT System affecting 1.5 million patients
- HTTP網站將會被標示為「不安全」
- Four primary services of Cloud Access Security Broker

View the news bulletin in PDF formatWeekly IT Security News Bulletin (9 Jul – 15 Jul 2018)

- Businesses may collect more data than they can handle
- Basic security flaws leave companies wide open for attacks

View the news bulletin in PDF formatWeekly IT Security News Bulletin (2 Jul – 8 Jul 2018)

- Preventing common API vulnerabilities
- Evolving state of DDoS

View the news bulletin in PDF formatWeekly IT Security News Bulletin (25 Jun – 1 Jul 2018)

- Wi-Fi CERTIFIED WPA3 released
- "STARTTLS Everywhere" to secure email delivery

View the news bulletin in PDF formatWeekly IT Security News Bulletin (18 Jun – 24 Jun 2018)

- On the way to shelving TLSv1.0 and TLSv1.1
- The world’s most abused Top Level Domains

View the news bulletin in PDF formatWeekly IT Security News Bulletin (11 Jun - 17 Jun 2018)

- New cryptomining malware searches for vulnerable IoT devices
- Security concerns raised for Wi-Fi hot-spots in World Cup host cities

View the news bulletin in PDF formatWeekly IT Security News Bulletin (4 Jun - 10 Jun 2018)

- How blockchain technology could improve data security
- Survey reveals business decision makers’ cyber security stance

View the news bulletin in PDF formatWeekly IT Security News Bulletin (28 May - 3 Jun 2018)

- Critical elements of an incident response plan
- Dealing with insider threats

View the news bulletin in PDF formatWeekly IT Security News Bulletin (21 May - 27 May 2018)

- Quiet growth of VPNFilter malware
- Cyber security training is key to mitigating risks

View the news bulletin in PDF formatWeekly IT Security News Bulletin (14 May - 20 May 2018)

- Vulnerabilities in OpenPGP and S/MIME may break email encryption
- Turn on two-factor authentication

View the news bulletin in PDF formatWeekly IT Security News Bulletin (7 May - 13 May 2018)

- The rise of security orchestration, automation and response
- "Safe Links" bypassed by split URLs

View the news bulletin in PDF formatWeekly IT Security News Bulletin (30 Apr - 6 May 2018)

- Unpatched Drupal might have been compromised
- Account takeover attacks

View the news bulletin in PDF formatWeekly IT Security News Bulletin (23 Apr - 29 Apr 2018)

- 香港企業網絡保安準備指數調查
- Tech support scams are rising

View the news bulletin in PDF formatWeekly IT Security News Bulletin (16 Apr - 22 Apr 2018)

- Beware of Trustjacking attack on iPhone and iPad
- A patch gap in the Android ecosystem
- Protecting the network infrastructure

View the news bulletin in PDF formatWeekly IT Security News Bulletin (9 Apr - 15 Apr 2018)

- 2018 Data Breach Investigations Report
- New design of DNS ecosystem to tackle privacy challenges

View the news bulletin in PDF formatWeekly IT Security News Bulletin (2 Apr - 8 Apr 2018)

- 加強網絡保安 保護個人及敏感資料
- Launch of 1.1.1.1 DNS Resolver
- Red teams need to know the ATT&CK framework

View the news bulletin in PDF formatWeekly IT Security News Bulletin (26 Mar - 1 Apr 2018)

- A wakeup call from a city paralysed by ransomware
- Birth of TLS 1.3 standard
- Carbanak and Cobalt malware attacks for worldwide bank robbery

View the news bulletin in PDF formatWeekly IT Security News Bulletin (19 Mar - 25 Mar 2018)

- Understanding email fraud
- 國際網上旅遊預訂系統客戶資料外洩

View the news bulletin in PDF formatWeekly IT Security News Bulletin (12 Mar - 18 Mar 2018)

- How to make SIEM work
- Survey on cyber resilience

View the news bulletin in PDF formatWeekly IT Security News Bulletin (5 Mar - 11 Mar 2018)

- Cloud computing is booming but losing IT control
- Disparity between IoT adoption and cyber security readiness
- Punycode makes a difference to look-alike internationalized domain names

