-
“Together, We Create a Safe Cyberworld” Tram Body Design Contest (From 8-February-2024 to 15-April-2024)
The Tram Body Design Contest - “Together, We Create a Safe Cyberworld” (“the Contest”) is jointly organised by the Office of the Government Chief Information Officer, the Hong Kong Police Force and the Hong Kong Computer Emergency Response Team Coordination Centre. The Contest aims to arouse the public awareness of cybersecurity, so as to prevent them from falling into online traps, and strengthen city-wide defence against cyberattacks.
-
Eighty citizens and seven organisations commended for helping Police fight crime (with photos) (17-March-2024)
The “Good Citizen Award (GCA) Presentation Ceremony 2023”, organised by the Hong Kong Police Force, was held today (March 17) at the Hong Kong Convention and Exhibition Centre. Eighty citizens were commended for assisting the Force in fighting crime and upholding the rule of law.
-
HKIB Cybersecurity Solutions Day 2024 (15-March-2024)
Ensuring Vigilance: AI-Powered Cybersecurity for a Changing Landscape
-
Security Alert (A24-03-15): Multiple Vulnerabilities in Microsoft Edge (15-March-2024)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
Fraudulent website and internet banking login screen related to Bank of China (Hong Kong) Limited (15-March-2024)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.
-
Security Alert (A24-03-14): Multiple Vulnerabilities in Cisco IOS XR Software (14-March-2024)
Cisco released security advisories to address multiple vulnerabilities in Cisco IOS XR Software.
-
Security Alert (A24-03-13): Multiple Vulnerabilities in Apache Tomcat (14-March-2024)
The Apache Software Foundation released security updates to address multiple vulnerabilities in the Apache Tomcat.
-
Security Alert (A24-03-12): Multiple Vulnerabilities in SonicWall Products (13-March-2024)
SonicWall released security advisories to address multiple vulnerabilities in SonicWall products.
-
Security Alert (A24-03-11): Vulnerability in Google Chrome (13-March-2024)
Google released a security update to address a vulnerability in Google Chrome.
-
High Threat Security Alert (A24-03-10): Multiple Vulnerabilities in Fortinet Products (13-March-2024)
Fortinet released security advisories to address multiple vulnerabilities in Fortinet systems.
-
High Threat Security Alert (A24-03-09): Multiple Vulnerabilities in Microsoft Products (March 2024) (13-March-2024)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
-
Fraudulent websites and internet banking login screens related to Bank of China (Hong Kong) Limited (13-March-2024)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.
-
Security Alert (A24-03-08): Multiple Vulnerabilities in QNAP Products (11-March-2024)
QNAP has published security advisories to address multiple vulnerabilities in QNAP products.
-
Deepfake: Where Images Don't Always Speak Truth (11-March-2024)
"Deepfake" is the combination of "Deep learning" and "Fake".
-
Phishing Alert - Phishing Campaigns Targeting Users in Various Platforms on the Rise (8-March-2024)
There is threat intelligence indicating an increasing trend of phishing attacks targeting users on various platforms.
-
Security Alert (A24-03-07): Multiple Vulnerabilities in Microsoft Edge (8-March-2024)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
Fraudulent social media page and phishing emails related to China CITIC Bank International Limited (8-March-2024)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited relating to a fraudulent social media page and phishing emails, which have been reported to the HKMA.
-
How To Protect Your Data in Quantum Age (7-March-2024)
A quantum computer represents a groundbreaking paradigm shift in computing, leveraging the intricate principles of quantum mechanics to execute certain computations exponentially faster than their classical counterparts.
-
Security Alert (A24-03-06): Multiple Vulnerabilities in Cisco Products (7-March-2024)
Cisco released security advisories to address multiple vulnerabilities in Cisco products.
-
Fraudulent website and internet banking login screen related to Bank of China (Hong Kong) Limited (7-March-2024)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.
-
Fraudulent website related to Bank of Singapore Limited (7-March-2024)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited relating to a fraudulent website, which has been reported to the HKMA.
-
Security Alert (A24-03-05): Multiple Vulnerabilities in Google Chrome (6-March-2024)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
High Threat Security Alert (A24-03-04): Multiple Vulnerabilities in VMware Products (6-March-2024)
VMware has published a security advisory to address multiple vulnerabilities in VMware products.
-
High Threat Security Alert (A24-03-03): Multiple Vulnerabilities in Apple iOS and iPadOS (6-March-2024)
Apple has released iOS 16.7.6, iOS 17.4, iPadOS 16.7.6 and iPadOS 17.4 to fix the vulnerabilities in various Apple devices.
-
Inland Revenue Department alerts public to fraudulent emails (6-March-2024)
The Inland Revenue Department today (March 6) alerted members of the public to fraudulent emails purportedly issued by the department, which invite recipients to claim tax refunds.
-
Suspicious websites related to Mox Bank Limited (6-March-2024)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Mox Bank Limited relating to suspicious websites, which have been reported to the HKMA.
-
Fraudulent websites and mobile applications related to CMB Wing Lung Bank Limited (6-March-2024)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by CMB Wing Lung Bank Limited relating to fraudulent websites and mobile applications (apps), which have been reported to the HKMA.
-
Security Alert (A24-03-02): Multiple Vulnerabilities in Android (5-March-2024)
Google has released Android Security Bulletin March 2024 to address multiple vulnerabilities in Android operating system.
-
Fraudulent website and phishing emails related to Public Bank (Hong Kong) Limited (5-March-2024)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Public Bank (Hong Kong) Limited relating to a fraudulent website and phishing emails, which have been reported to the HKMA.
-
Fraudulent website and phishing instant messages related to Fubon Bank (Hong Kong) Limited (4-March-2024)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Fubon Bank (Hong Kong) Limited relating to a fraudulent website and phishing instant messages, which have been reported to the HKMA.
-
Security Alert (A24-03-01): Multiple Vulnerabilities in Microsoft Edge (1-March-2024)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
Inland Revenue Department alerts public to fraudulent emails (1-March-2024)
The Inland Revenue Department today (March 1) alerted members of the public to fraudulent emails purportedly issued by the department, which invite recipients to claim tax refunds.
-
Cyber Security Professional Awards 2023 (29-February-2024)
The Cyber Security Professional Awards is co-organised by the Hong Kong Police Force, the Government Computer Emergency Response Team Hong Kong (GovCERT.HK) and the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT).
-
Security Alert (A24-02-18): Multiple Vulnerabilities in Cisco Products (29-February-2024)
Cisco released security advisories to address multiple vulnerabilities in Cisco products.
-
Security Alert (A24-02-17): Multiple Vulnerabilities in Google Chrome (29-February-2024)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
Cyber Security Professionals Awards 2023 (with photos) (29-February-2024)
The Cyber Security Professional Awards (CSPA) 2023 presentation ceremony was successfully concluded today (February 29), with a total of 52 winners and organisations commended for their outstanding achievements in the cyber security field.
-
"Report on the Survey on Information Technology Usage and Penetration in the Business Sector for 2023" published (29-February-2024)
The Census and Statistics Department (C&SD) released today (February 29) the "Report on the Survey on Information Technology Usage and Penetration in the Business Sector for 2023".
-
A 64-year-old Male Arrested for Suspected Doxxing Arising from Monetary Disputes (29-February-2024)
The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 64 in Kowloon. The arrested person was suspected to have disclosed the personal data of a data subject without her consent, in contravention of section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO).
-
Security Alert (A24-02-16): Vulnerability in VMware Products (28-February-2024)
VMware has published a security advisory to address a vulnerability in VMware products.
-
保安局局長在立法會保安事務委員會就為持續擴展數碼警政而推出的主要資訊科技項目開場發言 (Chinese only) (27-February-2024)
以下是保安局局長鄧炳強今日(二月二十七日)出席立法會保安事務委員會就為持續擴展數碼警政而推出的主要資訊科技項目的開場發言。 (Chinese only)
-
Security Alert (A24-02-15): Multiple Vulnerabilities in Microsoft Edge (26-February-2024)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
Fraudulent websites related to CMB Wing Lung Bank Limited (26-February-2024)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by CMB Wing Lung Bank Limited relating to fraudulent websites, which have been reported to the HKMA.
-
Hong Kong Customs urges public to be alert to fraudulent Customs WeChat account (23-February-2024)
Hong Kong Customs today (February 23) appealed to members of the public to stay alert to a fraudulent Hong Kong Customs' WeChat official account to avoid being scammed.
-
Phishing emails and fraudulent websites related to Alipay Financial Services (HK) Limited (23-February-2024)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Alipay Financial Services (HK) Limited relating to phishing emails and fraudulent websites.
-
Security Alert (A24-02-14): Multiple Vulnerabilities in Firefox (21-February-2024)
Mozilla has published the advisories (MFSA2024-05 and MFSA2024-06) to address multiple vulnerabilities in Firefox browser.
-
Security Alert (A24-02-13): Multiple Vulnerabilities in Google Chrome (21-February-2024)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
Fraudulent website related to Bank Julius Baer & Co. Ltd. (21-February-2024)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank Julius Baer & Co. Ltd. relating to a fraudulent website, which has been reported to the HKMA.
-
SMS Sender Registration Scheme open to all sectors to further combat SMS fraud (21-February-2024)
The Office of the Communications Authority (OFCA) today (February 21) announced that the SMS Sender Registration Scheme is now open for application by all sectors to further help members of the public verify the identities of SMS senders, with a view to combating SMS fraud.
-
Implications of the Development or Use of Artificial Intelligence on Personal Data Privacy. The Privacy Commissioner’s Office has Completed Compliance Checks on 28 Organisations. (21-February-2024)
With the development and use of Artificial Intelligence (AI) becoming increasingly common in Hong Kong, organisations may collect, use or process personal data when they develop or use AI systems, thereby posing risks to personal data privacy.
-
Resource Centre - Leaflet on "The Do's and Don'ts of Using Instant Messaging" (20-February-2024)
Leaflet on "Information Security Guide - The Do's and Don'ts of Using Instant Messaging" is now available at the Resource Centre
-
High Threat Security Alert (A24-02-12): Multiple Vulnerabilities in Zoom Products (15-February-2024)
Zoom has published a security advisory to address multiple vulnerabilities in Zoom products.
-
A 27-year-old Female Convicted and Sentenced for Doxxing a Pet Seller (15-February-2024)
The West Kowloon Magistrates’ Court today convicted a 27-year old female, Miss CHAN Tung-ching (defendant), of one charge of a doxxing offence upon her guilty plea. The Court on the same day sentenced the defendant to two weeks’ imprisonment, suspended for 3 years, and a fine of HK$500.
-
Security Alert (A24-02-11): Multiple Vulnerabilities in Adobe Reader/Acrobat (14-February-2024)
Patches are released for Adobe Reader and Acrobat to address multiple vulnerabilities.
-
Security Alert (A24-02-10): Multiple Vulnerabilities in QNAP Products (14-February-2024)
QNAP has published a security advisory to address multiple vulnerabilities in QNAP products.
-
High Threat Security Alert (A24-02-09): Multiple Vulnerabilities in Microsoft Products (February 2024) (14-February-2024)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
-
Reaching Out to the Community – Privacy Commissioner Interviewed by the Media to Explain PCPD’s Work on Data Security (9-February-2024)
The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, was interviewed by Metro Radio’s “Roadmap to Knowledge Economy” on 9 February to give an account of her Office’s follow-up work on the data breach incident relating to the Faculty of Education of the University of Hong Kong. The Privacy Commissioner also explained the work of the Office of the Privacy Commissioner for Personal Data (PCPD) on data security.
-
Fraudulent websites and internet banking login screens related to DBS Bank (Hong Kong) Limited (9-February-2024)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.
-
Phishing emails related to China Minsheng Banking Corp., Ltd. (9-February-2024)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Minsheng Banking Corp., Ltd. relating to phishing emails, which have been reported to the HKMA.
-
High Threat Security Alert (A24-02-08): Vulnerability in Ivanti Products (9-February-2024)
Ivanti has published a security advisory to address a vulnerability in Ivanti systems.
-
High Threat Security Alert (A24-02-07): Multiple Vulnerabilities in Fortinet Products (9-February-2024)
Fortinet released security advisories to address multiple vulnerabilities in Fortinet systems.
-
Security Alert (A24-02-06): Multiple Vulnerabilities in Microsoft Edge (9-February-2024)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
Security Alert (A24-02-05): Multiple Vulnerabilities in Cisco Products (8-February-2024)
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
-
CSA HKM Knowledge Sharing Event – February 2024 (7-February-2024)
CSA Knowledge Sharing Event provides an excellent opportunity for cybersecurity professionals to discuss the latest trends and developments in IT and in the process build a close-knitted cybersecurity community in Hong Kong and Macau.
-
Response of the Privacy Commissioner’s Office on the HKU Faculty of Education’s Data Breach Incident (7-February-2024)
The Office of the Privacy Commissioner for Personal Data (PCPD) received a data breach notification from the Faculty of Education of the University of Hong Kong (HKU) yesterday (7 February), reporting that about 7,400 data subjects had been affected by the data breach incident.
-
OGCIO launches multipronged measures to assist departments in strengthening IT project governance (7-February-2024)
All bureaux and departments (B/Ds) of the Hong Kong Special Administrative Region Government are committed to promoting the digital transformation of government services and actively making use of information technology (IT) to provide more convenient e-government services for people and business.
-
Security Alert (A24-02-04): Multiple Vulnerabilities in Google Chrome (7-February-2024)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
Security Alert (A24-02-03): Multiple Vulnerabilities in Android (7-February-2024)
Google has released Android Security Bulletin February 2024 to fix multiple vulnerabilities in Android operating system.
-
Suspicious website related to Mox Bank Limited (6-February-2024)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Mox Bank Limited relating to a suspicious website, which has been reported to the HKMA.
-
Fraudulent website and phishing emails related to Public Bank (Hong Kong) Limited (6-February-2024)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Public Bank (Hong Kong) Limited relating to a fraudulent website and phishing emails, which have been reported to the HKMA.
-
Fraudulent social media accounts and phishing instant messages related to Airstar Bank Limited (5-February-2024)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Airstar Bank Limited relating to fraudulent social media accounts and phishing instant messages, which have been reported to the HKMA.
-
Phishing emails related to DBS Bank (Hong Kong) Limited (5-February-2024)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to phishing emails, which have been reported to the HKMA.
-
Security Alert (A24-02-02): Multiple Vulnerabilities in QNAP Products (5-February-2024)
QNAP has published security advisories to address multiple vulnerabilities in QNAP products.
-
‘e-Generation Joyful Internet Surfing’ Parent Seminar (3): Protecting Personal Data Privacy Online & Effective Use of Library e-Resources (2-February-2024)
The Education Bureau, Hong Kong Education City, and Committee on Home-School Co-operation will co-organise a seminar on ‘e-Generation Joyful Internet Surfing’ Parent Seminar (3): Protecting Personal Data Privacy Online & Effective Use of Library e-Resources.
-
Security Alert (A24-02-01): Multiple Vulnerabilities in Microsoft Edge (2-February-2024)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
HKCERT Releases Annual Information Security Outlook and Forecast Next Level Phishing Attacks Difficult to Distinguish Hackers Exploit AI for Crimes Could Become a New Normal (1-February-2024)
The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) held a briefing today, and summarised the information security situation in Hong Kong in 2023 as well as released a security outlook for 2024.
-
Privacy Commissioner Urges the Public to Stay Vigilant about the Worldcoin Project and Not to Disclose Biometric Data Arbitrarily (31-January-2024)
The Office of the Privacy Commissioner for Personal Data (PCPD) executed court warrants this afternoon and entered six premises of the Worldcoin project located at Yau Ma Tei, Kwun Tong, Wan Chai, Cyperport, Central and Causeway Bay to carry out investigations.
