GovCERT.HK Weekly IT Security News Bulletin

View the news bulletin in PDF format2019-W16 (15 Apr 2019 – 21 Apr 2019)

- New threats from rootkit-enabled spyware
- Bad security hygiene is still a major risk

View the news bulletin in PDF format2019-W15 (8 Apr 2019 – 14 Apr 2019)

- Operational technology security challenges
- Credential stuffing behind 30 billion unauthorised login attempts

View the news bulletin in PDF format2019-W14 (1 Apr 2019 – 7 Apr 2019)

- Click-fraud apps make malware in Google Play Store double
- Dealing with security threats from remote workforce

View the news bulletin in PDF format2019-W13 (25 Mar 2019 – 31 Mar 2019)

- Supply chain attacks on the rise
- Modern phishing defense tactics

View the news bulletin in PDF format2019-W12 (18 Mar 2019 – 24 Mar 2019)

- SimBad 惡意廣告程式肆虐 1.5億Android手機受害
- Denial of service bug in Facebook TLS 1.3 open source library

View the news bulletin in PDF format2019-W11 (11 Mar 2019 – 17 Mar 2019)

- Domain generating algorithm keeps Point-of-Sale malware active
- Security Risks of Serverless Application

View the news bulletin in PDF format2019-W10 (4 Mar 2019 – 10 Mar 2019)

- Spam emails from zombie email account
- Long tail of attacks on identity data in 2018

View the news bulletin in PDF format2019-W09 (25 Feb 2019 – 3 Mar 2019)

- PDF Signature Spoofing
- Beware of compromised and HTTPS web sites

View the news bulletin in PDF format2019-W08 (18 Feb 2019 – 24 Feb 2019)

- Web applications pose greatest risk to security breaches
- Improving CVSS

View the news bulletin in PDF format2019-W07 (11 Feb 2019 – 17 Feb 2019)

- Remote Browser Isolation for zero trust browsing
- Phishing and humans rooted most cyber attacks on healthcare systems
- Common container runtime runs out into the host

View the news bulletin in PDF format2019-W06 (4 Feb 2019 – 10 Feb 2019)

- Password Checkup Plug-in for Chrome
- Pentesters breached 92 percent of tested corporations
- KeySteal vulnerability leaves Mac passwords at risk

View the news bulletin in PDF format2019-W05 (28 Jan 2019 – 3 Feb 2019)

- A cyber security framework for medical devices
- Apple’s FaceTime bug

View the news bulletin in PDF format2019-W04 (21 Jan 2019 – 27 Jan 2019)

- Unauthorised access to domain administrator privileges through Microsoft Exchange exploits
- The state of malware in 2018

View the news bulletin in PDF format2019-W03 (14 Jan 2019 – 20 Jan 2019)

- Malicious Windows short-cut spread by movie download
- Are Bug bounties silver bullet for better security?
- WordPress warns use of outdated PHP versions

View the news bulletin in PDF format2019-W02 (7 Jan 2019 – 13 Jan 2019)

- Ransomware MongoLock deletes rather than encrypts files
- New pen testing tool risks real attacks

View the news bulletin in PDF format2019-W01 (31 Dec 2018 – 6 Jan 2019)

- Divided Network and Cyber Security Teams
- Artificial Intelligence in Cyber Security



Year: 2019, 2018, 2017