View the news bulletin in PDF formatWeekly IT Security News Bulletin (26 Feb - 4 Mar 2018)

- Memcached servers exploited for massive DDoS attacks
- Ad network bypasses ad blocking on browsers for cryptomining

View the news bulletin in PDF formatWeekly IT Security News Bulletin (19 Feb - 25 Feb 2018)

- Images and videos for malware delivery
- Locking down PowerShell to combat fileless malware

View the news bulletin in PDF formatWeekly IT Security News Bulletin (12 Feb - 18 Feb 2018)

- No AppCache for safer browsers
- Beware of cryptomining supply chain attack

View the news bulletin in PDF formatWeekly IT Security News Bulletin (5 Feb - 11 Feb 2018)

- Two-factor authentication broken by real-time phishing
- SSL abused in favour of malware and phishing

View the news bulletin in PDF formatWeekly IT Security News Bulletin (29 Jan - 4 Feb 2018)

- Crypto miner malware spreads like WannaCry
- Cyber incidents doubled in 2017 but 93% were avoidable

View the news bulletin in PDF formatWeekly IT Security News Bulletin (22 Jan - 28 Jan 2018)

- 攻擊者入侵伺服器 植入虛擬貨幣挖礦程式
- Latest advice on Meltdown-Spectre patches

View the news bulletin in PDF formatWeekly IT Security News Bulletin (15 Jan - 21 Jan 2018)

- Beware of browser extensions
- Search engines in penetration testing tool arsenal
- Keeping update with Meltdown-Spectre patching issues

View the news bulletin in PDF formatWeekly IT Security News Bulletin (8 Jan - 14 Jan 2018)

- Phishing campaigns in Google Apps Scripts
- Backdoor open to network storage

View the news bulletin in PDF formatWeekly IT Security News Bulletin (1 Jan - 7 Jan 2018)

- Global CPUs vulnerable to Meltdown and Spectre
- Track me down via GPS location services
- The state of web application vulnerabilities in 2017

View the news bulletin in PDF formatWeekly IT Security News Bulletin (25 Dec - 31 Dec 2017)

- Loapi Trojan - a Swiss Army knife for Android attackers
- Browser login managers exploited by web trackers

View the news bulletin in PDF formatWeekly IT Security News Bulletin (18 Dec - 24 Dec 2017)

- JScript exploitation in Windows via automatic proxy configuration
- Firewall bursting with cloud computing

View the news bulletin in PDF formatWeekly IT Security News Bulletin (11 Dec - 17 Dec 2017)

- Rogue admin account created at unpatched WordPress websites
- MailSploit lets spoofed emails bypass DMARC
- Traffic to popular websites routed through Russian ISP

View the news bulletin in PDF formatWeekly IT Security News Bulletin (4 Dec - 10 Dec 2017)

- Satori botnet building up forces
- Emerging trends in vulnerability management

View the news bulletin in PDF formatWeekly IT Security News Bulletin (27 Nov - 3 Dec 2017)

- 蘋果macOS作業系統帳戶驗證機制存在保安漏洞
- Misconfigured file sharing exposed personal information of 10,000 staff

View the news bulletin in PDF formatWeekly IT Security News Bulletin (20 Nov - 26 Nov 2017)

- Web analytics tools keylogging website visitors
- Security challenges for hybrid cloud

View the news bulletin in PDF formatWeekly IT Security News Bulletin (13 Nov - 19 Nov 2017)

- #AVGater: Anti-malware flaw causing local privilege escalation
- One third of attacks on endpoints would be fileless in 2018

View the news bulletin in PDF formatWeekly IT Security News Bulletin (6 Nov - 12 Nov 2017)

- Misconfigured cloud storages vulnerable to GhostWriter attack
- Banking Trojan targets search results

View the news bulletin in PDF formatWeekly IT Security News Bulletin (30 Oct - 5 Nov 2017)

- Estonia freezes 760,000 vulnerable resident ID cards
- Abuse of RDP for Crysis ransomware implantations
- Combosquatting: a simple trick but a growing threat

View the news bulletin in PDF formatWeekly IT Security News Bulletin (23 Oct - 29 Oct 2017)