-
Security Alert (A24-01-29): Multiple Vulnerabilities in Linux Operating Systems (31-January-2024)
Multiple vulnerabilities are found in all versions of the Linux GNU C Library (glibc) from version 1.04 to the latest release version 2.38.
-
Security Alert (A24-01-28): Multiple Vulnerabilities in Google Chrome (31-January-2024)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
High Threat Security Alert (A24-01-27): Multiple Vulnerabilities in GitLab (31-January-2024)
GitLab has released 16.5.8, 16.6.6, 16.7.4 and 16.8.1 to address multiple vulnerabilities in various versions of GitLab.
-
Judiciary alerts public to fraudulent summonses (30-January-2024)
The Judiciary today (January 30) urged the public to stay alert to fraudulent summonses purportedly issued by the Judiciary.
-
Security Alert (A24-01-26): Multiple Vulnerabilities in Juniper Networks Junos OS and Junos OS Evolved (30-January-2024)
Juniper Networks has published security advisories to address multiple vulnerabilities in Junos OS and Junos OS Evolved.
-
Privacy Commissioner’s Office Reports on its Work in 2023 and Publishes a Report on “Privacy Concerns on Electronic Food Ordering at Restaurants” (29-January-2024)
The Office of the Privacy Commissioner for Personal Data (PCPD) today reported on its work in 2023 and released a report on “Privacy Concerns on Electronic Food Ordering at Restaurants”.
-
Fraudulent website and internet banking login screen related to DBS Bank (Hong Kong) Limited (29-January-2024)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.
-
Security Alert (A24-01-25): Multiple Vulnerabilities in Synology DiskStation Manager (29-January-2024)
Synology has published security advisories to address multiple vulnerabilities in various versions of DiskStation Manager (DSM).
-
Security Alert (A24-01-24): Multiple Vulnerabilities in Microsoft Edge (29-January-2024)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
Fraudulent website and phishing emails related to China CITIC Bank International Limited (26-January-2024)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited relating to a fraudulent website and phishing emails, which have been reported to the HKMA.
-
Fraudulent website and social media page related to DBS Bank (Hong Kong) Limited (26-January-2024)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to a fraudulent website and a social media page, which have been reported to the HKMA.
-
A 31-year-old Male Arrested for Suspected Doxxing of a Taxi Driver (26-January-2024)
The Office of the Privacy Commissioner for Personal Data (PCPD) last night arrested a Chinese male aged 31 in the New Territories.
-
Promoting Responsible Sharenting – Privacy Commissioner Publishes an Article entitled “Think Twice Before Sharing Your Children’s Lives Online” (25-January-2024)
The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, published an article entitled “Think Twice Before Sharing Your Children’s Lives Online”.
-
Security Alert (A24-01-23): Multiple Vulnerabilities in Cisco Products (25-January-2024)
Cisco released security advisories to address multiple vulnerabilities in Cisco products.
-
Global Data Breach Involving Various Social Media and Online Platforms Privacy Commissioner’s Office Reminds Platform Users to Stay Vigilant (24-January-2024)
The Office of the Privacy Commissioner for Personal Data (PCPD) noted reports of overseas media that researchers of cybersecurity information websites uncovered global data breach incidents affecting various online platforms.
-
LCQ20: Combating online and phone fraud (24-January-2024)
Following is a question by the Hon Chan Kin-por and a written reply by the Secretary for Security, Mr Tang Ping-keung, in the Legislative Council today (January 24).
-
LCQ18: Development and application of artificial intelligence (24-January-2024)
Following is a question by the Hon Elizabeth Quat and a written reply by the Secretary for Innovation, Technology and Industry, Professor Sun Dong, in the Legislative Council today (January 24).
-
Public should beware of scam video about investment plan purported to be recommended by CE (24-January-2024)
A Government spokesman today (January 24) advised members of the public to stay vigilant about forged TV programme clips created by artificial intelligence circulating online about an investment plan purported to be recommended by the Chief Executive.
-
Security Alert (A24-01-22): Multiple Vulnerabilities in Firefox (24-January-2024)
Mozilla has published the advisories (MFSA2024-01 and MFSA2024-02) to address multiple vulnerabilities in Firefox browser.
-
Security Alert (A24-01-21): Multiple Vulnerabilities in Google Chrome (24-January-2024)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
Resource Centre - Leaflet on "Misinformation and Disinformation" (23-January-2024)
Leaflet on "Information Security Guide - Misinformation and Disinformation" is now available at the Resource Centre
-
SWD urges public to be alert to fraudulent job advertisements (23-January-2024)
The Social Welfare Department (SWD) today (January 23) alerted members of the public to fraudulent job advertisements published on a social media platform.
-
High Threat Security Alert (A24-01-20): Multiple Vulnerabilities in Apple iOS and iPadOS (23-January-2024)
Apple has released iOS 15.8.1, iOS 16.7.5, iOS 17.3, iPadOS 15.8.1, iPadOS 16.7.5 and iPadOS 17.3 to fix the vulnerabilities in various Apple devices.
-
High Threat Security Alert (A24-01-19): Vulnerability in Ivanti Endpoint Manager Mobile (MobileIron Core) (22-January-2024)
Ivanti has published a security advisory to address a vulnerability in Ivanti Endpoint Manager Mobile.
-
Transport Department alerts public to fraudulent SMS messages of HKeToll (21-January-2024)
The Transport Department (TD) today (January 21) alerted members of the public to fraudulent SMS messages purportedly issued by the HKeToll.
-
Police hold CyberDefenders' Carnival 2024 (with photos) (20-January-2024)
The Cyber Security and Technology Crime Bureau (CSTCB) of the Hong Kong Police Force held the "CyberDefenders’ Carnival 2024" at HarbourChill, Wan Chai today (January 20) to educate the public about cyber threats and digital security through entertaining performances and interactive game booths, attracting 8,000 participants.
-
HKMA alerts public to an online video purported to be interview with HKMA Chief Executive (18-January-2024)
The Hong Kong Monetary Authority (HKMA) today (January 18) urged members of the public to remain vigilant against an online video purported to be a media interview with the Chief Executive of the HKMA, Mr Eddie Yue, on an investment item.
-
Security Alert (A24-01-18): Vulnerability in Drupal (18-January-2024)
Drupal published a security advisory to address a vulnerability in the Drupal products.
-
High Threat Security Alert (A24-01-17): Multiple Vulnerabilities in Microsoft Edge (18-January-2024)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
LCQ3: Ensuring the normal operation of government electronic systems (17-January-2024)
Following is a question by the Hon Yung Hoi-yan and a reply by the Secretary for Innovation, Technology and Industry, Professor Sun Dong, in the Legislative Council today (January 17).
-
Phishing instant messages related to The Hongkong and Shanghai Banking Corporation Limited (17-January-2024)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to phishing instant messages, which have been reported to the HKMA.
-
Security Alert (A24-01-16): Multiple Vulnerabilities in Oracle Java and Oracle Products (January 2024) (17-January-2024)
Oracle released a Critical Patch Update (CPU) Advisory with collections of patches to address multiple vulnerabilities in Java SE and various Oracle products.
-
High Threat Security Alert (A24-01-15): Vulnerability in VMware Aria Automation (17-January-2024)
VMware published a security advisory to address a vulnerability in VMware Aria Automation.
-
High Threat Security Alert (A24-01-14): Multiple Vulnerabilities in Citrix Product (17-January-2024)
Citrix published security advisories to address multiple vulnerabilities in Citrix products.
-
High Threat Security Alert (A24-01-13): Multiple Vulnerabilities in Google Chrome (17-January-2024)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
Reaching Out to the Community – PCPD Representative attends the Press Conference on the Release of “Survey on ‘Sharenting’ and Protecting Children’s Digital Privacy” (16-January-2024)
The Assistant Privacy Commissioner for Personal Data (Complaints and Criminal Investigation) (Acting) of the Office of the Privacy Commissioner for Personal Data (PCPD), Ms Hermina NG, attended the press conference on the release of “Survey on ‘Sharenting’ and Protecting Children’s Digital Privacy” held by the Chinese YMCA of Hong Kong on 14 January. Ms NG shared with participants what parents should watch out before they publish any post regarding their children’s daily lives online, so as to safeguard children privacy.
-
High Threat Security Alert (A24-01-12): Multiple Vulnerabilities in GitLab (16-January-2024)
GitLab has released 16.5.6, 16.6.4 and 16.7.2 to address multiple vulnerabilities in various versions of GitLab.
-
High Threat Security Alert (A24-01-11): Multiple Vulnerabilities in Juniper Networks Junos OS and Junos OS Evolved (16-January-2024)
Juniper Networks has published security advisories to address multiple vulnerabilities in Junos OS and Junos OS Evolved.
-
FSO alerts public to deceptive content purported to be interviews with FS (15-January-2024)
The Financial Secretary's Office (FSO) today (January 15) appealed to members of the public for heightened vigilance against online deceptive advertisements purported to be interviews with the Financial Secretary (FS).
-
A 42-year-old Male Convicted and Sentenced for Doxxing another person because of Monetary Dispute (12-January-2024)
The Shatin Magistrates’ Court today convicted a 42-year old male, Mr WONG Ho-loon (defendant), of two charges of a doxxing offence upon his guilty plea.
-
Fraudulent website, internet banking login screen and phishing instant messages related to Fubon Bank (Hong Kong) Limited (12-January-2024)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Fubon Bank (Hong Kong) Limited relating to a fraudulent website, an internet banking login screen and phishing instant messages, which have been reported to the HKMA.
-
Security Alert (A24-01-10): Multiple Vulnerabilities in Microsoft Edge (12-January-2024)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
Security Alert (A24-01-09): Multiple Vulnerabilities in Cisco Products (11-January-2024)
Cisco released security advisories to address multiple vulnerabilities in Cisco products.
-
High Threat Security Alert (A24-01-08): Multiple Vulnerabilities in Ivanti Products (11-January-2024)
Ivanti released a security advisory to address multiple vulnerabilities in Ivanti products.
-
Security Alert (A24-01-07): Vulnerability in Fortinet Products (10-January-2024)
Fortinet released a security advisory to address a vulnerability in Fortinet products.
-
Security Alert (A24-01-06): Vulnerability in Google Chrome (10-January-2024)
Google released a security update to address a vulnerability in Google Chrome.
-
Security Alert (A24-01-05): Multiple Vulnerabilities in Microsoft Products (January 2024) (10-January-2024)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
-
Promoting Ethical and Responsible Use of AI – Privacy Commissioner Publishes an Article in Banking Today (9-January-2024)
The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, published an article entitled “AI and Ethics: Ensuring the Responsible Use of Generative AI in Banking” in Banking Today, a bi-monthly journal of the Hong Kong Institute of Bankers, where she outlined the potential benefits of generative AI on the banking industry, analysed the technology’s associated privacy and ethical risks, and introduced the evolving regulatory landscape of AI.
-
Fraudulent mobile application related to Hang Seng Bank, Limited (9-January-2024)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited relating to a fraudulent mobile application (app), which has been reported to the HKMA.
-
Government cautions public on online video about investment plan purported to be recommended by CE (9-January-2024)
A Government spokesman today (January 9) cautioned the public not to believe in a forged video created by artificial intelligence circulating online about an investment plan with high returns purported to be recommended by the Chief Executive.
-
Phishing messages and fraudulent websites related to Alipay Financial Services (HK) Limited (9-January-2024)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Alipay Financial Services (HK) Limited relating to phishing messages and fraudulent websites.
-
Fraudulent website and internet banking login screen related to China CITIC Bank International Limited (8-January-2024)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.
-
Security Alert (A24-01-04): Multiple Vulnerabilities in QNAP Products (8-January-2024)
QNAP has published security advisories to address multiple vulnerabilities in QNAP products.
-
Security Alert (A24-01-03): Multiple Vulnerabilities in Microsoft Edge (8-January-2024)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
Fraudulent website, internet banking login screen and social media account related to Hang Seng Bank, Limited (5-January-2024)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited relating to a fraudulent website, an internet banking login screen and a social media account, which have been reported to the HKMA.
-
Phishing email and fraudulent website related to Alipay Financial Services (HK) Limited (5-January-2024)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Alipay Financial Services (HK) Limited relating to a phishing email and a fraudulent website.
-
Fraudulent website and internet banking login screen related to DBS Bank (Hong Kong) Limited (5-January-2024)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.
-
Security Alert (A24-01-02): Multiple Vulnerabilities in Google Chrome (4-January-2024)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
Security Alert (A24-01-01): Multiple Vulnerabilities in Android (4-January-2024)
Google has released Android Security Bulletin January 2024 to fix multiple security vulnerabilities in Android operating system.
-
Fraudulent websites and internet banking login screens related to China CITIC Bank International Limited (3-January-2024)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.
-
Fraudulent website related to Bank Julius Baer & Co. Ltd. (2-January-2024)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank Julius Baer & Co. Ltd. relating to a fraudulent website, which has been reported to the HKMA.
-
Anti-Deception Coordination Centre to enhance scam intervention through SMS communications (with photo) (1-January-2024)
The Anti-Deception Coordination Centre (ADCC) of the Hong Kong Police Force will expand its scheme of “Upstream Scam Intervention” starting tomorrow (January 2) to include sending SMS messages to potential scam victims as a means to provide timely alerts and advice.
-
Fraudulent websites, phishing instant messages and social media accounts related to Airstar Bank Limited (29-December-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Airstar Bank Limited relating to fraudulent websites, phishing instant messages and social media accounts, which have been reported to the HKMA.
-
Fraudulent websites and internet banking login screens related to China CITIC Bank International Limited (28-December-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.
-
High Threat Security Alert (A23-12-17): Vulnerability in Microsoft Edge (22-December-2023)
Microsoft released a security update to address a vulnerability in Microsoft Edge.
-
Privacy Commissioner’s Office Publishes Two Investigation Reports (21-December-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) today published two investigation reports. The first report relates to four cases of improper retention and use of personal data of employees / former employees by employers and the second report relates to unauthorised scraping of the personal data of Carousell users.
-
High Threat Security Alert (A23-12-16): Vulnerability in Google Chrome (21-December-2023)
Google released a security update to address a vulnerability in Google Chrome.
-
財政司司長在香港Web 3.0安全科技峰會暨Web 3.0年度頒獎典禮致辭 (with photos / video) (Chinese only) (21-December-2023)
以下是財政司司長陳茂波今日(十二月二十一日)在香港Web3.0安全科技峰會暨Web3.0年度頒獎典禮的致辭全文。 (Chinese only)
-
Security Alert (A23-12-15): Vulnerability in OpenSSH (20-December-2023)
OpenSSH has released a new version to address a vulnerability in various versions of OpenSSH.
-
Security Alert (A23-12-14): Multiple Vulnerabilities in Firefox (20-December-2023)
Mozilla has published the advisories (MFSA2023-54 and MFSA2023-56) to address multiple vulnerabilities in various versions of Firefox browser.
-
Phishing instant messages related to Nanyang Commercial Bank, Limited (20-December-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Nanyang Commercial Bank, Limited relating to phishing instant messages, which have been reported to the HKMA.
-
SMS Sender Registration Scheme to be launched on December 28 to assist in combating SMS scams (20-December-2023)
The Office of the Communications Authority (OFCA) today (December 20) announced that the SMS Sender Registration Scheme will first be implemented in the telecommunications sector from December 28, with a view to helping members of the public verify the identities of SMS senders and beware of call and SMS scams.
