GovCERT.HK Weekly IT Security News Bulletin

View the news bulletin in PDF format2022-W31 (1 Aug 2022 – 7 Aug 2022)

- New Linux botnet brute forcing SSH servers
- URL parsing vulnerability affects Golang-based applications

View the news bulletin in PDF format2022-W30 (25 Jul 2022 – 31 Jul 2022)

- Be aware of malicious Internet Information Services (IIS) extensions
- Attackers pivot around Microsoft’s announcements to block macros by default

View the news bulletin in PDF format2022-W29 (18 Jul 2022 – 24 Jul 2022)

- The proliferation of ransomware targeting VMware ESXi servers
- Password recovery tool for spreading Sality malware

View the news bulletin in PDF format2022-W28 (11 Jul 2022 – 17 Jul 2022)

- Be aware of HTTPS distributed denial-of-service (DDoS) attack
- Large-scale phishing attacks affecting thousands of organisations

View the news bulletin in PDF format2022-W27 (4 Jul 2022 – 10 Jul 2022)

- New backdoor delivered through known Windows vulnerability
- HTML files remaining to be the most popular attachments in phishing attacks

View the news bulletin in PDF format2022-W26 (27 Jun 2022 – 3 Jul 2022)

- ZuoRAT malware hijacking home-office routers to spy networks
- Information stealers targeting systems via fake software cracks

View the news bulletin in PDF format2022-W25 (20 Jun 2022 – 26 Jun 2022)

- Python packages caught stealing sensitive information
- Beware of Windows shortcut files

View the news bulletin in PDF format2022-W24 (13 Jun 2022 – 19 Jun 2022)

- BlackCat ransomware operators targeting Microsoft Exchange servers
- New Android banking Trojan disguising as a cryptocurrency miner

View the news bulletin in PDF format2022-W23 (6 Jun 2022 – 12 Jun 2022)

- Be aware of QR code phishing attacks
- Malware loaded using Word document properties

View the news bulletin in PDF format2022-W22 (30 May 2022 – 5 Jun 2022)

- A new zero-day vulnerability in Microsoft Products used in cyber attacks
- Android banking trojan targeting over 400 applications

View the news bulletin in PDF format2022-W21 (23 May 2022 – 29 May 2022)

- Browser-hijacking malware targeting Windows and macOS users
- Warn of fake Windows 11 downloads to distribute info-stealer

View the news bulletin in PDF format2022-W20 (16 May 2022 – 22 May 2022)

- Be aware of multi-platform ransomware attacks
- Phishing campaigns using chatbot to steal sensitive information

View the news bulletin in PDF format2022-W19 (9 May 2022 – 15 May 2022)

- WordPress websites being redirected to other websites
- Trends in attacks on Windows Print Spooler vulnerabilities

View the news bulletin in PDF format2022-W18 (2 May 2022 – 8 May 2022)

- Emotet is testing a new attack chain
- Be aware of browser-based malware

View the news bulletin in PDF format2022-W17 (25 Apr 2022 – 1 May 2022)

- Warning of vulnerabilities in Linux networkd-dispatcher
- Refusing to pay ransomware demand

View the news bulletin in PDF format2022-W16 (18 Apr 2022 – 24 Apr 2022)

- Beware of BlackByte ransomware
- Malware targets Docker for cryptomining operations

View the news bulletin in PDF format2022-W15 (11 Apr 2022 – 17 Apr 2022)

- New information-stealing malware spreading widely on messaging platforms
- New DDoS botnet targeting routers and IoT devices

View the news bulletin in PDF format2022-W14 (4 Apr 2022 – 10 Apr 2022)

- Phishing attacks masquerade as WhatsApp voice message
- The importance of prioritising API security

View the news bulletin in PDF format2022-W13 (28 Mar 2022 – 3 Apr 2022)

- Mirai-based campaign targets unpatched Totolink routers
- Be aware of attacks against content management systems

View the news bulletin in PDF format2022-W12 (21 Mar 2022 – 27 Mar 2022)

- Ransomware payments and demands rose dramatically
- Evolving phishing kits and evasion tactics

View the news bulletin in PDF format2022-W11 (14 Mar 2022 – 20 Mar 2022)

- New Linux botnet using DNS tunnelling for communication
- New malware targeting Microsoft SQL and MySQL database servers

View the news bulletin in PDF format2022-W10 (7 Mar 2022 – 13 Mar 2022)

- Do not reuse your passwords
- Be aware of social media phishing attacks

View the news bulletin in PDF format2022-W09 (28 Feb 2022 – 6 Mar 2022)

- Malware signed with stolen certificates
- Misconfigured network middleboxes used in DDoS attacks

View the news bulletin in PDF format2022-W08 (21 Feb 2022 – 27 Feb 2022)

- MuddyWater actors conducting malicious cyber operations worldwide
- Multiple hacking groups targeting industrial control systems

View the news bulletin in PDF format2022-W07 (14 Feb 2022 – 20 Feb 2022)

- New botnet targeting to steal sensitive information
- Microsoft Teams abused for malware distribution

View the news bulletin in PDF format2022-W06 (7 Feb 2022 – 13 Feb 2022)

- Linux malware attacks are on the rise
- The growing number of phishing kits with MFA bypassing capabilities

View the news bulletin in PDF format2022-W05 (31 Jan 2022 – 6 Feb 2022)

- A shift toward behaviour-based detection
- Security flaws in UEFI firmware potentially impact millions of devices

View the news bulletin in PDF format2022-W04 (24 Jan 2022 – 30 Jan 2022)

- Be aware of mobile banking trojans
- New device registration trick in phishing attacks

View the news bulletin in PDF format2022-W03 (17 Jan 2022 – 23 Jan 2022)

- Destructive malware discovered targeting multiple organisations
- Protecting NAS devices against evolving threats

View the news bulletin in PDF format2022-W02 (10 Jan 2022 – 16 Jan 2022)

- DDoS attacks that come combined with extortion demands are on the rise
- A new cross-platform backdoor malware

View the news bulletin in PDF format2022-W01 (3 Jan 2022 – 9 Jan 2022)

- Google Docs comments weaponised in phishing campaign
- Risk of copying-pasting commands from webpages



Year: 2022, 2021, 2020, 2019, 2018, 2017