- Bad Rabbit ransomware hopping across Europe
- DDE as attack vector in malware campaigns

View the news bulletin in PDF formatWeekly IT Security News Bulletin (16 Oct - 22 Oct 2017)

- WPA/WPA2 vulnerabilities leave Wi-Fi networks open to KRACK attack
- Infineon TPM generates insecure RSA key pairs

View the news bulletin in PDF formatWeekly IT Security News Bulletin (9 Oct - 15 Oct 2017)

- New smart speaker found eavesdropping everything
- Cryptojacking consumes your computer to make money

View the news bulletin in PDF formatWeekly IT Security News Bulletin (2 Oct - 8 Oct 2017)

- Seven vulnerabilities found in Dnsmasq
- Top mobile apps blacklisted by enterprises

View the news bulletin in PDF formatWeekly IT Security News Bulletin (25 Sep - 1 Oct 2017)

- Security flaw in Wi-Fi chipset threatening iOS and Android devices
- 手機流動支付金有被盜用風險

View the news bulletin in PDF formatWeekly IT Security News Bulletin (18 Sep - 24 Sep 2017)

- CCleaner supply chain malware targeted on technology giants
- SafeBrowse Chrome extension was found mining cryptocurrency secretly on users’ computer

View the news bulletin in PDF formatWeekly IT Security News Bulletin (11 Sep - 17 Sep 2017)

- BlueBorne: a new attack vector comes to Bluetooth devices
- Upgrade Apache Struts immediately to fix another actively exploiting flaw

View the news bulletin in PDF formatWeekly IT Security News Bulletin (4 Sep - 10 Sep 2017)

- New wave of ransom attacks on MongoDB servers
- Over 28 million users’ data exposed in a massive data breach

View the news bulletin in PDF formatWeekly IT Security News Bulletin (28 Aug - 3 Sep 2017)

- Over thousands internet-connected devices left wide open to hackers
- 瀏覽器防護機制存漏洞 擴充程式可被黑客利用

View the news bulletin in PDF formatWeekly IT Security News Bulletin (21 Aug - 27 Aug 2017)

- Android mobile apps turned into spyware by advertising kit
- DDoS attacks rose again markedly in Q2 2017

View the news bulletin in PDF formatWeekly IT Security News Bulletin (14 Aug - 20 Aug 2017)

- New PowerPoint attack with old flaw
- Millions open ports for publicly accessible remote desktops

View the news bulletin in PDF formatWeekly IT Security News Bulletin (7 Aug - 13 Aug 2017)

- A research found iOS users the biggest mobile phishing target
- Adobe is planning to end-of-life Flash in 2020

View the news bulletin in PDF formatWeekly IT Security News Bulletin (31 July - 6 Aug 2017)

- Trickbot banking Trojan resembles WannaCry way to spread
- Typo-squatting attack on npm went undetected for two weeks
- Application denial-of-service in microservice architectures

View the news bulletin in PDF formatWeekly IT Security News Bulletin (24 July - 30 July 2017)

- "Careless with secret information" risks country-wide data leak
- SMBloris – denial of service attack targeting Windows servers

View the news bulletin in PDF formatWeekly IT Security News Bulletin (17 July - 23 July 2017)

- A "key" milestone in protecting the DNS
- 消委會:通訊App欠點對點加密 訊息易外泄

View the news bulletin in PDF formatWeekly IT Security News Bulletin (10 July - 16 July 2017)

- Hundreds of domains hijacked
- Defend your website with ZIP bombs

View the news bulletin in PDF formatWeekly IT Security News Bulletin (3 July - 9 July 2017)

- Researchers crack GnuPG crypto library to steal 1024-bit RSA encryption private key
- CopyCat malware infected 14 million Android devices around the world
- Dumping credentials from Windows Local Security Authority Subsystem (LSASS) for malware spreading

View the news bulletin in PDF formatWeekly IT Security News Bulletin (26 June - 2 July 2017)

- Petrwrap ransomware outbreak goes global
- WordPress plugin used by 300,000+ sites found vulnerable to SQL injection attack

View the news bulletin in PDF formatWeekly IT Security News Bulletin (19 June - 25 June 2017)