-
Fraudulent website and internet banking login screen related to China CITIC Bank International Limited (20-December-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.
-
Phishing emails related to DBS Bank (Hong Kong) Limited (20-December-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to phishing emails, which have been reported to the HKMA.
-
Hong Kong Cyber Security New Generation Capture the Flag Challenge 2023 Seminar & Award Presentation Ceremony (19-December-2023)
The award presentation ceremony will be held on 19 December 2023. Apart from presenting the awards to the winners, cyber security experts will also be on hand to share their views on cyber security and how to leverage vulnerability management solutions to improve security and security risk management. Besides, there will be two panel discussions on attack and defense techniques.
-
Fraudulent website and internet banking login screen related to China CITIC Bank International Limited (19-December-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.
-
Security Alert (A23-12-13): Multiple Vulnerabilities in Fortinet Products (18-December-2023)
Fortinet released security advisories to address multiple vulnerabilities in Fortinet products.
-
Security Alert (A23-12-12): Multiple Vulnerabilities in Microsoft Edge (18-December-2023)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge
-
Promoting Data Security – Privacy Commissioner Publishes an Article entitled “Safeguarding Data Security in Hong Kong: A Call to Action” on Hong Kong Lawyer (18-December-2023)
The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, published an article entitled “Safeguarding Data Security in Hong Kong: A Call to Action” on Hong Kong Lawyer.
-
Fraudulent websites, mobile applications and internet banking login screens related to ZA Bank Limited (18-December-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by ZA Bank Limited relating to fraudulent websites, mobile applications (Apps) and internet banking login screens, which have been reported to the HKMA.
-
“All-Out Anti-Phishing” Moving Showroom Campaign Season 3 (From 11-December-2023 to 17-December-2023)
The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) will be hosting the third season of "All-Out Anti-Phishing" Moving Showroom Campaign with DinDong from 11 to 17 Dec 2023. Public is welcome to visit.
-
Inter-school Cybersecurity Competition 2023 (From 18-November-2023 to 16-December-2023)
In order to promote and foster cybersecurity education, raise youngsters' interest in cybersecurity and develop the talents needed for 21st century, Institute of Vocational Education (IVE) Chai Wan Information Technology CyberSecurity Centre collaborated with AiTLE and Check Point to organise Inter-school Cybersecurity Competition 2023.
-
CSA HKM Knowledge Sharing Event – December 2023 (15-December-2023)
In the last CSA HKM Knowledge Sharing Event of the year, our expert speaker will share his experience on how to infiltrate US DoD.
-
Phishing message and fraudulent website related to Alipay Financial Services (HK) Limited (15-December-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Alipay Financial Services (HK) Limited relating to a phishing message and a fraudulent website.
-
InfoSec Tour: “Beware of Phishing Attacks” (14-December-2023)
An InfoSec Tour, which was jointly organised by OGCIO and RTHK Radio 2, had invited cyber security expert Mr Ben and DJ Miss Lu to give useful tips and share personal experience on beware of phishing attacks. You can now watch the video of the InfoSec Tour through this hyperlink.
-
Cybersecurity Symposium 2023 (14-December-2023)
The Cybersecurity Symposium 2023 aims to unite quangos, enterprises and other local organisations in Hong Kong to address the cybersecurity challenge in the digital era and explore how the industry can collaborate to enhance the overall cybersecurity resilience of Hong Kong.
-
保安局局長出席撲滅罪行委員會會議後會見傳媒開場發言 (with video) (Chinese only) (14-December-2023)
以下是保安局局長鄧炳強今日(十二月十四日)下午出席撲滅罪行委員會會議後,在添馬政府總部會見傳媒的開場發言。 (Chinese only)
-
創新科技及工業局局長會見傳媒談話全文 (Chinese only) (14-December-2023)
以下是創新科技及工業局局長孫東教授今日(十二月十四日)下午出席「網絡安全技術論壇2023」後會見傳媒的談話內容。
-
SITI attends Cybersecurity Symposium 2023 (with photos) (14-December-2023)
The Secretary for Innovation, Technology and Industry, Professor Sun Dong, officiated at the Cybersecurity Symposium 2023 today (December 14) and shared the latest efforts of the Government in safeguarding cybersecurity and facilitating data flow in Hong Kong. The symposium is co-organised by the Office of the Government Chief Information Officer (OGCIO) and the Hong Kong Internet Registration Corporation Limited.
-
創新科技及工業局局長出席「網絡安全技術論壇2023」致辭全文 (with photos) (Chinese only) (14-December-2023)
以下是創新科技及工業局局長孫東教授今日(十二月十四日)出席「網絡安全技術論壇2023」的致辭全文。 (Chinese only)
-
Fraudulent websites related to Chong Hing Bank Limited (14-December-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites, which have been reported to the HKMA.
-
Security Alert (A23-12-11): Multiple Vulnerabilities in Google Chrome (13-December-2023)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
High Threat Security Alert (A23-12-10): Multiple Vulnerabilities in Microsoft Products (December 2023) (13-December-2023)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
-
A 37-year-old Male Arrested for Suspected Doxxing of His Former Colleague (12-December-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 37 on Hong Kong Island. The arrested person was suspected to have disclosed the personal data of a data subject without his consent, in contravention of section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO).
-
Fraudulent websites and internet banking login screens related to China CITIC Bank International Limited (12-December-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA. A hyperlink to the press release is available on the HKMA website.
-
Fraudulent websites related to Bank Julius Baer & Co. Ltd. (12-December-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank Julius Baer & Co. Ltd. relating to fraudulent websites, which have been reported to the HKMA. A hyperlink to the press release is available on the HKMA website.
-
Security Alert (A23-12-09): Vulnerability in Bluetooth devices (12-December-2023)
A vulnerability has been identified in various devices running different operating systems, including Android, Linux, iOS and macOS, while the Bluetooth functionality is enabled.
-
High Threat Security Alert (A23-12-08): Multiple Vulnerabilities in Apple iOS and iPadOS (12-December-2023)
Apple has released iOS 16.7.3, iOS 17.2, iPadOS 16.7.3 and iPadOS 17.2 to fix the vulnerabilities in various Apple devices.
-
Raising Public Awareness to Combat Fraud – Privacy Commissioner’s Office Organises a Seminar on “Safe Use of WhatsApp and Social Media Platforms” (11-December-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) organised a seminar on “Safe Use of WhatsApp and Social Media Platforms” in hybrid mode on 8 December, which attracted over 600 participants.
-
Security Alert (A23-12-07): Multiple Vulnerabilities in QNAP Products (11-December-2023)
QNAP has published security advisories to address multiple vulnerabilities in QNAP products.
-
‘e-Generation Joyful Internet Surfing’ Parent Seminar (2) Preventing Internet Addiction and Saying No to Harmful Online Information (9-December-2023)
In this seminar,a representative from Office for Film, Newspaper & Article Administration will share with parents how to assist their children in establishing positive values, staying away from harmful information, and avoiding falling into online traps.
-
Fraudulent social media accounts related to Livi Bank Limited (8-December-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Livi Bank Limited relating to fraudulent social media accounts, which have been reported to the HKMA.
-
ITIB publishes Policy Statement on Facilitating Data Flow and Safeguarding Data Security in Hong Kong (8-December-2023)
The Innovation, Technology and Industry Bureau (ITIB) published the Policy Statement on Facilitating Data Flow and Safeguarding Data Security in Hong Kong (Policy Statement) today (December 8) to set out the Government's management principles and key strategies on data flow and data security, and to put forward 18 specific action items.
-
Security Alert (A23-12-06): Multiple Vulnerabilities in Microsoft Edge (8-December-2023)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
Security Alert (A23-12-05): Vulnerability in Apache Struts (7-December-2023)
The Apache Software Foundation has released the security bulletins to address the vulnerability in Apache Struts.
-
Speech by Mr Daniel Cheung, Assistant Government Chief Information Officer (Cyber Security and Digital Identity), at the “Inauguration Ceremony of the Hong Kong China Network Security Association” (Chinese only) (6-December-2023)
Speech by Mr Daniel Cheung, Assistant Government Chief Information Officer (Cyber Security and Digital Identity), at the “Inauguration Ceremony of the Hong Kong China Network Security Association” (Chinese only)
-
Judiciary alerts public to phishing email (6-December-2023)
The Judiciary today (December 6) called on the public to stay vigilant to phishing emails sent from the email accounts "Jason Ding <Jason@judiciary[.]hk>" and "<jasonding@judiciary[.]hk>". The emails falsely claim that they were issued by the Judiciary of the Hong Kong Special Administrative Region.
-
Security Alert (A23-12-04): Vulnerability in Cisco Products (6-December-2023)
Cisco released a security advisory to address a vulnerability in Cisco software.
-
Security Alert (A23-12-03): Multiple Vulnerabilities in Google Chrome (6-December-2023)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
Fraudulent website and internet banking login screen related to Bank of China (Hong Kong) Limited (5-December-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to a fraudulent website and internet banking login screen, which have been reported to the HKMA.
-
Security Alert (A23-12-02): Multiple Vulnerabilities in SonicWall SMA 100 Series Products (5-December-2023)
SonicWall has released a security advisory to address multiple vulnerabilities in SMA 100 series products.
-
Security Alert (A23-12-01): Multiple Vulnerabilities in Android (5-December-2023)
Google has released Android Security Bulletin December 2023 to fix multiple security vulnerabilities in Android operating system.
-
Phishing instant messages and fraudulent social media accounts related to Hang Seng Bank, Limited (4-December-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited relating to phishing instant messages and fraudulent social media accounts, which have been reported to the HKMA.
-
Fraudulent instant messages related to Bank of China (Hong Kong) Limited (4-December-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to fraudulent instant messages, which have been reported to the HKMA.
-
Subject Talk on "New Era of IT": Know More About Technology and National Security (2-December-2023)
The speaker will introduce various technology-related security fields under national security that are closely related to daily life such as Science and Technology Security, Cyber Security, Artificial Intelligence Security and Data Security so that citizens will have a better understanding of the importance of national security to the country, to the Hong Kong and to every Hong Kong citizen.
-
High Threat Security Alert (A23-11-22): Multiple Vulnerabilities in Apple iOS and iPadOS (1-December-2023)
Apple has released iOS 17.1.2 and iPadOS 17.1.2 to fix the vulnerabilities in various Apple devices.
-
High Threat Security Alert (A23-11-21): Multiple Vulnerabilities in Microsoft Edge (30-November-2023)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
立法會:保安局局長就「全面打擊網絡詐騙罪行」議員議案總結發言 (Chinese only) (29-November-2023)
以下是保安局局長鄧炳強今日(十一月二十九日)在立法會會議就「全面打擊網絡詐騙罪行」議員議案的總結發言全文。 (Chinese only)
-
立法會:保安局局長就「全面打擊網絡詐騙罪行」議員議案開場發言 (Chinese only) (29-November-2023)
以下是保安局局長鄧炳強今日(十一月二十九日)在立法會會議就「全面打擊網絡詐騙罪行」議員議案的開場發言全文。(Chinese only)
-
Security Alert (A23-11-20): Vulnerability in Apache Tomcat (29-November-2023)
The Apache Software Foundation released a security update to address a vulnerability in the Apache Tomcat.
-
High Threat Security Alert (A23-11-19): Multiple Vulnerabilities in Google Chrome (29-November-2023)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
A 30-year-old Female Arrested for Suspected Doxxing of Her Neighbours (28-November-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese female aged 30 on Hong Kong Island. The arrested person was suspected to have disclosed the personal data of two data subjects without their consent, in contravention of section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO).
-
Fraudulent mobile application related to LGT Bank AG (27-November-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by LGT Bank AG relating to a fraudulent App, which has been reported to the HKMA.
-
LegCo to debate motion on combating cyber fraud crimes on all fronts (27-November-2023)
The Legislative Council (LegCo) will hold a meeting on Wednesday (November 29) at 11 am in the Chamber of the LegCo Complex.
-
Launch of Faster Payment System Suspicious Proxy ID Alert (27-November-2023)
The Hong Kong Monetary Authority (HKMA) announced the launch of the Faster Payment System (FPS) Suspicious Proxy ID Alert on November 26.
-
High Threat Security Alert (A23-11-18): Multiple Vulnerabilities in ownCloud (27-November-2023)
ownCloud released the security advisories to address multiple vulnerabilities in ownCloud core, graphapi and oauth2 libraries.
-
Transport Department alerts public to fraudulent websites of HKeToll (24-November-2023)
The Transport Department (TD) today (November 24) alerted members of the public to the following fraudulent websites that pretend to be HKeToll, which seek to deceive users into making payments and obtain their vehicle registration marks and credit card information.
-
Hong Kong Police Force launches Anti-Deception Alliance today (24-November-2023)
The Hong Kong Police Force (HKPF) held the inauguration ceremony for the Anti-Deception Alliance today (November 24).
-
Fraudulent social media pages, websites and internet banking login screen related to Hang Seng Bank Limited (24-November-2023)
Fraudulent social media pages, websites and internet banking login screen related to Hang Seng Bank Limited
-
Security Alert (A23-11-17): Multiple Vulnerabilities in Firefox (23-November-2023)
Mozilla has published the advisories (MFSA2023-49 and MFSA2023-50) to address multiple vulnerabilities in Firefox browser.
-
Transport Department alerts public to fraudulent websites of HKeToll (22-November-2023)
The Transport Department (TD) today (November 22) alerted members of the public to beware of fraudulent website addresses ("gov[.]hktc[.]etollu[.]xyz" and "etollu[.]xyz") that pretend to be HKeToll, which seek to deceive users into making payments and obtain their credit card information.
-
LCQ17: Measures to combat deception cases (22-November-2023)
Following is a question by Dr the Hon Chow Man-kong and a reply by the Secretary for Security, Mr Tang Ping-keung, in the Legislative Council today (November 22).
-
LCQ11: Cybersecurity of government departments and other public organisations (22-November-2023)
Following is a question by the Hon Edward Leung and a written reply by the Secretary for Innovation, Technology and Industry, Professor Sun Dong, in the Legislative Council today (November 22).
-
Resource Centre - Leaflet on "Cyber Safe Travel" (21-November-2023)
Leaflet on "Information Security Guide - Cyber Safe Travel" is now available at the Resource Centre
-
Fraudulent websites, mobile apps and phishing messages related to Octopus Cards Limited (21-November-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Octopus Cards Limited relating to fraudulent websites, mobile apps and phishing messages. The relevant stored value facility (SVF) licensee has reported the case to the HKMA.
-
Phishing emails and fraudulent websites related to Alipay Financial Services (HK) Limited (20-November-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Alipay Financial Services (HK) Limited relating to phishing emails and fraudulent websites. The relevant stored value facility (SVF) licensee has reported the case to the HKMA.
-
2023 Fight Crime Conference concludes successfully (18-November-2023)
The Fight Crime Committee (FCC) today (November 18) held the 2023 Fight Crime Conference at the Central Government Offices with near 500 participants exchanging views on topics relating to law and order and crime-fighting strategies in Hong Kong.
-
Fraudulent website related to Octopus Cards Limited (17-November-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Octopus Cards Limited relating to a fraudulent website.
-
Security Alert (A23-11-16): Multiple Vulnerabilities in Microsoft Edge (17-November-2023)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
Fraudulent social media page related to The Hongkong and Shanghai Banking Corporation Limited (16-November-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to a fraudulent social media page, which has been reported to the HKMA. A hyperlink to the press release is available on the HKMA website.
-
A 27-year-old Female Arrested for Suspected Doxxing of a Pet Seller (16-November-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese female aged 27 in Kowloon. The arrested person was suspected to have disclosed the personal data of a data subject without her consent, in contravention of section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO).
