GovCERT.HK - Security Bulletins

GovCERT.HK Weekly IT Security News Bulletin
2020-W53 (28 December 2020 – 3 January 2021) - “Swatting” with compromised home devices - Cross layer attacks through flawed random number generator
2020-W52 (21 December 2020 – 27 December 2020) - Is your organisation ready for remote work? - Another backdoor found in SolarWinds Orion Platform
2020-W51 (14 December 2020 – 20 December 2020) - Supply chain attack threatening organisations around the world - Vulnerable WordPress plugin allows unrestricted file upload
2020-W50 (7 December 2020 – 13 December 2020) - Video conferencing tool vulnerable to remote code execution - Enforcing DMARC to protect domains against email spoofing
2020-W49 (30 November 2020 – 4 December 2020) - Be aware of vulnerable or malicious docker images - Popular apps vulnerable to a bug in Google’s Play Core Library
2020-W48 (23 November 2020 – 29 November 2020) - Vulnerabilities in Drupal enables arbitrary code execution - Flaw in two-factor authentication used in website hosting servers
2020-W47 (16 November 2020 – 22 November 2020) - Be aware of phishing attacks leveraging google services - Vulnerability in Facebook Messenger enables spying on users
2020-W46 (9 November 2020 – 15 November 2020) - Do not reuse your passwords - DNS cache poisoning
2020-W45 (2 November 2020 – 8 November 2020) - Patch your chrome browser now - Remote attack on internal networks
2020-W44 (26 October 2020 – 1 November 2020) - WebLogic servers under attack - Ransomware attack on coffee makers
2020-W43 (19 October 2020 – 25 October 2020) - Takedown of TrickBot - Telegram and email accounts hijacked in SS7 mobile attack
2020-W42 (12 October 2020 – 18 October 2020) - Fix the "Bad Neighbour" bug in Windows Systems - BleedingTooth vulnerabilities in Linux Kernel
2020-W41 (5 October 2020 – 11 October 2020) - Vulnerabilities found in anti-malware tools - TV remote as a spying device
2020-W40 (28 September 2020 – 4 October 2020) - Phishing pages with CAPTCHAs - Be aware of cryptojacking
2020-W39 (21 September 2020 – 27 September 2020) - Critical vulnerability in Windows Netlogon Remote Protocol - Defending against fileless malware - Security issues related to QR codes
2020-W38 (14 September 2020 – 20 September 2020) - Credential stuffing on the rise - Useful guidance on mitigating ransomware
2020-W37 (7 September 2020 – 13 September 2020) - Malicious Excel files bypass security screening - A survey on identity security
2020-W36 (31 August 2020 – 6 September 2020) - Ransomware attacks with penetration testing tools - Blocking Internet access to unsafe network services
2020-W35 (24 August 2020 – 30 August 2020) - Worldwide ransom denial of service (RDoS) attacks - Top three ways of ransomware attacks against enterprises - Malware pre-installed on mobile phones
2020-W34 (17 August 2020 – 23 August 2020) - Digitally signed Windows files being spoofed by GlueBall - Duri: An HTML smuggling campaign
2020-W33 (10 August 2020 – 16 August 2020) - Securing satellite broadband communications - Email authentication could be compromised in eighteen ways
2020-W32 (3 August 2020 – 9 August 2020) - Guidance on Artificial Intelligence (AI) and data protection - Birth of the Open Source Security Foundation
2020-W31 (27 July 2020 – 2 August 2020) - Email account takeover - Network protocols abused for distributed denial-of-service (DDoS) attacks - 香港及新加坡警方聯合搗破跨國釣魚電郵詐騙集團
2020-W30 (20 July 2020 – 26 July 2020) - Scammers behind public clouds - ThiefQuest malware targeting macOS devices
2020-W29 (13 July 2020 – 19 July 2020) - Password guidelines for reference - Data at risk due to client-side web attacks - Fix the SIGRed bug on Windows Domain Name System (DNS) Server
2020-W28 (6 July 2020 – 12 July 2020) - Home router security - Decommissioned subdomains risk hijacking for frauds - Secure use of public cloud platform