- The British Parliament has been hit by a cyberattack
- Few victims reporting ransomware attacks to FBI
- Personal details of nearly 200 million U.S. citizens exposed

View the news bulletin in PDF formatWeekly IT Security News Bulletin (12 June - 18 June 2017)

- Patch NOW for critical Windows vulnerabilities facing destructive cyber-attacks
- HIDDEN COBRA denial-of-service botnet infrastructure
- Xavier: an information stealing ad library on Android

View the news bulletin in PDF formatWeekly IT Security News Bulletin (5 June - 11 June 2017)

- Botnets overshadowed by ransomware
- Organisations failing to upgrade systems and enforce patches

View the news bulletin in PDF formatWeekly IT Security News Bulletin (29 May - 4 June 2017)

- The Judy malware spreads through apps on Google Play
- Fireball ignites 250 million computers worldwide
- Random numbers: Hard times ahead for hackers

View the news bulletin in PDF formatWeekly IT Security News Bulletin (22 May - 28 May 2017)

- EternalRocks spreads through additional Shadow Brokers exploits
- SambaCry? No panic and fix it
- Persirai 惡意程式肆虐 IP Cam 或會成為殭屍網絡一員

View the news bulletin in PDF formatWeekly IT Security News Bulletin (15 May - 21 May 2017)

- Behind WannaCry, Jaff, UIWIX and Adylkuzz line up
- WannaCry 勒索軟件香港最新狀況
- Fake WhatsApp.com URL gets users to install adware

View the news bulletin in PDF formatWeekly IT Security News Bulletin (8 May - 14 May 2017)

- Massive ransomware infections hit computers around the world
- Deprecation of SHA-1 for SSL/TLS certificates in Microsoft Edge and Internet Explorer 11
- 台灣 1.7 億項個人資料外泄 犯罪集團涉販賣個人資料牟利

View the news bulletin in PDF formatWeekly IT Security News Bulletin (1 May - 7 May 2017)

- Intrusion affecting multiple victims across multiple sectors
- Intel patches a critical CPU vulnerability

View the news bulletin in PDF formatWeekly IT Security News Bulletin (24 April - 30 April 2017)

- INTERPOL operation uncovers nearly 9,000 C2 servers in ASEAN
- 微軟花 9 個月修復漏洞 黑客趁機盜百萬帳戶
- 流動電話如何變成企業威脅?

View the news bulletin in PDF formatWeekly IT Security News Bulletin (17 April - 23 April 2017)

- BrickerBot permanent denial-of-service attack
- When flashlights attack, Android passwords get stolen

View the news bulletin in PDF formatWeekly IT Security News Bulletin (10 April - 16 April 2017)

- Stealing PINs via mobile sensors: actual risk versus user perception
- Shadow Brokers release more NSA exploits
- 何郭佩珍中學電郵泄學生及家長資料

View the news bulletin in PDF formatWeekly IT Security News Bulletin (3 April - 9 April 2017)

- iCloud mail phishing scam wants to steal Apple accounts, banking data, identity
- Smartphones using Broadcom Wi-Fi chip can be hacked over-the-air
- Microsoft Office zero-day attacks through OLE

View the news bulletin in PDF formatWeekly IT Security News Bulletin (27 March - 2 April 2017)

- Suspected theft of Registration and Electoral Office computers
- Exploit code released for zero-day in Microsoft's IIS 6.0

View the news bulletin in PDF formatWeekly IT Security News Bulletin (20 March - 26 March 2017)

- Hackers: we will remotely wipe iPhones unless Apple pays ransom
- DoubleAgent: taking full control over your antivirus

View the news bulletin in PDF formatWeekly IT Security News Bulletin (13 March - 19 March 2017)

- Check Point discloses vulnerability that allowed hackers to take over hundreds of millions of WhatsApp & Telegram accounts
- U.S. charges Russian hackers for hacking millions of Yahoo email accounts

View the news bulletin in PDF formatWeekly IT Security News Bulletin (6 March - 12 March 2017)

- WikiLeaks releases files on CIA cyber spying tools which can compromise desktop operating systems, iOS systems, Android devices, internet routers, smart TVs, and more
- Researchers from Northeastern University say tens of thousands of sites are using JavaScript libraries that are years old and contain publicly known vulnerabilities

View the news bulletin in PDF formatWeekly IT Security News Bulletin (27 February - 5 March 2017)

- RATANKBA: Delving into large-scale watering holes against enterprises
- Three years after Heartbleed, how vulnerable are you?