-
Reaching Out to the Community – Privacy Commissioner Interviewed by the RTHK Radio 1’s “HK2000” (16-November-2023)
The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, was interviewed by RTHK Radio 1’s “HK2000” on 15 November to explain the “Hong Kong Enterprise Cyber Security Readiness Index and Privacy Awareness” survey report, and the three initiatives to help organisations enhance their data security launched by the Office of the Privacy Commissioner for Personal Data (PCPD).
-
Security Alert (A23-11-15): Vulnerability in Intel Products (16-November-2023)
Intel has issued a security advisory (INTEL-SA-00950) to address a vulnerability in some Intel processors.
-
Security Alert (A23-11-14): Multiple Vulnerabilities in Fortinet Products (16-November-2023)
Fortinet released security advisories to address multiple vulnerabilities in Fortinet products.
-
Security Alert (A23-11-13): Multiple Vulnerabilities in Cisco Products (16-November-2023)
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
-
LCQ9: Data governance system (15-November-2023)
Following is a question by the Hon Carmen Kan and a written reply by the Secretary for Innovation, Technology and Industry, Professor Sun Dong, in the Legislative Council today (November 15).
-
LCQ14: Combating online and telephone frauds (15-November-2023)
Following is a question by the Hon Kenneth Leung and a written reply by the Secretary for Security, Mr Tang Ping-keung, in the Legislative Council today (November 15).
-
Security Alert (A23-11-12): Multiple Vulnerabilities in Adobe Reader/Acrobat (15-November-2023)
Security updates are released for Adobe Reader and Acrobat to address multiple vulnerabilities.
-
Security Alert (A23-11-11): Multiple Vulnerabilities in Google Chrome (15-November-2023)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
High Threat Security Alert (A23-11-10): Multiple Vulnerabilities in Microsoft Products (November 2023) (15-November-2023)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
-
“Hong Kong Enterprise Cyber Security Readiness Index” Recorded the Largest-Ever Decline in 2023 Actions Required to Bolster Staff Awareness on Cyber Security (14-November-2023)
The Hong Kong Productivity Council Cyber Security (HKPC Cyber Security) and the Office of the Privacy Commissioner for Personal Data, Hong Kong (PCPD) jointly released the results of the “Hong Kong Enterprise Cyber Security Readiness Index and Privacy Awareness” survey report today.
-
InfoSec Tour: “Protect Personal Information and Privacy” (13-November-2023)
An InfoSec Tour, which was jointly organised by OGCIO and RTHK Radio 2, had invited cyber security expert Mr Ben and DJ Miss Lu Ho to share personal experience on protect personal information and privacy. You can now watch the video of the InfoSec Tour through this hyperlink.
-
Privacy Commissioner Publishes an Article on Hong Kong Lawyer (13-November-2023)
The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, published an article entitled “Responsible ‘Sharenting’ for Protecting Children’s Digital Privacy” on Hong Kong Lawyer.
-
Security Alert (A23-11-09): Vulnerability in QNAP Products (13-November-2023)
QNAP has published a security advisory to address a vulnerability in QNAP products.
-
Transport Department alerts public to fraudulent websites of HKeToll (10-November-2023)
The Transport Department (TD) today (November 10) alerted members of the public to the following fraudulent websites that pretend to be HKeToll, which seek to deceive users into making payments and obtain their vehicle registration marks and credit card information.
-
Security Alert (A23-11-08): Multiple Vulnerabilities in Microsoft Edge (10-November-2023)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
GCIO shares strategies on cybersecurity and driving digital-based development in World Internet Conference Wuzhen Summit (9-November-2023)
The Government Chief Information Officer, Mr Tony Wong, attended two forums of the 2023 World Internet Conference Wuzhen Summit in Wuzhen, Zhejiang, today (November 9) and exchanged views with representatives of Government departments, international organisations, enterprises, research institutions and civil societies from all over the world.
-
Security Alert (A23-11-07): Vulnerability in Google Chrome (9-November-2023)
Google released a security update to address a vulnerability in Google Chrome.
-
GCIO shares strategies on cybersecurity and driving digital-based development in World Internet Conference Wuzhen Summit (9-November-2023)
The Government Chief Information Officer, Mr Tony Wong, attended two forums of the 2023 World Internet Conference Wuzhen Summit in Wuzhen, Zhejiang, today (November 9) and exchanged views with representatives of Government departments, international organisations, enterprises, research institutions and civil societies from all over the world.
-
Security Alert (A23-11-07): Vulnerability in Google Chrome (9-November-2023)
Google released a security update to address a vulnerability in Google Chrome.
-
HKIRC網絡研討會 — 各職位如何各司其職加強資料保護及網絡安全事故應變 (Chineses Only) (8-November-2023)
在本次研討會中,HKIRC網絡安全專家將會針對改善上述網絡安全趨勢作分享,包括如何有效提高員工的網絡安全意識,不同職位在工作上的最佳實踐,例如保護企業和客人個人資料安全、授權遙距工作注意事項、網絡安全突發事件如何處理和授權工作注意事項等等,及分享免費資源協助公司提升網絡安全意識。 (Chineses Only)
-
PCPD Publishes 2022-23 Annual Report (8-November-2023)
The 2022-23 Annual Report of the PCPD, themed “Protecting Personal Data Privacy for a Smart Hong Kong”, emphasises the importance of protecting personal data privacy amidst the rapid technological advancement in our society, was tabled in the Legislative Council today.
-
Seminar on “Enhancing Data Security to Prevent Cyber Attacks” (7-November-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) organises this seminar to explain means to enhance cybersecurity and some recommended data security measures, and highlight the key points in preventing and handling data breach incidents. A guest speaker from the Cyber Security and Technology Crime Bureau of the Hong Kong Police Force will also discuss the latest development and trends of cyber threats for enterprises and organisations, using real cybercrime cases as examples.
-
Security Alert (A23-11-06): Multiple Vulnerabilities in Android (7-November-2023)
Google has released Android Security Bulletin November 2023 to fix multiple security vulnerabilities in Android operating system.
-
Raise Public Awareness of Cyber Security: Guard against Risks of Unknown WhatsApp Video Calls (7-November-2023)
With the advancement of technology, cyber security has become an important issue that cannot be ignored in our lives. Cyber-attacks have become increasingly sophisticated. Some citizens have reported to the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) that they have received suspicious WhatsApp video calls from strangers (using area codes such as +62 and +44), claiming to be from the police or banking institutions and even knowing the names of the victims.
-
Enhancing Data Security – Privacy Commissioner’s Office Organises a Seminar on “Enhancing Data Security to Prevent Cyber Attacks” (7-November-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) organised a seminar on “Enhancing Data Security to Prevent Cyber Attacks” in hybrid mode on 7 November, which attracted over 500 participants.
-
Security Alert (A23-11-05): Multiple Vulnerabilities in QNAP Products (6-November-2023)
QNAP has published security advisories to address multiple vulnerabilities in QNAP products.
-
Security Alert (A23-11-04): Multiple Vulnerabilities in Microsoft Edge (6-November-2023)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
Reaching Out to the Community – Privacy Commissioner Interviewed by “Warm Talking” (6-November-2023)
The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, was interviewed by Orange News’ current affairs programme “Warm Talking” to explain the work done by the Office of the Privacy Commissioner for Personal Data (PCPD) on the protection of personal data privacy.
-
Workshop I: Mobile Security Management Workshop (11-November-2023)
The workshop will be conducted in Cantonese. Admission is free by registration.
-
Hong Kong Cyber Security New Generation Capture the Flag (CTF) Challenge 2023 (From 10-November-2023 to 12-November-2023)
The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) and the Hong Kong Productivity Council (HKPC) will jointly organise the “Hong Kong Cyber Security New Generation Capture the Flag (CTF) Challenge 2023” (The Contest) to strengthen the cyber security skills and awareness of the industry and students and encourage problem solving through teamwork, creative thinking and cyber security skills.
-
Seminar on “Enhancing Data Security to Prevent Cyber Attacks” (7-November-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) organises this seminar to explain means to enhance cybersecurity and some recommended data security measures, and highlight the key points in preventing and handling data breach incidents. A guest speaker from the Cyber Security and Technology Crime Bureau of the Hong Kong Police Force will also discuss the latest development and trends of cyber threats for enterprises and organisations, using real cybercrime cases as examples.
-
Navigating the privacy and ethical challenges of generative AI (3-November-2023)
Although gen AI is fast revolutionizing accounting practices, it is worthwhile to address its privacy and ethical challenges. To analyse the privacy risks involved, we may refer to the Data Protection Principles (DPPs) in the Personal Data (Privacy) Ordinance that cover the entire lifecycle of the handling of personal data.
-
High Threat Security Alert (A23-11-03): Vulnerability in Apache ActiveMQ (3-November-2023)
Apache Software Foundation has released a security advisory to address a vulnerability in Apache ActiveMQ.
-
Protecting Critical Infrastructures: IT/OT Convergence vs MITM Attacks (2-November-2023)
As more industrial systems connect to the Internet, there is an increasing prevalence of the convergence of information technology (IT) and operational technology (OT). While the benefits of this convergence are numerous and include increased productivity and efficiency, it also brings new cyber security risks.
-
Security Alert (A23-11-02): Multiple Vulnerabilities in Cisco Products (2-November-2023)
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
-
Reaching Out to Schools – Privacy Commissioner Speaks on the Protection of Students’ Personal Data Privacy and the Doxxing Offence (1-November-2023)
The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, attended the hybrid seminar entitled “Media and Information Literacy Series: Seminar on Understanding the Internet, Social Media and Protection of Personal Data Privacy” co-organised by the Education Bureau and Journalism Education Foundation on 31 October, and gave a presentation to more than 300 primary and secondary school principals and teachers.
-
Security Alert (A23-11-01): Multiple Vulnerabilities in Google Chrome (1-November-2023)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
A 32-year-old Male Arrested for Suspected Doxxing of His Former Classmate (31-October-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 32 in the New Territories. The arrested person was suspected to have disclosed the personal data of a data subject without his consent, in contravention of section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO).
-
Phishing email and fraudulent website related to Alipay Financial Services (HK) Limited (31-October-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Alipay Financial Services (HK) Limited relating to a phishing email and a fraudulent website.
-
High Threat Security Alert (A23-10-28): Vulnerability in F5 BIG-IP (31-October-2023)
F5 has published a security advisory to address a vulnerability in BIG-IP.
-
Fraudulent websites and internet banking login screens related to Bank of China (Hong Kong) Limited (30-October-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.
-
Transport Department alerts public to fraudulent SMS messages of HKeToll (30-October-2023)
The Transport Department (TD) today (October 30) alerted members of the public to fraudulent SMS messages purportedly issued by the HKeToll.
-
Security Alert (A23-10-27): Multiple Vulnerabilities in Microsoft Edge (30-October-2023)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
Reaching Out to Governance Professionals – Assistant Privacy Commissioner Speaks at Practising Governance Annual Conference 2023 (27-October-2023)
The Assistant Privacy Commissioner for Personal Data (Corporate Communications and Compliance) of the Office of the Privacy Commissioner for Personal Data (PCPD), Ms Joyce LAI, attended the Practising Governance Annual Conference 2023 (Conference) on 26 October and gave a presentation entitled “How to Uphold Data Governance Standards in a Data Breach”.
-
Fraudulent websites and internet banking login screens related to Bank of China (Hong Kong) Limited (27-October-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.
-
‘e-Generation Joyful Internet Surfing’ Parent Seminar (1) Decoding Cyberbullying and Home-School Collaborative e-Learning (27-October-2023)
Registered social workers will explain the current Internet culture and the phenomenon of cyberbullying, as well as assisting parents in accompanying their children to tackle the challenges of the online world. A curriculum leader of a primary school will introduce parents to the online resources and tools available, and help parents understand how they can collaborate with schools to assist their children in developing good information literacy and 21st century skills.
-
Privacy Commissioner’s Office Welcomes the Chief Executive’s Policy Address 2023 (26-October-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) welcomes the array of policy initiatives on protecting cybersecurity and promoting digital economy set out in the Chief Executive’s Policy Address.
-
Fraudulent website, mobile application and internet banking login screen related to ZA Bank Limited (26-October-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by ZA Bank Limited relating to a fraudulent website, mobile application (App) and internet banking login screen, which have been reported to the HKMA.
-
Fraudulent websites, internet banking login screens and phishing emails related to Bank of China (Hong Kong) Limited (26-October-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to fraudulent websites, internet banking login screens and phishing emails, which have been reported to the HKMA.
-
Security Alert (A23-10-26): Vulnerability in OpenSSL (26-October-2023)
OpenSSL has released 3.0.12 and 3.1.4 to fix the vulnerability in various versions of OpenSSL.
-
Security Alert (A23-10-25): Multiple Vulnerabilities in Apple iOS and iPadOS (26-October-2023)
Apple has released iOS 15.8, iOS 16.7.2, iOS 17.1, iPadOS 15.8, iPadOS 16.7.2 and iPadOS 17.1 to fix the vulnerabilities in various Apple devices.
-
High Threat Security Alert (A23-10-24): Multiple Vulnerabilities in VMware Products (26-October-2023)
VMware has published a security advisory to address multiple vulnerabilities in VMware products.
-
Phishing emails related to Bank of China (Hong Kong) Limited (25-October-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to phishing emails, which have been reported to the HKMA.
-
Security Alert (A23-10-23): Multiple Vulnerabilities in Firefox (25-October-2023)
Mozilla has published the advisories (MFSA2023-45 and MFSA2023-46) to address multiple vulnerabilities in Firefox browser.
-
Security Alert (A23-10-22): Vulnerability in Google Chrome (25-October-2023)
Google released a security update to address a vulnerability in Google Chrome.
-
Understanding the Mainland Laws – Privacy Commissioner’s Office organises Experience Sharing Session on “Using Standard Contracts for Transferring Personal Information Out of the Mainland” (24-October-2023)
The Office of the Privacy Commissioner for Personal Data organised an Experience Sharing Session entitled “Using Standard Contracts for Transferring Personal Information Out of the Mainland” on 24 October, which attracted more than 110 participants from various sectors, including banking, insurance, government/ public bodies, legal and information technology.
-
Security Alert (A23-10-21): Multiple Vulnerabilities in VMware Products (24-October-2023)
VMware has published security advisories to address multiple vulnerabilities in VMware products.
-
Security Alert (A23-10-20): Multiple Vulnerabilities in Apache HTTP Server (20-October-2023)
The Apache Software Foundation released a security update to address multiple vulnerabilities in the HTTP Server and its modules.
-
Phishing instant messages related to Banque Pictet & Cie SA (20-October-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Banque Pictet & Cie SA relating to phishing instant messages, which have been reported to the HKMA.
-
Data Security Issue concerning Hongkong Post account holders (20-October-2023)
Hongkong Post said today (October 20) that a data security issue involving Hongkong Post account holders was identified.
-
Phishing email, fraudulent websites and mobile apps related to Octopus Cards Limited (19-October-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Octopus Cards Limited relating to a phishing email, fraudulent websites and mobile apps.
-
Security Alert (A23-10-19): Multiple Vulnerabilities in Oracle Java and Oracle Products (October 2023) (18-October-2023)
Oracle has released the Critical Patch Update (CPU) Advisory with collections of patches for multiple security vulnerabilities found in Java SE and various Oracle products.
-
Fraudulent mobile applications related to Chong Hing Bank Limited (18-October-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent mobile applications (Apps), which have been reported to the HKMA.