2020-W27 (29 June 2020 – 5 July 2020) - Doubled remote desktop brute-forcing in pandemic lockdown - Concern for Transport Layer Security (TLS) certificate security risks
2020-W26 (22 June 2020 – 28 June 2020) - Global Privacy Benchmarks Survey - Printers exposed on the Internet
2020-W25 (15 June 2020 – 21 June 2020) - Web skimming on international retail chains - Protect your domain
2020-W24 (8 June 2020 – 14 June 2020) - Proven SMB exploitations of Windows systems - New Universal Plug and Play (UPnP) vulnerability
2020-W23 (1 June 2020 – 7 June 2020) - Mind drive-by-downloads when browsing - Seizure of a whole cloud infrastructure enabled by an injection vulnerability
2020-W22 (25 May 2020 – 31 May 2020) - RangeAmp attacks on websites and CDN servers - 2020 DevSecOps Survey
2020-W21 (18 May 2020 – 24 May 2020) - Bluetooth Low Energy (BLE) devices subject to man-in-the-middle attacks - Leaving employees or contractors involved in 60% of insider incidents - New Domain Name System (DNS) vulnerability leading to denial-of-service (DoS) attacks
2020-W20 (11 May 2020 – 17 May 2020) - Secure WordPress websites against plugin vulnerabilities - 香港企業網絡保安仍有待改善
2020-W19 (4 May 2020 – 10 May 2020) - CursedChrome as a proof-of-concept malicious browser extension - A look into the effectiveness of cyber security investments
2020-W18 (27 April 2020 – 3 May 2020) - Formjacking as a threat to online shopping - Android-based malware evolved for mobile ransomware attacks - Zero-click bugs on Apple operating systems
2020-W17 (20 April 2020 – 26 April 2020) - Secure software with machine learning - Remote desktop access subject to Dynamic Link Library (DLL) side-loading attacks
2020-W16 (13 April 2020 – 19 April 2020) - Common threats to cloud security - Additional cyber risks for Work from Home
2020-W15 (6 April 2020 – 12 April 2020) - Cyber criminals hidden behind SSL certificates - How xHelper Trojan stays immortal on Android devices
2020-W14 (30 March 2020 – 5 April 2020) - A giant hotel chain’s another big data breach within two years - Remote access Trojan spread across industries through the supply chain
2020-W13 (23 March 2020 – 29 March 2020) - Proliferation of hacking tools against industrial control systems - Mobile malware targeting Hong Kong iOS users
2020-W12 (16 March 2020 – 22 March 2020) - Ransomware deployment trends - Mind the risks of virtual meetings
2020-W11 (9 March 2020 – 15 March 2020) - Time to deploy multi-factor authentication - Conficker revives on Internet of Things
2020-W10 (2 March 2020 – 8 March 2020) - SurfingAttack: exploitation of mobile phones by ultrasound across tables - Robot vacuum cleaners may leave consumers’ privacy at risk
2020-W09 (24 February 2020 – 1 March 2020) - Be ready for handling a data breach - Recommended use of longer passwords
2020-W08 (17 February 2020 – 23 February 2020) - Firmware security for peripheral devices - Credential stuffing attacks on application programming interfaces (APIs)
2020-W07 (10 February 2020 – 16 February 2020) - Google Chrome stops Hyper Text Transfer Protocol (HTTP) downloads - Potential distributed Denial-of-Service (DDoS) attacks from 12,000 servers
2020-W06 (3 February 2020 – 9 February 2020) - Know what Internet of Things (IoT) devices are connected to your network - Mitigating cloud vulnerabilities
2020-W05 (27 January 2020 – 2 February 2020) - Strong data privacy practices make profit - Implementation faults lead to vulnerable LoRaWAN networks
2020-W04 (20 January 2020 – 26 January 2020) - FTCODE Ransomware upgraded to steal credentials - Underground markets selling access to managed service providers
2020-W03 (13 January 2020 – 19 January 2020) - Mind juice jacking on your mobile devices - Top 10 API security risks
2020-W02 (6 January 2020 – 12 January 2020) - Cyber-attacks on smart cars - SNAKE is the next ransomware to fight against
2020-W01 (30 December 2019 – 5 January 2020) - Official email server compromised for phishing attacks - Exposure of an API key

GovCERT.HK Weekly IT Security News Bulletin