View the news bulletin in PDF formatWeekly IT Security News Bulletin (20 February - 26 February 2017)

- 94% of critical Microsoft vulnerabilities mitigated by removing admin rights
- Researchers uncover new leads behind Shamoon2

View the news bulletin in PDF formatWeekly IT Security News Bulletin (13 February - 19 February 2017)

- Analysis of Internet-connected devices reveals millions are vulnerable to attack
- Yahoo warns users of account breaches related to recent attacks

View the news bulletin in PDF formatWeekly IT Security News Bulletin (6 February - 12 February 2017)

- How e-mail filtering helps defend against malware and ransomware
- Newly discovered flaw undermines HTTPS connections for almost 1 000 sites

View the news bulletin in PDF formatWeekly IT Security News Bulletin (30 January - 5 February 2017)

- Cisco 2017 Annual Cybersecurity Report: chief security officers reveal true cost of breaches and the actions organizations are taking
- Microsoft Windows SMB Tree Connect Response denial of service vulnerability

View the news bulletin in PDF formatWeekly IT Security News Bulletin (23 January - 29 January 2017)

- Gmail will block .js file attachments starting February 13, 2017
- Evolving Office 365 Advanced Threat Protection with URL Detonation and Dynamic Delivery

View the news bulletin in PDF formatWeekly IT Security News Bulletin (16 January - 22 January 2017)

- Locky ransomware is on the march again
- WhatsApp vulnerability allows snooping on encrypted messages

View the news bulletin in PDF formatWeekly IT Security News Bulletin (9 January - 15 January 2017)

- Keynote Speech by Mr. Victor Lam, JP, Deputy Government Chief Information Officer, at the “Gazing Through the Crystal Ball: CyberSecurity 2017 - Predicting the Good, the Bad and the Ugly” Seminar
- MongoDB ransomware attack

View the news bulletin in PDF formatWeekly IT Security News Bulletin (2 January - 8 January 2017)

- An APAC perspective: Cyber security predictions for 2017
- Blockchain: An answer to governmental hacking concerns

    GovCERT.HK Annual Report 2017

  • In 2017, we completed the review of the standing Practice Guide for Information Security Incident Handling with reference to the ISO/IEC 27000 family of Information Security Management System Standards and promulgated for reference by all our constituents. We also co-organised with the Hong Kong Police Force to run an inter-departmental cyber security drill and walk through the procedures of security events analysis and incident response with our constituents to enhance the overall capability of the Government of the Hong Kong Special Administrative Region in incident management.

    In response to the soaring increase of ransomware outbreak during the first half of 2017, we developed dedicated best practices, thematic leaflets, and defensive guidelines for all government users as well as lined up security solutions providers to share with our constituents the latest cyber resilience technologies and best practices to protect information systems from zero day exploit.

  • GovCERT.HK Annual Report 2016

  • Since its establishment in April 2015, the Government Computer Emergency Response Team Hong Kong (GovCERT.HK) has effectively fulfilled its responsibilities to centrally coordinate incident responses for over 80 departmental Information Security Incident Response Teams (ISIRTs) of the Government of the Hong Kong Special Administrative Region as well as to bolster cyber security capabilities of the territory through proactive collaboration with the industry, critical Internet infrastructures, and the Computer Emergency Response Team (CERT) community for rapid exchange of cyber threat information and coordinated response.

    To address the increasing cyber security threats, we are progressively strengthening our capabilities in collating vulnerability information that would have an impact on government’s computer installations and IT users; assisting the government ISIRTs in contingency planning; and incident response communications for both cyber attacks and data breach events.