-
LCQ17: Enhancing cyber security (18-October-2023)
Following is a question by Prof the Hon William Wong and a written reply by the Acting Secretary for Innovation, Technology and Industry, Ms Lillian Cheong, in the Legislative Council today (October 18).
-
Alert to public on suspicious Facebook page named WH Cheuk Fanpage (18-October-2023)
A spokesman for the Deputy Chief Secretary for Administration's Office today (October 18) alerted members of the public to a suspicious Facebook page named "卓永興WH Cheuk Fanpage".
-
Security Alert (A23-10-18): Multiple Vulnerabilities in SonicWall Products (17-October-2023)
SonicWall has released a security advisory to address multiple vulnerabilities in SonicOS which is the operating system for SonicWall firewalls.
-
High Threat Security Alert (A23-10-17): Vulnerability in Cisco IOS XE Software (17-October-2023)
Cisco released a security advisory to address a vulnerability in Cisco IOS XE Software.
-
High Threat Security Alert (A23-10-16): Vulnerability in HTTP/2 protocol (16-October-2023)
A vulnerability (CVE-2023-44487) was found in HTTP/2 protocol.
-
Security Alert (A23-10-15): Multiple Vulnerabilities in QNAP Products (16-October-2023)
QNAP has published security advisories to address multiple vulnerabilities in QNAP products.
-
Security Alert (A23-10-14): Multiple Vulnerabilities in Microsoft Edge (16-October-2023)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
Fraudulent website, mobile application and internet banking login screen related to ZA Bank Limited (16-October-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by ZA Bank Limited relating to a fraudulent website, mobile application (App) and internet banking login screen, which have been reported to the HKMA.
-
Fraudulent websites, phishing emails and phishing messages related to Alipay Financial Services (HK) Limited (13-October-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Alipay Financial Services (HK) Limited relating to fraudulent websites, phishing emails and phishing messages.
-
Fraudulent websites and internet banking login screen related to Dah Sing Bank, Limited (13-October-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Dah Sing Bank, Limited relating to fraudulent websites and an internet banking login screen, which have been reported to the HKMA.
-
Accreditation of two ISO certifications in information security and privacy management bestowed to “iAM Smart” (with photos) (13-October-2023)
The Office of the Government Chief Information Officer (OGCIO) held its 17th Technology Forum at the Hong Kong Productivity Council (HKPC) today (October 13) and announced that the one-stop personalised digital services platform “iAM Smart” has been awarded two ISO certifications.
-
A 24-year-old Chinese Male Arrested for Suspected Doxxing of a Police Officer and his Family Members (12-October-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 24 in Kowloon. The arrested person was suspected to have disclosed the personal data of the victim and his family members without their consent, in contravention of section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO).
-
Security Alert (A23-10-13): Multiple Vulnerabilities in F5 Products (11-October-2023)
F5 has published security advisories to address multiple vulnerabilities in F5 devices.
-
Security Alert (A23-10-12): Multiple Vulnerabilities in Fortinet Products (11-October-2023)
Fortinet released security advisories to address multiple vulnerabilities in Fortinet products.
-
High Security Alert (A23-10-11): Multiple Vulnerabilities in Citrix NetScaler ADC and Citrix NetScaler Gateway (11-October-2023)
Citrix released a security advisory to address multiple vulnerabilities in Citrix NetScaler ADC and Citrix NetScaler Gateway.
-
Security Alert (A23-10-10): Multiple Vulnerabilities in Apache Tomcat (11-October-2023)
The Apache Software Foundation released a security update to address multiple vulnerabilities in the Apache Tomcat.
-
Security Alert (A23-10-09): Multiple Vulnerabilities in Google Chrome (11-October-2023)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
High Threat Security Alert (A23-10-08): Multiple Vulnerabilities in Microsoft Products (October 2023) (11-October-2023)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
-
Police alert public to fraudulent social media account purported to be Commissioner of Police (11-October-2023)
Police today (October 11) appealed to members of the public to heighten vigilance against a fraudulent facebook account set up with the name “Raymond Siu” and a photo of the Commissioner of Police, and emphasised that the incident will be followed up stringently.
-
Data security must be enhanced to foil threats -- Privacy Commissioner's article in China Daily (October 2023) (11-October-2023)
The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, published an article entitled “Data security must be enhanced to foil threats”.
-
“Data Security at the Heart of the Digital World” – Privacy Commissioner’s article contribution at Hong Kong Lawyer (Oct 2023) (10-October-2023)
The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, published an article entitled “Data Security at the Heart of the Digital World” on Hong Kong Lawyer today.
-
InfoSec Tour: “Protect Your Online Identity” (10-October-2023)
An InfoSec Tour, which was jointly organised by OGCIO and RTHK Radio 2, had invited cyber security expert Mr Carey Tsui and Information Security Ambassadors Miss Paula Au and Miss Aeren Man to give useful tips and share personal experience on protection of digital identities. You can now watch the video of the InfoSec Tour through this hyperlink.
-
Security Alert (A23-10-07): Multiple Vulnerabilities in QNAP Products (9-October-2023)
QNAP has published a security advisory to address multiple vulnerabilities in QNAP products.
-
Privacy Commissioner’s Office has Completed the Inspection of the Customers’ Personal Data System of ZA Bank Limited to Ensure Data Security (9-October-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) today published an Inspection Report on the customers’ personal data system of ZA Bank Limited (ZA Bank).
-
Reaching Out to the Community – Privacy Commissioner Interviewed by the Media to Explain WhatsApp Account Hijacking (9-October-2023)
The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, was interviewed by Commercial Radio News’ “News Bulletin”, RTHK Radio 1’s “HK2000” and Commercial Radio 1’s “On a Clear Day” on 5 and 6 October to explain the fraudulent tricks of WhatsApp Account Hijacking.
-
Fraudulent website and phishing message related to Alipay Financial Services (HK) Limited (6-October-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Alipay Financial Services (HK) Limited relating to a fraudulent website and a phishing message.
-
Transport Department alerts public to fraudulent SMS messages purportedly issued by HKeToll (6-October-2023)
The Transport Department (TD) today (October 6) alerted members of the public to fraudulent SMS messages purportedly issued by the HKeToll.
-
Fraudulent websites and mobile applications related to Chong Hing Bank Limited (6-October-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites and mobile applications (Apps), which have been reported to the HKMA.
-
Security Alert (A23-10-06): Vulnerability in Microsoft Edge (5-October-2023)
Microsoft released a security update to address a vulnerability in Microsoft Edge.
-
Security Alert (A23-10-05): Multiple Vulnerabilities in Apple iOS and iPadOS (5-October-2023)
Apple has released iOS 17.0.3 and iPadOS 17.0.3 to fix the vulnerabilities in various Apple devices.
-
Privacy Commissioner’s Office Urges the Public and Organisations to Guard against WhatsApp Account Hijacking (5-October-2023)
In the past month, the Office of the Privacy Commissioner for Personal Data (PCPD) received data breach notifications from a total of five social welfare organisations and schools, reporting that their accounts on the instant messaging application WhatsApp used for communication with service users, students and/or parents of students had been hijacked.
-
Security Alert (A23-10-04): Vulnerability in Linux Operating Systems (4-October-2023)
A local privilege escalation vulnerability is found in the Linux GNU C Library (glibc) version 2.34 while processing an environment variable called GLIBC_TUNABLES.
-
Security Alert (A23-10-03): Vulnerability in Google Chrome (4-October-2023)
Google released a security update to address a vulnerability in Google Chrome.
-
Fraudulent websites and social media pages related to DBS Bank (Hong Kong) Limited (4-October-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to fraudulent websites and social media pages, which have been reported to the HKMA.
-
Security Alert (A23-10-02): Multiple Vulnerabilities in Android (3-October-2023)
Google has released Android Security Bulletin October 2023 to fix multiple security vulnerabilities in Android operating system.
-
High Threat Security Alert (A23-10-01): Multiple Vulnerabilities in Microsoft Edge (3-October-2023)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
Hongkong Post alerts public to fraudulent social media page (3-October-2023)
Hongkong Post today (October 3) alerted members of the public to a fraudulent Facebook page named "HongkongPost - Parcel distribution" purportedly issued by Hongkong Post.
-
High Threat Security Alert (A23-09-23): Vulnerability in Firefox (29-September-2023)
Mozilla has published the advisory (MFSA2023-44) to address a vulnerability in Firefox browser.
-
Raising Public Awareness of Fraud Prevention – Privacy Commissioner’s Office Launches New Anti-fraud Promotional Video (29-September-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) has published a new episode of anti-fraud promotional videos under the theme of “Don’t Hand Over Your Personal Data – Beware of Fraudsters”.
-
High Threat Security Alert (A23-09-22): Multiple Vulnerabilities in Google Chrome (28-September-2023)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
Security Alert (A23-09-21): Multiple Vulnerabilities in Cisco Products (28-September-2023)
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
-
Security Alert (A23-09-20): Multiple Vulnerabilities in Firefox (27-September-2023)
Mozilla has published the advisories (MFSA2023-41 and MFSA2023-42) to address multiple vulnerabilities in Firefox browser.
-
Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (27-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.
-
Fraudulent websites and internet banking login screens related to Bank of China (Hong Kong) Limited (27-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.
-
Fraudulent websites and internet banking login screens related to Livi Bank Limited (26-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Livi Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.
-
Fraudulent websites and internet banking login screens related to Dah Sing Bank, Limited (26-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Dah Sing Bank, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.
-
A 59-year-old Solicitor Arrested for Suspected Doxxing of a Barrister (25-September-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 59 on Hong Kong Island. The arrested person was suspected to have disclosed the personal data of a barrister without his consent, in contravention of section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO).
-
Security Alert (A23-09-19): Multiple Vulnerabilities in QNAP Products (22-September-2023)
QNAP has published security advisories to address multiple vulnerabilities in QNAP products.
-
Security Alert (A23-09-18): Vulnerability in Drupal (22-September-2023)
Drupal has released a security advisory to address a vulnerability in the Drupal products.
-
High Threat Security Alert (A23-09-17): Multiple Vulnerabilities in Apple iOS and iPadOS (22-September-2023)
Apple has released iOS 16.7, iOS 17.0.1, iPadOS 16.7 and iPadOS 17.0.1 to fix the vulnerabilities in various Apple devices.
-
Suspicious websites with unauthorised use of HKMA's logo (22-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to suspicious websites with the domain names hxxps://hkcpex[.]pro/cpex/#/ and hxxps://in-pex[.]com, which use the HKMA’s logo without authorisation.
-
Fraudulent websites and mobile application related to Octopus Cards Limited (22-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Octopus Cards Limited relating to fraudulent websites and mobile application (App).
-
Privacy Commissioner’s Office Recommends Organisations to Strengthen Data Security Measures to Ensure Data Security (22-September-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) noted the successive hacker attacks on the information systems of organisations recently which involved the leakage of personal data.
-
Welcome Remarks by Mr Daniel Cheung, Assistant Government Chief Information Officer (Cyber Security and Digital Identity), at the “Build a Secure Cyberspace 2023 - Protect Your Online Identity” Seminar (Chinese only) (22-September-2023)
Only Chinese version is available for this speech / presentation. Please refer to the Chinese version.
-
Ransomware Trends Q2 2023: Surge in Attacks Across Asia-Pacific, Persistent Multiple Extortion, and Evolving Threat Landscape (22-September-2023)
The evolution of ransomware has significantly affected businesses in recent years. Current trends indicate that ransomware developers are increasingly inclined to employ multiple extortion strategies.
-
Build a Secure Cyberspace 2023 - “Protect Your Online Identity” Seminar and Speech Contest Award Ceremony (22-September-2023)
In this seminar, cyber security experts will give us useful tips and advice on the protection of our digital identities in order to mitigate the damage caused by identity theft.
-
Fraudulent websites and internet banking login screens related to Dah Sing Bank, Limited (21-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Dah Sing Bank, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.
-
Fraudulent websites and internet banking login screens related to Livi Bank Limited (21-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Livi Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.
-
Fraudulent websites, internet banking login screens and phishing emails related to Bank of China (Hong Kong) Limited (21-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to fraudulent websites, internet banking login screens and phishing emails, which have been reported to the HKMA.
-
Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (21-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.
-
Privacy Commissioner’s Office’s Response to Media Enquiries on Data Breach Incident of Consumer Council (21-September-2023)
In response to media enquiries, the Office of the Privacy Commissioner for Personal Data (PCPD) confirmed that it had received a data breach notification from the Consumer Council today (21 September) and has commenced a compliance check into the incident in accordance with established procedures.
-
Security Alert (A23-09-16): Vulnerability in Apache Struts (20-September-2023)
The Apache Software Foundation has released the security bulletins to address the vulnerability in Apache Struts.
-
High Threat Security Alert (A23-09-15): Vulnerability in Trend Micro Products (20-September-2023)
Trend Micro has published a security advisory to address the vulnerability in Apex One and Worry-Free Business Security.
-
High Threat Security Alert (A23-09-14): Multiple Vulnerabilities in Juniper Networks Junos OS (20-September-2023)
Juniper Networks has published a security advisory to address multiple vulnerabilities in Junos OS on Juniper EX Series and SRX Series.
-
Fraudulent instant messages related to Industrial and Commercial Bank of China (Asia) Limited (20-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Industrial and Commercial Bank of China (Asia) Limited relating to fraudulent instant messages, which have been reported to the HKMA.
-
Privacy Commissioner’s Office Publishes an Inspection Report on the Personal Data System of the Registration and Electoral Office (20-September-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) today published an Inspection Report on the personal data system of the Registration and Electoral Office (REO).
-
Fraudulent instant messages related to Industrial and Commercial Bank of China (Asia) Limited (19-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Industrial and Commercial Bank of China (Asia) Limited relating to fraudulent instant messages, which have been reported to the HKMA.
-
Security Alert (A23-09-13): Multiple Vulnerabilities in Google Chrome (18-September-2023)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
High Threat Security Alert (A23-09-12): Multiple Vulnerabilities in Microsoft Edge (18-September-2023)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
Fraudulent website and phishing emails related to Bank of China (Hong Kong) Limited (18-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to a fraudulent website and phishing emails, which have been reported to the HKMA.
-
Privacy Commissioner Publishes an Article entitled “The Privacy and Ethical Risks of Generative AI cannot be Ignored” at OneTrust DataGuidance (18-September-2023)
The Privacy Commissioner for Personal Data (the Privacy Commissioner), Ms Ada CHUNG Lai-ling, published an article entitled “The Privacy and Ethical Risks of Generative AI cannot be Ignored” at OneTrust DataGuidance to discuss the emergence of generative artificial intelligence (AI), while highlighting the privacy and ethical risks that should be considered regarding its use as well as the evolving regulatory landscape of AI.
-
Subject Talk on "New Era of IT": How to Gain Insight to Online Scams, Pitfalls and Avoid Losses? (16-September-2023)
The talk speaker will share valuable experience and uncover the tricks with solid examples on how to caution such traps in order to minimize losses.
-
Welcome Remarks by Mr Daniel Cheung, Assistant Government Chief Information Officer (Cyber Security and Digital Identity), at the “Cybersec Infohub Annual Professional Workshop 2023” (with photos) (Chinese only) (15-September-2023)
Only Chinese version is available for this speech / presentation. Please refer to the Chinese version.
-
Security Alert (A23-09-11): Vulnerability in Fortinet Products (14-September-2023)
Fortinet released a security advisory to address a vulnerability in Fortinet products.
-
Fraudulent websites, internet banking login screens and phishing emails related to Bank of China (Hong Kong) Limited (14-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to fraudulent websites, internet banking login screens and phishing emails, which have been reported to the HKMA.
