GovCERT.HK Weekly IT Security News Bulletin 2017 |
|---|
 2017-W52 (25 Dec - 31 Dec 2017)
- Loapi Trojan - a Swiss Army knife for Android attackers |
| 2017-W51 (18 Dec - 24 Dec 2017)
- JScript exploitation in Windows via automatic proxy configuration |
| 2017-W50 (11 Dec - 17 Dec 2017)
- Rogue admin account created at unpatched WordPress websites |
| 2017-W49 (4 Dec - 10 Dec 2017)
- Satori botnet building up forces |
| 2017-W48 (27 Nov - 3 Dec 2017)
- 蘋果macOS作業系統帳戶驗證機制存在保安漏洞 |
| 2017-W47 (20 Nov - 26 Nov 2017)
- Web analytics tools keylogging website visitors |
| 2017-W46 (13 Nov - 19 Nov 2017)
- #AVGater: Anti-malware flaw causing local privilege escalation |
| 2017-W45 (6 Nov - 12 Nov 2017)
- Misconfigured cloud storages vulnerable to GhostWriter attack |
| 2017-W44 (30 Oct - 5 Nov 2017)
- Estonia freezes 760,000 vulnerable resident ID cards |
| 2017-W43 (23 Oct - 29 Oct 2017)
- Bad Rabbit ransomware hopping across Europe |
| 2017-W42 (16 Oct - 22 Oct 2017)
- WPA/WPA2 vulnerabilities leave Wi-Fi networks open to KRACK attack |
| 2017-W41 (9 Oct - 15 Oct 2017)
- New smart speaker found eavesdropping everything |
| 2017-W40 (2 Oct - 8 Oct 2017)
- Seven vulnerabilities found in Dnsmasq |
| 2017-W39 (25 Sep - 1 Oct 2017)
- Security flaw in Wi-Fi chipset threatening iOS and Android devices |
| 2017-W38 (18 Sep - 24 Sep 2017)
- CCleaner supply chain malware targeted on technology giants |
| 2017-W37 (11 Sep - 17 Sep 2017)
- BlueBorne: a new attack vector comes to Bluetooth devices |
| 2017-W36 (4 Sep - 10 Sep 2017)
- New wave of ransom attacks on MongoDB servers |
| 2017-W35 (28 Aug - 3 Sep 2017)
- Over thousands internet-connected devices left wide open to hackers |
| 2017-W34 (21 Aug - 27 Aug 2017)
- Android mobile apps turned into spyware by advertising kit |
| 2017-W33 (14 Aug - 20 Aug 2017)
- New PowerPoint attack with old flaw |
| 2017-W32 (7 Aug - 13 Aug 2017)
- A research found iOS users the biggest mobile phishing target |
| 2017-W31 (31 July - 6 Aug 2017)
- Trickbot banking Trojan resembles WannaCry way to spread |
| 2017-W30 (24 July - 30 July 2017)
- "Careless with secret information" risks country-wide data leak |
| 2017-W29 (17 July - 23 July 2017)
- A "key" milestone in protecting the DNS |
| 2017-W28 (10 July - 16 July 2017)
- Hundreds of domains hijacked |
| 2017-W27 (3 July - 9 July 2017)
- Researchers crack GnuPG crypto library to steal 1024-bit RSA encryption private key |
| 2017-W26 (26 June - 2 July 2017)
- Petrwrap ransomware outbreak goes global |
| 2017-W25 (19 June - 25 June 2017)
- The British Parliament has been hit by a cyberattack |
| 2017-W24 (12 June - 18 June 2017)
- Patch NOW for critical Windows vulnerabilities facing destructive cyber-attacks |
| 2017-W23 (5 June - 11 June 2017)
- Botnets overshadowed by ransomware |
| 2017-W22 (29 May - 4 June 2017)
- The Judy malware spreads through apps on Google Play |
| 2017-W21 (22 May - 28 May 2017)
- EternalRocks spreads through additional Shadow Brokers exploits |
| 2017-W20 (15 May - 21 May 2017)
- Behind WannaCry, Jaff, UIWIX and Adylkuzz line up |
| 2017-W19 (8 May - 14 May 2017)
- Massive ransomware infections hit computers around the world |
| 2017-W18 (1 May - 7 May 2017)
- Intrusion affecting multiple victims across multiple sectors |
| 2017-W17 (24 April - 30 April 2017)
- INTERPOL operation uncovers nearly 9,000 C2 servers in ASEAN |
| 2017-W16 (17 April - 23 April 2017)
- BrickerBot permanent denial-of-service attack |
| 2017-W15 (10 April - 16 April 2017)
- Stealing PINs via mobile sensors: actual risk versus user perception |
| 2017-W14 (3 April - 9 April 2017)
- iCloud mail phishing scam wants to steal Apple accounts, banking data, identity |
| 2017-W13 (27 March - 2 April 2017)
- Suspected theft of Registration and Electoral Office computers |
| 2017-W12 (20 March - 26 March 2017)
- Hackers: we will remotely wipe iPhones unless Apple pays ransom |
| 2017-W11 (13 March - 19 March 2017)
- Check Point discloses vulnerability that allowed hackers to take over hundreds of millions of WhatsApp & Telegram accounts |
| 2017-W10 (6 March - 12 March 2017)
- WikiLeaks releases files on CIA cyber spying tools which can compromise desktop operating systems, iOS systems, Android devices, internet routers, smart TVs, and more |
| 2017-W09 (27 February - 5 March 2017)
- RATANKBA: Delving into large-scale watering holes against enterprises |
| 2017-W08 (20 February - 26 February 2017)
- 94% of critical Microsoft vulnerabilities mitigated by removing admin rights |
| 2017-W07 (13 February - 19 February 2017)
- Analysis of Internet-connected devices reveals millions are vulnerable to attack |
| 2017-W06 (6 February - 12 February 2017)
- How e-mail filtering helps defend against malware and ransomware |
| 2017-W05 (30 January - 5 February 2017)
- Cisco 2017 Annual Cybersecurity Report: chief security officers reveal true cost of breaches and the actions organizations are taking |
| 2017-W04 (23 January - 29 January 2017)
- Gmail will block .js file attachments starting February 13, 2017 |
| 2017-W03 (16 January - 22 January 2017)
- Locky ransomware is on the march again |
| 2017-W02 (9 January - 15 January 2017)
- Keynote Speech by Mr. Victor Lam, JP, Deputy Government Chief Information Officer, at the “Gazing Through the Crystal Ball: CyberSecurity 2017 - Predicting the Good, the Bad and the Ugly” Seminar |
| 2017-W01 (2 January - 8 January 2017)
- An APAC perspective: Cyber security predictions for 2017 |