  • GovCERT.HK Annual Report 2015

  • On 1 April 2015, the Government Computer Emergency Response Team Hong Kong (GovCERT.HK) was formed and officially commenced its services to centrally coordinate incident responses for over 80 departmental Information Security Incident Response Teams (ISIRTs) of the Government of the Hong Kong Special Administrative Region as well as to step up collaboration with the Computer Emergency Response Team (CERT) community to bolster cyber security capabilities of the territory.

    As a new governmental CERT organisation, we succeeded in registering as a national CERT of CERT/CC, and joining as a full member of the Forum of Incident Response and Security Teams (FIRST) and as an operational member of the Asia Pacific Computer Emergency Response Team (APCERT).

GovCERT.HK is an operational member of the Asia Pacific Computer Emergency Response Team (APCERT). APCERT is a coalition of Computer Emergency Response Teams (CERTs) and Computer Security Incident Response Teams (CSIRTs) within the Asia Pacific region. It maintains a trusted network of cyber security experts in the Asia Pacific region to enhance the region’s vigilance against malicious cyber activities and its overall capability to detect, prevent and mitigate such activities.

For more information of APCERT activities, please refer to the APCERT Annual Reports.

View the annual report in PDF formatAPCERT Annual Report 2017
View the annual report in PDF formatAPCERT Annual Report 2016
View the annual report in PDF formatAPCERT Annual Report 2015



Cyber Security Threat Trends Report 2018-M10

GovCERT.HK keeps observing the cyber security threat trends and shares some observations in October 2018 as follows:

Compromised systems causing bulk volume of personal data stolen hit the headlines. Enterprises should be well prepared for that hackers are always following their customers’ data.

Ransomware and cryptomining malware are ongoing threats to businesses. System protection and user awareness are both key to the defence.

Phishing keeps being a major initial attack vector. Employees should be trained to counter the phishing attack and regular phishing drills should be arranged to strengthen their defence capabilities.

For details, please read the "Cyber Security Threat Trends 2018-M10" report.

Cyber Security Threat Trends Report 2018-M09

GovCERT.HK keeps observing the cyber security threat trends and shares some observations in September 2018 as follows:

Newly published vulnerabilities are quickly exploited to compromise any vulnerable systems. System owners should take timely patching as their essential security defence.

Ransomware changes rapidly to evade detections and carry new exploit code. Multiple layers of defence at networks, end points and user awareness should be always on guard.

IoT malware keeps infecting network devices to form botnets for further attacks. Device owners are advised to change the default passwords and disable access to admin functions via the Internet.

For details, please read the "Cyber Security Threat Trends 2018-M09" report.

Cyber Security Threat Trends Report 2018-M08

GovCERT.HK keeps observing the cyber security threat trends and shares some observations in August 2018 as follows:

Ransomware attacks targeting enterprises still prevail. Enterprises should harden systems, strengthen perimeter defences, and raise user awareness to guard against the attacks.

Email scam comes in a form threatening computer users to pay ransom while there may not be real intrusion into the computers. Users are advised to stay alert with any tricks that could lead to data loss, ransomware attacks, and even direct financial loss.

Cryptomining malware keeps making its way through others’ computers to reap profits and users should stay away from suspicious email attachments and web links to avoid to be infected.

For details, please read the "Cyber Security Threat Trends 2018-M08" report.

Cyber Security Threat Trends Report 2018-M07

Nowadays cyber security is no longer news about others but has become facts of life for everyone. Users of computers, smartphones, smart gadgets and other Internet-of-Things, as well as any online services are inevitably facing cyber security threats. GovCERT.HK keeps observing the cyber security threat trends and shares some observations in July 2018 as follows:

Malware attacks continue to affect computer users globally. Users are highly recommended to install security protection tools and apply latest security patches without delay to guard against possible attacks.

Phishing threat has been around for a long time and has always proved an effective way to steal personal information. Users are advised to be cautious on all kinds of bait that could end up with data loss and even ransomware attacks.

Mining cryptocurrencies are still profitable and users are advised to scan and clean their computers to avoid being hijacked by hackers for mining.

For details, please read the "Cyber Security Threat Trends 2018-M07" report.

Cyber Security Threat Landscape 2017

Cyber Security Threat Landscape
Note: Security alerts are assessed as either "Security Alerts" or "High Threat Security Alerts" starting from Dec 2017 onwards.