-
Fraudulent websites and internet banking login screens related to Dah Sing Bank, Limited (14-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Dah Sing Bank, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.
-
Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (14-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.
-
Fraudulent websites and internet banking login screens related to DBS Bank (Hong Kong) Limited (14-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.
-
A 44-year-old Chinese Female Arrested for Doxxing (14-September-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese female aged 44 in Kowloon. The arrested person was suspected to have disclosed the personal data of two data subjects without their consent, in contravention of section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO).
-
High Threat Security Alert (A23-09-10): Vulnerability in Firefox (13-September-2023)
Mozilla has published the advisory (MFSA2023-40) to address a vulnerability in Firefox browser.
-
High Threat Security Alert (A23-09-09): Vulnerability in Adobe Reader/Acrobat (13-September-2023)
Security updates are released for Adobe Reader and Acrobat to address a vulnerability.
-
High Threat Security Alert (A23-09-08): Multiple Vulnerabilities in Microsoft Products (September 2023) (13-September-2023)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
-
International Symposium on Cyber Policing held in Hong Kong (with photos) (13-September-2023)
A three-day International Symposium on Cyber Policing was launched today (September 13) in Hong Kong.
-
Fraudulent websites and internet banking login screens related to Citibank (Hong Kong) Limited (13-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Citibank (Hong Kong) Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.
-
Fraudulent websites and internet banking login screens related to Livi Bank Limited (13-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Livi Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.
-
Fraudulent websites, internet banking login screens and phishing emails related to Bank of China (Hong Kong) Limited (13-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to fraudulent websites, internet banking login screens and phishing emails, which have been reported to the HKMA.
-
Privacy Commissioner's Office Issues 10 Tips for Users of AI Chatbots (13-September-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) noted that according to a local survey, nearly 80% of youngsters in Hong Kong have used generative artificial intelligence (AI) tools such as ChatGPT.
-
Response of the Privacy Commissioner’s Office on the Cyberport’s Data Breach Incident (13-September-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) received a data breach notification from Cyberport on 18 August and has commenced a compliance check into the incident in accordance with established procedures. The PCPD has advised the relevant organisation to notify the affected data subjects as soon as possible, and is not in a position to disclose further information at this stage.
-
High Threat Security Alert (A23-09-07): Vulnerability in Google Chrome (12-September-2023)
Google released a security update to address a vulnerability in Google Chrome.
-
Fraudulent website related to Octopus Cards Limited (12-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Octopus Cards Limited relating to a fraudulent website.
-
Fraudulent websites and social media pages related to DBS Bank (Hong Kong) Limited (12-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to fraudulent websites and social media pages, which have been reported to the HKMA.
-
Fraudulent websites, internet banking login screens and phishing emails related to Bank of China (Hong Kong) Limited (12-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to fraudulent websites, internet banking login screens and phishing emails, which have been reported to the HKMA.
-
Fraudulent social media accounts related to Hang Seng Bank, Limited (12-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited relating to fraudulent social media accounts, which have been reported to the HKMA.
-
HKMA publishes joint report on Project Sela (with photos) (12-September-2023)
The Hong Kong Monetary Authority (HKMA), together with the Bank of Israel (BOI) and the Bank for International Settlements Innovation Hub (BISIH) Hong Kong Centre published a joint report, titled "Project Sela – An accessible and secure retail CBDC ecosystem", at a report launch conference hosted by the BOI in Tel Aviv on September 12 (Tel Aviv time).
-
Cyber Security Summit Hong Kong 2023 (From 11-September-2023 to 12-September-2023)
Jointly organised by the Hong Kong Productivity Council and leading information security organisations in Hong Kong, the free-of-charge event themed "Securing Enterprises to Prepare for the Post Quantum & AI World" will focus on how enterprises can integrate their security under the cyber security challenges, and secure the enterprise in the emerging AI world.
-
Security Alert (A23-09-06): Multiple Vulnerabilities in Microsoft Edge (11-September-2023)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
High Threat Security Alert (A23-09-05): Multiple Vulnerabilities in Apple iOS and iPadOS (11-September-2023)
Apple has released iOS 15.7.9, iOS 16.6.1, iPadOS 15.7.9 and iPadOS 16.6.1 to fix the vulnerabilities in various Apple devices.
-
Fraudulent websites and internet banking login screens related to DBS Bank (Hong Kong) Limited (11-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.
-
Fraudulent websites, internet banking login screens and phishing emails related to Bank of China (Hong Kong) Limited (11-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to fraudulent websites, internet banking login screens and phishing emails, which have been reported to the HKMA.
-
Fraudulent websites and internet banking login screens related to Livi Bank Limited (11-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Livi Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.
-
“Cyber Security Summit Hong Kong 2023” Worldwide Assembly of Experts Convene to Tackle Cyber Security Challenges Securing Enterprises to Prepare for the Post Quantum & AI World (11-September-2023)
The “Information Security Summit”, jointly organised by the Hong Kong Productivity Council Cyber Security (HKPC Cyber Security) and the cyber security industry in Hong Kong, celebrates its 20th Anniversary and officially rebrands its name to "Cyber Security Summit Hong Kong".
-
Presentation by Ir Tony Wong, JP, Government Chief Information Officer, at the “Cybersecurity Summit of the Guangdong Cybersecurity Week” (with photos) (Chinese only) (11-September-2023)
Only Chinese version is available for this speech / presentation. Please refer to the Chinese version.
-
Hong Kong cybersecurity industry delegation attends Guangdong Cybersecurity Week 2023 (with photos) (11-September-2023)
The Government Chief Information Officer, Mr Tony Wong, today (September 11) led a delegation of Hong Kong's cybersecurity industry to attend the Guangdong Cybersecurity Week 2023 and Cybersecurity Expo in Guangzhou for two consecutive days in support of the annual China Cybersecurity Week and to exchange views on technologies and the latest developments in cybersecurity of Hong Kong and Guangdong.
-
Opening address by Acting SITI at Opening Ceremony of Cyber Security Summit 2023 (English only) (11-September-2023)
Following is the opening address by the Acting Secretary for Innovation, Technology and Industry, Ms Lillian Cheong, at the Opening Ceremony of the Cyber Security Summit 2023 today (September 11).
-
Security Alert (A23-09-04): Multiple Vulnerabilities in Cisco Products (7-September-2023)
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
-
Fraudulent website and phishing emails related to Hang Seng Bank, Limited (7-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited relating to a fraudulent website and phishing emails, which have been reported to the HKMA.
-
Fraudulent websites and internet banking login screens related to DBS Bank (Hong Kong) Limited (7-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.
-
A 44-year-old Chinese Male Arrested for a Suspected Doxxing of Former Business Partners (7-September-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 44 in the New Territories. The arrested person was suspected to have disclosed the personal data of two data subjects without their consents, in contravention of section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO).
-
Security Alert (A23-09-03): Multiple Vulnerabilities in Google Chrome (6-September-2023)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
Security Alert (A23-09-02): Multiple Vulnerabilities in Android (6-September-2023)
Google has released Android Security Bulletin September 2023 to fix multiple security vulnerabilities in Android operating system.
-
Fraudulent website and internet banking login screen related to Livi Bank Limited (6-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Livi Bank Limited relating to a fraudulent website and internet banking login screen, which have been reported to the HKMA.
-
Fraudulent websites, internet banking login screens and phishing emails related to Bank of China (Hong Kong) Limited (6-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to fraudulent websites, internet banking login screens and phishing emails, which have been reported to the HKMA.
-
Privacy Commissioner Publishes an Article entitled “Your personal information is not safe when you shop online” (6-September-2023)
The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, published an article entitled “Your personal information is not safe when you shop online”.
-
HKCERT Alerts the Public on Preventive Measures Against WhatsApp Account Theft (6-September-2023)
Recently, there has been a surge in cyber attack targeting WhatsApp accounts. The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) is closely monitoring recent attacks and has compiled answers and relevant security recommendations.
-
Safeguarding Data Security – Privacy Commissioner’s Office Issues Pamphlet on Data Breach Handling and Data Breach Notifications (5-September-2023)
To assist organisations in handling data breaches properly, the Office of the Privacy Commissioner for Personal Data (PCPD) recently published a new “Guidance on Data Breach Handling and Data Breach Notifications” and reinforces it by issuing a pamphlet on the Guidance (Pamphlet) today.
-
Promoting Data Security – Privacy Commissioner Speaks at the Grand Opening of HKPC’s “Smart & Secure City Hall” Exhibition (5-September-2023)
The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, attended the Grand Opening of the “Smart & Secure City Hall” exhibition launched by the Hong Kong Productivity Council (the “HKPC”) on 4 September 2023.
-
Security Alert (A23-09-01): Vulnerability in Microsoft Edge (4-September-2023)
Microsoft released a security update to address a vulnerability in Microsoft Edge.
-
Fraudulent websites and phishing emails related to Octopus Cards Limited (4-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Octopus Cards Limited relating to fraudulent websites and phishing emails.
-
Phishing instant messages related to Airstar Bank Limited (4-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Airstar Bank Limited relating to phishing instant messages, which have been reported to the HKMA.
-
Fraudulent websites, internet banking login screens and phishing emails related to Bank of China (Hong Kong) Limited (4-September-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to fraudulent websites, internet banking login screens and phishing emails, which have been reported to the HKMA.
-
Privacy Commissioner’s Office Organisesthe “Privacy-Friendly Awards 2023” Presentation Ceremony 138 Award-winning Organisations Supportthe Implementation of Privacy Management Programme (4-September-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) held the “Privacy-Friendly Awards 2023” (Awards) Presentation Ceremony last Thursday (31 August) to recognise the commitment and performance in protecting personal data privacy of 138 organisations, including public and private organisations as well as government departments.
-
HKPC Cyber Security Launches “Smart & Secure City Hall” To Raise Enterprises’ and Public Awareness of Cyber Security and Contribute Towards Hong Kong Becoming an International Innovation and Technology Centre and a Smart City (4-September-2023)
Hong Kong Productivity Council Cyber Security (HKPC Cyber Security) launched “Smart & Secure City Hall” (the Hall) today to showcase various application solutions of cyber security, Internet of Things (IoT), multi-cloud, connected vehicles and smartphone security, privacy protection of personal data, and security surveillance, etc.
-
Fraudulent website related to OCBC Bank (Hong Kong) Limited (31-August-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by OCBC Bank (Hong Kong) Limited relating to a fraudulent website, which has been reported to the HKMA.
-
Fraudulent websites and phishing emails related to Citibank (Hong Kong) Limited (31-August-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Citibank (Hong Kong) Limited relating to fraudulent websites and phishing emails, which have been reported to the HKMA.
-
Fraudulent websites, internet banking login screens and phishing emails related to Bank of China (Hong Kong) Limited (31-August-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to fraudulent websites, internet banking login screens and phishing emails, which have been reported to the HKMA.
-
Security Alert (A23-08-20): Vulnerability in Google Chrome (30-August-2023)
Google released a security update to address a vulnerability in Google Chrome.
-
Security Alert (A23-08-19): Multiple Vulnerabilities in Firefox (30-August-2023)
Mozilla has published the advisories (MFSA2023-34, MFSA2023-35 and MFSA2023-36) to address multiple vulnerabilities in Firefox browser.
-
A 36-year-old Chinese Male Arrested for Doxxing his Friend (29-August-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 36 on Hong Kong Island. The arrested person was suspected to have disclosed the personal data of a friend of him without her consent, in contravention of section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO).
-
Security Alert (A23-08-18): Multiple Vulnerabilities in Microsoft Edge (28-August-2023)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
Security Alert (A23-08-17): Vulnerability in Apache Tomcat (28-August-2023)
The Apache Software Foundation released a security update to address a vulnerability in the Apache Tomcat.
-
Transport Department alerts public to fraudulent SMS message purportedly issued by HKeToll (28-August-2023)
The Transport Department (TD) today (August 28) alerted members of the public to a fraudulent SMS message purportedly issued by the HKeToll.
-
Fraudulent website related to Bank Julius Baer & Co. Ltd. (28-August-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank Julius Baer & Co. Ltd. relating to a fraudulent website, which has been reported to the HKMA.
-
Security Alert (A23-08-16): Multiple Vulnerabilities in QNAP Products (25-August-2023)
QNAP has published security advisories to address multiple vulnerabilities in QNAP products.
-
Data Scraping on Social Media Raises Concerns The PCPD, together with Other Privacy Protection Authorities,Promulgates Global Privacy Protection Expectations and Principlesto Social Media Platforms (25-August-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD), together with eleven privacy or data protection authorities from Argentina, Australia, Canada, Colombia, Jersey, Mexico, Morocco, New Zealand, Norway, Switzerland and the United Kingdom, issued a joint statement today to social media platforms and other websites that host publicly accessible personal data about global expectations on privacy protection.
-
Security Alert (A23-08-15): Multiple Vulnerabilities in Cisco Products (24-August-2023)
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
-
Fraudulent websites, internet banking login screens and phishing emails related to Citibank (Hong Kong) Limited (24-August-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Citibank (Hong Kong) Limited relating to fraudulent websites, internet banking login screens and phishing emails, which have been reported to the HKMA.
-
Fraudulent website and phishing emails related to Hang Seng Bank, Limited (24-August-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited relating to a fraudulent website and phishing emails, which have been reported to the HKMA.
-
Security Alert (A23-08-14): Vulnerability in WinRAR (23-August-2023)
RARLAB has released a security update to fix a vulnerability in WinRAR.
-
Security Alert (A23-08-13): Multiple Vulnerabilities in Google Chrome (23-August-2023)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
Transport Department alerts public to fraudulent SMS message of HKeToll (23-August-2023)
The Transport Department (TD) today (August 23) alerted members of the public to fraudulent SMS message purportedly issued by the HKeToll.
-
Fraudulent website, internet banking login screen and mobile application related to ZA Bank Limited (23-August-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by ZA Bank Limited relating to a fraudulent website, internet banking login screen and mobile application (App), which have been reported to the HKMA.
-
Security Alert (A23-08-12): Multiple Vulnerabilities in Microsoft Edge (22-August-2023)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
Fraudulent websites and phishing emails related to The Hongkong and Shanghai Banking Corporation Limited (21-August-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to fraudulent websites and phishing emails, which have been reported to the HKMA.
-
Comprehensive Guide to Social Media Scams: Setting up Defense to Safeguard Your Personal Information (18-August-2023)
Social media has become a necessary part of people's daily lives, but it has also attracted the attention of unscrupulous individuals. The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) will delve into how to more effectively curb online fraudulent activities and provide some social media settings to reduce the opportunities for others to access users' personal information.
-
Security Alert (A23-08-11): Multiple Vulnerabilities in Cisco Products (17-August-2023)
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
-
Fraudulent website related to Chong Hing Bank Limited (17-August-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to a fraudulent website, which has been reported to the HKMA.
-
Fraudulent website and social media page related to Dah Sing Bank, Limited (17-August-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Dah Sing Bank, Limited relating to a fraudulent website and social media page, which have been reported to the HKMA.
-
Enhancing Awareness to Prevent Fraud – Privacy Commissioner’s Office Launches the Second Episode of Anti-fraud Promotional Video (17-August-2023)
To raise public awareness of the prevention of fraud, the Office of the Privacy Commissioner for Personal Data (PCPD) has launched another short video under the theme of “Don’t Hand Over Your Personal Data – Beware of Fraudsters”.
-
Security Alert (A23-08-10): Multiple Vulnerabilities in Google Chrome (16-August-2023)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
Introducing the New HKCERT “All-Out Anti-Phishing” Thematic Page (16-August-2023)
Noticing that hackers are deploying phishing through various means, including email, social media and SMS, phishing attacks have become an increasingly threatening major cyber security threat in Hong Kong.
