GovCERT.HK - Security Bulletins

GovCERT.HK Weekly IT Security News Bulletin
2021-W52 (27 Dec 2021 – 2 Jan 2022) - Password stealer targeting accounts saved in web browsers - A growing threat of malicious dormant domains
2021-W51 (20 Dec 2021 – 26 Dec 2021) - Fileless malware hidden in the Windows Registry - New malware botnet targeting Linux systems
2021-W50 (13 Dec 2021 – 19 Dec 2021) - Hackers stealing Microsoft Exchange credentials via malicious IIS module - Banks' customers targeted with Android Trojan
2021-W49 (6 Dec 2021 – 12 Dec 2021) - Numerous applications vulnerable to Log4Shell attacks - Vulnerabilities detected in popular Wi-Fi routers
2021-W48 (29 Nov 2021 – 5 Nov 2021) - Be aware of double extortion ransomware attacks - Increasing use of Rich Text Format (RTF) files in phishing attacks
2021-W47 (22 Nov 2021 – 28 Nov 2021) - Observing attacks against Internet-exposed ports and services - Researchers bypassing fingerprint scanners
2021-W46 (15 Nov 2021 – 21 Nov 2021) - Exploiting Microsoft Exchange servers for business email compromise attacks - New Android Trojan targeting banking apps
2021-W45 (8 Nov 2021 – 14 Nov 2021) - Resurgence of HTTP smuggling attack - Microsoft Office documents used to deploy Cobalt Strike
2021-W44 (1 Nov 2021 – 7 Nov 2021) - Invisible vulnerabilities threatening the security of source code - New data exfiltration tool used in ransomware attacks
2021-W43 (25 Oct 2021 – 31 Oct 2021) - Pay attention to API security - Wi-Fi devices subject to password cracking
2021-W42 (18 Oct 2021 – 24 Oct 2021) - Be aware of business email compromise - Phishing campaign targeting YouTube creators with cookie theft malware
2021-W41 (11 Oct 2021 – 17 Oct 2021) - NSA warning of heightened wildcard TLS certificate risk - Including security in employee offboarding
2021-W40 (4 Oct 2021 – 10 Oct 2021) - Python ransomware targeting virtual machines hypervisors - Popular streaming platform suffered massive data breach
2021-W39 (27 Sep 2021 – 3 Oct 2021) - Be aware of one-time password interception bots - Android Trojan found in hundreds of mobile applications
2021-W38 (20 Sep 2021 – 26 Sep 2021) - Windows credentials leaked due to Microsoft’s Autodiscover flaw - Large-Scale phishing-as-a-service operation exposed
2021-W37 (13 Sep 2021 – 19 Sep 2021) - Critical vulnerability in Microsoft's browser engine for Internet Explorer - Defending against SSID stripping attacks
2021-W36 (6 Sep 2021 – 12 Sep 2021) - Attackers accelerating its lateral movement in target networks - Malicious office documents making a come back
2021-W35 (30 Aug 2021 – 5 Sep 2021) - BrakTooth vulnerabilities affecting billions of Bluetooth devices - Accelerating abuse of Internet-sharing services for malware campaign
2021-W34 (23 Aug 2021 – 29 Aug 2021) - Security risks in third-party mobile app - Microsoft Exchange servers being hacked by new LockFile ransomware
2021-W33 (16 Aug 2021 – 22 Aug 2021) - Popular email clients subject to attacks - A critical vulnerability affecting millions of IoT devices
2021-W32 (9 Aug 2021 – 15 Aug 2021) - Actively exploited bug bypasses authentication on routers and IoT devices - Thousands of Facebook accounts hijacked by a new Android malware
2021-W31 (2 Aug 2021 – 8 Aug 2021) - HTTP desync attacks against websites - Microsoft web servers targeted by hackers
2021-W30 (26 Jul 2021 – 1 Aug 2021) - Avoid cloud misconfigurations - Top routinely exploited vulnerabilities
2021-W29 (19 Jul 2021 – 25 Jul 2021) - Be aware of malware in pirated software - Cyber attacks can become life-threatening
2021-W28 (12 Jul 2021 – 18 Jul 2021) - IoT malware activities on the rise - Useful resources on protection against ransomware