-
Fraudulent website and social media page related to Dah Sing Bank, Limited (14-August-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Dah Sing Bank, Limited relating to a fraudulent website and social media page, which have been reported to the HKMA.
-
Fraudulent mobile application related to CMB Wing Lung Bank Limited (14-August-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by CMB Wing Lung Bank Limited relating to a fraudulent mobile application (App), which has been reported to the HKMA.
-
Security Alert (A23-08-09): Vulnerability in Fortinet FortiOS (10-August-2023)
Fortinet released a security advisory to address a vulnerability in Fortinet FortiOS.
-
Security Alert (A23-08-08): Multiple Vulnerabilities in Adobe Reader/Acrobat (10-August-2023)
Security updates are released for Adobe Reader and Acrobat to address multiple vulnerabilities.
-
High Threat Security Alert (A23-08-07): Multiple Vulnerabilities in Microsoft Products (August 2023) (10-August-2023)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
-
Fraudulent website and mobile application related to Chong Hing Bank Limited (10-August-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to a fraudulent website and mobile application (App), which have been reported to the HKMA.
-
Fraudulent website related to Bank Julius Baer & Co. Ltd. (10-August-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank Julius Baer & Co. Ltd. relating to a fraudulent website, which has been reported to the HKMA.
-
A 28-year-old Chinese Female Arrested for Suspected Doxxing Offence Relating to Emotional Entanglements (10-August-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese female aged 28 in the New Territories. The arrested person was suspected to have disclosed the personal data of her ex-boyfriend without his consent, in contravention of section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO).
-
Police Anti-Deception Coordination Centre launches territory-wide publicity campaign against scams (with photos) (9-August-2023)
Police Anti-Deception Coordination Centre (ADCC) of the Commercial Crime Bureau launched a new wave of territory-wide publicity campaign against phishing scams today (August 9), and together with the Office of the Communications Authority (OFCA), explained trends in such scams and combating measures.
-
Fraudulent websites related to Chong Hing Bank Limited (9-August-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites, which have been reported to the HKMA.
-
Security Alert (A23-08-06): Multiple Vulnerabilities in Microsoft Edge (8-August-2023)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
Security Alert (A23-08-05): Multiple Vulnerabilities in Android (8-August-2023)
Google has released Android Security Bulletin August 2023 to fix multiple security vulnerabilities in Android operating system.
-
DH alerts public to fake organ donation social media page (8-August-2023)
The Department of Health (DH) today (August 8) alerted members of the public to a suspected fake Facebook page named "器官捐贈在香港 Organ Donation at-HK", which is also suspected of fraudulently using the DH's butterfly logo symbolising organ donation in the page's profile picture.
-
Fraudulent websites and social media page related to DBS Bank (Hong Kong) Limited (8-August-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to fraudulent websites and a social media page, which have been reported to the HKMA.
-
Hongkong Post alerts public to fraudulent websites (8-August-2023)
Hongkong Post reminds members of the public to be alert to the recent new fraudulent websites purported to be from Hongkong Post.
-
Security Alert (A23-08-04): Multiple Vulnerabilities in VMware Horizon Server (7-August-2023)
VMware has published a security advisory to address multiple vulnerabilities in VMware Horizon Server.
-
Public urged to stay alert to emails purported to be issued by SCED office (3-August-2023)
A spokesman for the Commerce and Economic Development Bureau today (August 3) appealed to members of the public to stay alert to fraudulent emails purported to be issued by the office of the Secretary for Commerce and Economic Development (SCED). The spokesman said that the emails, containing a suspected link to a malicious file, falsely claim to be issued following the instructions of the SCED.
-
Think Twice before “Sharenting” Privacy Commissioner’s Office Publishes a Pamphlet on Sharenting Dos and Don’ts (3-August-2023)
Amidst the summer vacation and the popularity for parents to share their children’s daily lives on social media platforms (also known as “sharenting”, a portmanteau of “sharing” and “parenting”), the Office of the Privacy Commissioner for Personal Data (PCPD) published a pamphlet entitled “Sharenting Dos and Don’ts” today, which provides some tips for parents before they publish any post about their children online.
-
Privacy Commissioner’s Office Issues Updated Guidance on Election Activities for Candidates, Government Departments, Public Opinion Research organisations and Members of the Public (3-August-2023)
In light of the upcoming District Council election to be held in December 2023, the Office of the Privacy Commissioner for Personal Data (PCPD) updated the “Guidance on Election Activities for Candidates, Government Departments, Public Opinion Research Organisations and Members of the Public” (the Guidance). The main revisions concern the new criminal doxxing provisions under sections 64(3A) and (3C) of the PDPO, which are applicable to the personal data of electors retained in the registers of electors (please see paragraph 3.10 of the Guidance for details).
-
Security Alert (A23-08-03): Multiple Vulnerabilities in Cisco Products (3-August-2023)
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
-
Security Alert (A23-08-02): Multiple Vulnerabilities in Google Chrome (3-August-2023)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
Security Alert (A23-08-01): Multiple Vulnerabilities in Firefox (2-August-2023)
Mozilla has published the advisories (MFSA2023-29, MFSA2023-30 and MFSA2023-31) to address multiple vulnerabilities in Firefox browser.
-
HKIRC and HKPF co-organised Ethical Phishing Email Campaign 2023 (Chinese Only) (2-August-2023)
Please refer to the Chinese version.
-
Inland Revenue Department alerts public to fraudulent emails (1-August-2023)
The Inland Revenue Department today (August 1) alerted members of the public to fraudulent emails purportedly issued by the department, which invite recipients to claim tax refunds. Each email provides a hyperlink to a website which seeks to obtain the recipient's personal particulars and credit card information.
-
Cybersec Training Hub trains SMEs to cope with cyber security threats (Chinese Only) (1-August-2023)
Please refer to the Chinese version.
-
Phishing emails related to The Hongkong and Shanghai Banking Corporation Limited (31-July-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to phishing emails, which have been reported to the HKMA.
-
Fraudulent website related to Bank of China (Hong Kong) Limited (31-July-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to a fraudulent website, which has been reported to the HKMA.
-
Security Alert (A23-07-24): Vulnerability in QNAP Products (31-July-2023)
QNAP has published a security advisory to address a vulnerability in QNAP products.
-
High Threat Security Alert (A23-07-23): Vulnerability in Ivanti Endpoint Manager Mobile (MobileIron Core) (31-July-2023)
Ivanti has published a security advisory to address a vulnerability in Ivanti Endpoint Manager Mobile.
-
PISA Annual Event: PISA Jam 2023 (29-July-2023)
It is PISA’s annual event focusing on cybersecurity for a day of informative sessions and engaging activities designed to enhance participants’ understanding of the latest trends, threats and solutions in the field, from expert speakers to hands-on workshops.
-
Fraudulent website related to Bank Julius Baer & Co. Ltd. (28-July-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank Julius Baer & Co. Ltd. relating to a fraudulent website, which has been reported to the HKMA.
-
Department of Justice alerts public to fraudulent email (28-July-2023)
The Department of Justice today (July 28) appealed to members of the public to stay alert to a fraudulent email claimed to have been sent by "Lee Man-Chun, Personal Assistant to Paul Lam". The email, containing a suspected link to a malicious file, falsely claims to be issued following the instructions of the Secretary for Justice.
-
Enhancing Data Security – Privacy Commissioner’s Office Organises a Seminar on “Cybersecurity in Web 3.0 and Data Breach Handling” (28-July-2023)
To promote and enhance data security, the Office of the Privacy Commissioner for Personal Data (PCPD) organised a seminar on “Cybersecurity in Web 3.0 and Data Breach Handling” in hybrid mode on 27 July.
-
A 41-year-old Chinese Male Arrested for Posting a Doxxing Message (27-July-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 41 in the New Territories. The arrested person was suspected to have disclosed the personal data of the victim without his consent, in contravention of section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO).
-
Fraudulent mobile application related to Ping An OneConnect Bank (Hong Kong) Limited (27-July-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Ping An OneConnect Bank (Hong Kong) Limited relating to a fraudulent mobile application (App), which has been reported to the HKMA.
-
Security Blog: Improve cyber resilience with enhanced threat detection and response (26-July-2023)
The hostile and interconnected cyberspace nowadays require a transition from a passive defence approach to an active one by adopting an “assume-breach” model.
-
High Threat Security Alert (A23-07-22): Vulnerability in Ivanti Endpoint Manager Mobile (MobileIron Core) (26-July-2023)
Ivanti has published a security advisory to address a vulnerability in Ivanti Endpoint Manager Mobile.
-
Fraudulent website related to China CITIC Bank International Limited (26-July-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited relating to a fraudulent website, which has been reported to the HKMA.
-
Department of Justice alerts public to fraudulent email (25-July-2023)
The Department of Justice today (July 25) appealed to members of the public to stay alert to a fraudulent email claimed to have been sent by "Cheung Kwok-kwan" under a forged email account "cheung.kwok@hkland[.]com".
-
Security Alert (A23-07-21): Vulnerability in OpenSSH (25-July-2023)
OpenSSH has released 9.3p2 to fix a vulnerability in various versions of OpenSSH.
-
High Threat Security Alert (A23-07-20): Multiple Vulnerabilities in Apple Products (25-July-2023)
Apple has released security updates to fix the vulnerabilities in macOS and Safari.
-
High Threat Security Alert (A23-07-19): Multiple Vulnerabilities in Apple iOS and iPadOS (25-July-2023)
Apple has released iOS 15.7.8, iOS 16.6, iPadOS 15.7.8 and iPadOS 16.6 to fix the vulnerabilities in various Apple devices.
-
Security Alert (A23-07-18): Multiple Vulnerabilities in Microsoft Edge (24-July-2023)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
HKMA issues alert regarding specific website (21-July-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public in Hong Kong that Hocomban International Finance Limited as referred to on the website (https://hifinltd[.]com/) does not have the authorization of the Monetary Authority (MA) under the Banking Ordinance (the Ordinance) to carry on banking business, or the business of taking deposits.
-
Fraudulent website and phishing message related to Alipay Financial Services (HK) Limited (21-July-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Alipay Financial Services (HK) Limited relating to a fraudulent website and a phishing message.
-
Fraudulent mobile application related to Ping An OneConnect Bank (Hong Kong) Limited (20-July-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Ping An OneConnect Bank (Hong Kong) Limited relating to a fraudulent mobile application (App), which has been reported to the HKMA.
-
Security Alert (A23-07-17): Multiple Vulnerabilities in Cisco Products (20-July-2023)
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
-
Fraudulent website related to Bank of Singapore Limited (19-July-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited relating to a fraudulent website, which has been reported to the HKMA.
-
Unauthorised mobile application related to Ping An Bank Co., Ltd. (19-July-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Ping An Bank Co., Ltd. relating to an unauthorised mobile application (App), which has been reported to the HKMA.
-
Fraudulent website related to Octopus Cards Limited (19-July-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Octopus Cards Limited relating to a fraudulent website.
-
Security Alert (A23-07-16): Multiple Vulnerabilities in Oracle Java and Oracle Products (July 2023) (19-July-2023)
Oracle has released the Critical Patch Update (CPU) Advisory with collections of patches for multiple security vulnerabilities found in Java SE and various Oracle products.
-
Security Alert (A23-07-15): Multiple Vulnerabilities in Google Chrome (19-July-2023)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
High Threat Security Alert (A23-07-14): Multiple Vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway (19-July-2023)
Citrix released a security advisory to address multiple vulnerabilities in Citrix NetScaler ADC and Citrix NetScaler Gateway.
-
Fraudulent websites and phishing emails related to Citibank (Hong Kong) Limited (18-July-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Citibank (Hong Kong) Limited relating to fraudulent websites and phishing emails, which have been reported to the HKMA.
-
Fraudulent website and internet banking login screen related to Bank of China (Hong Kong) Limited (18-July-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.
-
A 47-year-old Chinese Male Arrested for a Suspected Doxxing Offence Relating to Monetary Disputes (18-July-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 47 in the New Territories. The arrested person was suspected to have disclosed the personal data of a former co-worker without his consent, in contravention of section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO).
-
Build a Secure Cyberspace 2023 - “Protect Your Online Identity” Speech Contest (From 18-April-2023 to 15-July-2023)
The “Protect Your Online Identity” Speech Contest (the Contest) jointly organised by the Office of the Government Chief Information Officer, the Hong Kong Police Force and the Hong Kong Computer Emergency Response Team Coordination Centre aims to remind the general public to safeguard their digital identities when using the Internet, and to protect personal and sensitive information to prevent exploitation by fraudsters, through relaxing and witty speeches.
-
‘Joyful Net Surfing with e-Generation’ Parent Seminar (5): Distinguishing the Authenticity of Internet Information and Making Wise Use of e-Reading Resource (15-July-2023)
In this seminar, a representative from the Hong Kong Press Council will explain the characteristics of false information and provide strategies for verifying information, to help parents cultivate their children’s critical thinking skills. A librarian from the Hong Kong Central Library will also introduce reliable and diverse e-reading resources to parents, allowing them to cultivate regular reading habits together with their children.
-
Fraudulent social media page related to DBS Bank (Hong Kong) Limited (14-July-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to a fraudulent social media page, which has been reported to the HKMA.
-
Phishing emails related to Citibank (Hong Kong) Limited (14-July-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Citibank (Hong Kong) Limited relating to phishing emails, which have been reported to the HKMA.
-
Security Alert (A23-07-13): Multiple Vulnerabilities in Microsoft Edge (14-July-2023)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
Phishing emails related to Bank of China (Hong Kong) Limited (13-July-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to phishing emails, which have been reported to the HKMA.
-
Security Alert (A23-07-12): Vulnerability in Cisco SD-WAN vManage (13-July-2023)
Cisco released a security advisory to address a vulnerability in Cisco SD-WAN vManage.
-
Security Alert (A23-07-11): Multiple Vulnerabilities in SonicWall Products (13-July-2023)
SonicWall has released a security advisory to address multiple vulnerabilities in SonicWall Analytics and GMS products.
-
Security Alert (A23-07-10): Multiple Vulnerabilities in Citrix Secure Access Client (12-July-2023)
Citrix released security advisories to address multiple vulnerabilities in Citrix Secure Access Client.
-
Security Alert (A23-07-09): Vulnerability in Firefox (12-July-2023)
Mozilla has published the advisory (MFSA2023-26) to address a vulnerability in Firefox browser.
-
High Threat Security Alert (A23-07-08): Multiple Vulnerabilities in Fortinet Products (12-July-2023)
Fortinet released security advisories to address multiple vulnerabilities in Fortinet products.
-
High Threat Security Alert (A23-07-07): Multiple Vulnerabilities in Microsoft Products (July 2023) (12-July-2023)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
-
LCQ17: Combating crimes involving fraudulent messages (12-July-2023)
Following is a question by the Hon Gary Zhang and a written reply by the Acting Secretary for Commerce and Economic Development, Dr Bernard Chan, in the Legislative Council today (July 12).
-
High Threat Security Alert (A23-07-06): Vulnerability in Apple Products (11-July-2023)
Apple has released security updates to fix a vulnerability in macOS and Safari.
-
Department of Justice alerts public to fraudulent email (11-July-2023)
The Department of Justice today (July 11) appealed to members of the public to stay alert to a fraudulent email claimed to have been sent by "HK Department of Justice" under a forged email account "secretaryofjustice@hk01[.]com".