2021-W27 (5 Jul 2021 – 11 Jul 2021) - Defense against software supply chain attacks - Critical vulnerability in the Windows printing functionality
2021-W26 (28 Jun 2021 – 4 Jul 2021) - Definition of critical software by NIST - Malicious apps targeting Facebook credentials
2021-W25 (21 Jun 2021 – 27 Jun 2021) - Remote wipe of data in network attached storage via vulnerability - Signature-based malware detection becomes ineffective
2021-W24 (14 Jun 2021 – 20 Jun 2021) - Potential attack on Wi-Fi of iPhone with special SSID - Proposed framework for securing software supply chains
2021-W23 (7 Jun 2021 – 13 Jun 2021) - Act fast to remediate compromised accounts - Vulnerable financial mobile applications
2021-W22 (31 May 2021 – 6 Jun 2021) - Common security issues in enterprise devices - Bypassing defense through trusted applications
2021-W21 (24 May 2021 – 30 May 2021) - Impersonation attack made possible through flaws in bluetooth - Tampering with security headers by Chrome extensions
2021-W20 (17 May 2021 – 23 May 2021) - Detect and patch vulnerabilities without delay - Exposure of personal data in mobile apps
2021-W19 (10 May 2021 – 16 May 2021) - Secure critical infrastructure from cyber attacks - Wi-Fi devices subject to FragAttacks
2021-W18 (3 May 2021 – 9 May 2021) - AWS API key exposed in mobile apps - Bug detection through code inconsistency
2021-W17 (26 April 2021 – 2 May 2021) - Secure NFC communication - Defense against software supply chain attacks
2021-W16 (19 April 2021 – 25 April 2021) - Proper identity and access management in cloud environment - Insufficient patch review in open-source software
2021-W15 (12 April 2021 – 18 April 2021) - Trends in attacks on corporate mobile devices - Search Engine Poisoning for Malware Distribution
2021-W14 (5 April 2021 – 11 April 2021) - Security risks in third-party app stores - Setting up defense against firmware attacks
2021-W13 (29 March 2021 – 4 April 2021) - Evolving threats from malware - Mitigate risks in adopting public cloud
2021-W12 (22 March 2021 – 28 March 2021) - Importance of DMARC enforcement - Risk in open source components
2021-W11 (15 March 2021 – 21 March 2021) - Business email compromise attacks on the rise - Proof-of-concept of Spectre exploit on browsers
2021-W10 (8 March 2021 – 14 March 2021) - Threat Landscape in 2020 - Software code signing through Sigstore
2021-W09 (1 March 2021 – 7 March 2021) - Patch your Microsoft Exchange server now - Boost digital security with Zero Trust
2021-W08 (22 February 2021 – 28 February 2021) - Consolidation and collaboration as a key to secure networks - Staying vigilant against AppleJeus malware
2021-W07 (15 February 2021 – 21 February 2021) - Unprecedentedly large number of vulnerabilities found in 2020 - Data Exfiltration using Google Apps scripts
2021-W06 (8 February 2021 – 14 February 2021) - Moving towards quantum-proof cryptography - Cyber attack can be life-threatening
2021-W05 (1 February 2021 – 7 February 2021) - Be aware of suspicious browser extension - Exploiting Plex media servers for DDoS attacks
2021-W04 (25 January 2021 – 31 January 2021) - Zero-day vulnerabilities fixed in Apple products - Gain root privilege through vulnerability in Sudo
2021-W03 (18 January 2021 – 24 January 2021) - Hacking e-readers through multiple vulnerabilities - DDoS attacks through RDP services
2021-W02 (11 January 2021 – 17 January 2021) - DNS over HTTPS (DoH) as a double-edged sword - Patches to Vulnerabilities in Microsoft Products
2021-W01 (4 January 2021 – 10 January 2021) - Malware uses BSSID to find out the geolocation of infected hosts - Replace deprecated TLS protocol configurations now

GovCERT.HK Weekly IT Security News Bulletin