-
A 58-year-old Chinese Female Arrested for a Suspected Doxxing of a Staff of a Real Estate Agency (11-July-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese female aged 58 in Kowloon. The arrested person was suspected to have disclosed the personal data of a staff of a real estate agency without her consent, in contravention of section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO).
-
Fraudulent website and internet banking login screen related to The Hongkong and Shanghai Banking Corporation Limited (10-July-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.
-
Greater Bay Area Youth AI & Cybersec Challenge (8-July-2023)
AiTLE and CSTCB jointly organised Greater Bay Area Youth AI & Cybersec Challenge this year.
-
Security Alert (A23-07-05): Multiple Vulnerabilities in Android (7-July-2023)
Google has released Android Security Bulletin July 2023 to fix multiple security vulnerabilities in Android operating system.
-
Security Alert (A23-07-04): Vulnerability in Linux Operating Systems (7-July-2023)
A local privilege escalation vulnerability is found in the Linux kernel 6.1 through 6.4.
-
Security Alert (A23-07-03): Vulnerability in VMware SD-WAN Edge (7-July-2023)
VMware has published a security advisory to address a vulnerability in VMware SD-WAN Edge.
-
HKIRC x APNIC Network Security Workshop (From 6-July-2023 to 7-July-2023)
The purpose of this workshop is to examine key concepts, protocols, policies and practices to protect data and assets from potential attacks or misuse, targeting network managers and operators, engineers and policy makers interested in cybersecurity and gaining an understanding of security operations.
-
Fraudulent mobile application (App) related to Ping An OneConnect Bank (Hong Kong) Limited (6-July-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Ping An OneConnect Bank (Hong Kong) Limited relating to a fraudulent App, which has been reported to the HKMA.
-
Security Alert (A23-07-02) Multiple Vulnerabilities in Cisco Products (6-July-2023)
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
-
LCQ6: Building strong digital security barrier (5-July-2023)
Following is a question by the Hon Duncan Chiu and a reply by the Secretary for Innovation, Technology and Industry, Professor Sun Dong, in the Legislative Council today (July 5).
-
LCQ13: Deception cases on social media platforms (5-July-2023)
Following is a question by Prof the Hon William Wong and a written reply by the Secretary for Security, Mr Tang Ping-keung, in the Legislative Council today (July 5).
-
Fraudulent website related to Citibank (Hong Kong) Limited (5-July-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Citibank (Hong Kong) Limited relating to a fraudulent website, which has been reported to the HKMA.
-
Fraudulent website and internet banking login screen related to Fubon Bank (Hong Kong) Limited (5-July-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Fubon Bank (Hong Kong) Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.
-
Security Alert (A23-07-01): Multiple Vulnerabilities in Firefox (5-July-2023)
Mozilla has published the advisories (MFSA2023-22 and MFSA2023-23) to address multiple vulnerabilities in Firefox browser.
-
APAC DNS Forum 2023 (From 4-July-2023 to 5-July-2023)
In addition to the technical topics such as cybersecurity and emerging technologies, the Forum will cover industry trends and business opportunities of the DNS industry.
-
Web 3.0 Cyber Security New Horizons: Strategies and Practices for Addressing Digital Age Challenges (3-July-2023)
This article will briefly introduce what Web 3.0 is, the potential cyber security risks of Web 3.0, and information security recommendations.
-
Privacy Commissioner’s Office Issues New Guidance on Data Breach Handling and Data Breach Notifications To Safeguard Data Security (30-June-2023)
The PCPD today issued a new “Guidance on Data Breach Handling and Data Breach Notifications” (the Guidance) to assist organisations in preparing themselves in the event a data breach occurs.
-
Fraudulent website related to China CITIC Bank International Limited (30-June-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited relating to a fraudulent website, which has been reported to the HKMA.
-
Security Alert (A23-06-22): Multiple Vulnerabilities in Microsoft Edge (30-June-2023)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
Anti-Scam Consumer Protection Charter (29-June-2023)
The Hong Kong Monetary Authority (HKMA) announced today (June 29), in collaboration with the Hong Kong Association of Banks (HKAB), the launch of the Anti-Scam Consumer Protection Charter (Charter) to enhance public awareness of safeguarding credit card and personal information.
-
CSA HKM Knowledge Sharing Event – June 2023 (29-June-2023)
The Knowledge Sharing Event in June will discuss the nature of cloud environments, use cases for cloud computing, and best practices for security.
-
Fraudulent website related to Chong Hing Bank Limited (28-June-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to a fraudulent website, which has been reported to the HKMA.
-
Speech by Ir Tony Wong, JP, Government Chief Information Officer, at the “ai x M Conference Series : The Ultimate Guide to Generative AI for Marketing” (Chinese only) (27-June-2023)
Please refer to the Chinese version.
-
A 39-year-old Chinese Female Arrested for a Suspected Doxxing Offence Relating to Emotional Entanglements (27-June-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese female aged 39 in Kowloon. The arrested person was suspected to have disclosed the personal data of a data subject without her consent, in contravention of section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO).
-
Security Alert (A23-06-21) Multiple Vulnerabilities in Google Chrome (27-June-2023)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
“All-Out Anti-Phishing” Moving Showroom Campaign (From 26-June-2023 to 2-July-2023)
The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) of the Hong Kong Productivity Council (HKPC) will hold "All-Out Anti-Phishing" moving showroom campaign, the first session of a week-long event from June 26 to July 2, 2023. Public is welcome to participate.
-
“All-Out Anti-Phishing” Moving Showroom Campaign Collaborates with DinDong to Promote Cyber Security (26-June-2023)
The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) of the Hong Kong Productivity Council (HKPC) will hold the first season of moving showroom promotional campaign themed "All-Out Anti-Phishing” from 26 June to 2 July, to interact with the community in an innovative way using a moving showroom vehicle.
-
High Threat Security Alert (A23-06-20): Multiple Vulnerabilities in Fortinet FortiNAC (26-June-2023)
Fortinet released security advisories to address multiple vulnerabilities in Fortinet FortiNAC.
-
Smart City Roving Exhibition : Smart Government ‧ Smart Outing (25-June-2023)
The Office of the Government Chief Information Officer (OGCIO) is organising the roving exhibition to enable citizens to experience how various smart city initiatives in Hong Kong can bring convenience to their daily life through the adoption of technology.
-
Fraudulent websites, internet banking login screens and phishing emails related to The Hongkong and Shanghai Banking Corporation Limited (23-June-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to fraudulent websites, internet banking login screens and phishing emails.
-
Security Alert (A23-06-19): Vulnerabilities in VMware Products (23-June-2023)
VMware has published a security advisory to address multiple vulnerabilities in VMware products.
-
Security Alert (A23-06-18): Multiple Vulnerabilities in Cisco Products (23-June-2023)
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
-
Security Alert (A23-06-17): Vulnerability in Apache Tomcat (23-June-2023)
The Apache Software Foundation released a security update to address a vulnerability in the Apache Tomcat.
-
High Threat Security Alert (A23-06-16): Multiple Vulnerabilities in Apple iOS and iPadOS (23-June-2023)
Apple has released iOS 15.7.7, iOS 16.5.1, iPadOS 15.7.7 and iPadOS 16.5.1 to fix the vulnerabilities in various Apple devices.
-
Administration Wing alerts public to fraudulent emails (22-June-2023)
The Administration Wing today (June 22) appealed to members of the public to stay alert to fraudulent emails on the honours and awards presentation ceremony purporting to be sent by "HK Protocol Secretariat" under the email account pdshk@express[.]com or by "HK Protocol Secretariat Division" under the email account pdshk@espncricinfo[.]com.
-
LCQ10: Combating crimes of deception (21-June-2023)
Following is a question by the Hon Starry Lee and a written reply by the Acting Secretary for Security, Mr Michael Cheuk, in the Legislative Council today (June 21).
-
LCQ5: Cases of fraud through mobile phone SMS messages (21-June-2023)
Following is a question by the Hon Leung Man-kwong and a reply by the Acting Secretary for Commerce and Economic Development, Dr Bernard Chan, in the Legislative Council today (June 21).
-
Privacy Commissioner’s Office Launches Anti-fraud Promotional Campaign Entitled “Don’t Hand Over Your Personal Data – Beware of Fraudsters” (21-June-2023)
To raise public awareness of the prevention of fraud, the Office of the Privacy Commissioner for Personal Data (PCPD) has launched a series of anti-fraud publicity activities under the theme of “Don’t Hand Over Your Personal Data – Beware of Fraudsters”.
-
Fraudulent website and internet banking login screen related to Nanyang Commercial Bank, Limited (20-June-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Nanyang Commercial Bank, Limited relating to a fraudulent website and internet banking login screen, which have been reported to the HKMA.
-
Fraudulent websites and phishing messages related to UnionPay App (19-June-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by UnionPay International on UnionPay App-related fraudulent websites and phishing messages.
-
Launch of New Online Data Breach Notification Form (19-June-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) launched an online data breach notification form on 19 June 2023.
-
Security Alert (A23-06-15): Multiple Vulnerabilities in Synology DiskStation Manager (19-June-2023)
Synology has published security advisories to address multiple vulnerabilities in various versions of DiskStation Manager (DSM).
-
Security Alert (A23-06-14): Vulnerability in Fortinet Products (19-June-2023)
Fortinet released a security advisory to address a vulnerability in Fortinet products.
-
Security Alert (A23-06-13): Multiple Vulnerabilities in Microsoft Edge (19-June-2023)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
Speech by Ir Tony Wong, JP, Government Chief Information Officer, at the opening ceremony of “Greater Bay Area Cybersecurity Competition 2023” (with photos) (Chinese only) (17-June-2023)
Please refer to the Chinese version.
-
Opening Remarks by Ir Tony Wong, JP, Government Chief Information Officer, at the “ISACA China Hong Kong Chapter Annual Conference 2023” (16-June-2023)
The following was the Opening Remarks by Ir Tony Wong, JP, Government Chief Information Officer, at the “ISACA China Hong Kong Chapter Annual Conference 2023”.
-
Education Bureau alerts public to fraudulent SMS message (16-June-2023)
The Education Bureau (EDB) today (June 16) called on the public to stay vigilant against a fraudulent SMS message that falsely claims to be issued by the EDB for confirmation of payment for a package and collection of a DHL package. The SMS message also contains a hyperlink to a fake website.
-
Security Alert (A23-06-12): Multiple Vulnerabilities in Apache Struts (15-June-2023)
The Apache Software Foundation has released the security bulletins to address the vulnerabilities in Apache Struts.
-
e-World Smart Tips - Safe Remote Working (15-June-2023)
- Initiatives to be taken by organisations (Chinese Version Only)
- Protect your working devices (Chinese Version Only)
- Protective measures during remote working (Chinese Version Only)
- Points-to-note during remote working (Chinese Version Only)
- Be careful with remote conferencing (Chinese Version Only) -
e-World Smart Tips - Safe Use of Wi-Fi Network (15-June-2023)
- Points-to-note when using public Wi-Fi network (Chinese Version Only)
- Security enhancement of home Wi-Fi network (Chinese Version Only)
- Good practices when using Wi-Fi network (Chinese Version Only)
- Security measures of corporate Wi-Fi network (Chinese Version Only) -
Unauthorised website and mobile applications related to Dah Sing Bank, Limited (14-June-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Dah Sing Bank, Limited relating to unauthorised website and mobile applications (Apps), which have been reported to the HKMA.
-
Security Alert (A23-06-11): Vulnerability in VMware Tools (14-June-2023)
VMware has published a security advisory to address a vulnerability in VMware Tools.
-
Security Alert (A23-06-10): Multiple Vulnerabilities in Citrix Products (14-June-2023)
Citrix released security advisories to address multiple vulnerabilities in Citrix products.
-
Security Alert (A23-06-09) Multiple Vulnerabilities in Google Chrome (14-June-2023)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
High Threat Security Alert (A23-06-08): Multiple Vulnerabilities in Microsoft Products (June 2023) (14-June-2023)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
-
High Threat Security Alert (A23-06-07): Multiple Vulnerabilities in Fortinet Products (13-June-2023)
Fortinet released security advisories to address multiple vulnerabilities in Fortinet products.
-
A 30-year-old Chinese Female Arrested for a Suspected Doxxing Offence Relating to Emotional Entanglements (13-June-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese female aged 30 in Kowloon. The arrested person was suspected to have disclosed the personal data of two data subjects without their consents.
-
AI's Tipping Point: A Reminder on the Importance of Privacy and Ethics -- Privacy Commissioner's article contribution at Hong Kong Lawyer (12-June-2023)
The Privacy Commissioner for Personal Data (the Privacy Commissioner), Ms Ada CHUNG Lai-ling, published an article entitled “AI’s Tipping Point: A Reminder on the Importance of Privacy and Ethics” at Hong Kong Lawyer to discuss the emergence of Generative Artificial Intelligence (AI), while highlighting the privacy and ethical risks that come with its use and the current regulatory landscape of AI.
-
Fraudulent social media posts related to The Hongkong and Shanghai Banking Corporation Limited (12-June-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to fraudulent social media posts, which have been reported to the HKMA.
-
Unauthorised messages related to Tap & Go mobile wallet by HKT Payment Limited (12-June-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by HKT Payment Limited - Tap & Go relating to unauthorised messages.
-
Fraudulent social media post related to The Hongkong and Shanghai Banking Corporation Limited (9-June-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to a fraudulent social media post, which has been reported to the HKMA.
-
Fraudulent website related to Octopus Cards Limited (8-June-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Octopus Cards Limited relating to a fraudulent website.
-
Unauthorised mobile application related to Livi Bank Limited (8-June-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Livi Bank Limited relating to an unauthorised mobile application (App), which has been reported to the HKMA.
-
Fraudulent website and phishing instant messages related to DBS Bank (Hong Kong) Limited (8-June-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to a fraudulent website and phishing instant messages, which have been reported to the HKMA.
-
High Threat Security Alert (A23-06-06): Multiple Vulnerabilities in Cisco Products (8-June-2023)
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
-
High Threat Security Alert (A23-06-05): Multiple Vulnerabilities in VMware Aria Operations for Networks (8-June-2023)
VMware has published a security advisory to address multiple vulnerabilities in VMware Aria Operations for Networks.
-
LCQ4: Establishing data governance system (7-June-2023)
Following is a question by Prof the Hon William Wong and a reply by the Secretary for Innovation, Technology and Industry, Professor Sun Dong, in the Legislative Council today (June 7).
-
Security Alert (A23-06-04): Multiple Vulnerabilities in Android (7-June-2023)
Google has released Android Security Bulletin June 2023 to fix multiple security vulnerabilities in Android operating system.
-
Security Alert (A23-06-03): Multiple Vulnerabilities in Firefox (7-June-2023)
Mozilla has published the advisories (MFSA2023-19 and MFSA2023-20) to address multiple vulnerabilities in Firefox browser.
-
High Threat Security Alert (A23-06-02): Multiple Vulnerabilities in Microsoft Edge (7-June-2023)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
High Threat Security Alert (A23-06-01): Vulnerability in Google Chrome (6-June-2023)
Google released a security update to address a vulnerability in Google Chrome.
-
Suspicious mobile application and phishing instant messages related to Bank of China (Hong Kong) Limited (6-June-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to a suspicious mobile application (App) and phishing instant messages, which have been reported to the HKMA.
-
Parent Seminar: Beware of Internet Pitfalls and Practical Eye Care Tips for e-Learning (3-June-2023)
A registered social worker will explain current online dating trends among young people, as well as common online dating pitfalls such as naked chat blackmailing and scams. She will also share tips on how to communicate with children about cyber issues and provide advice on handling related crisis. A university ophthalmologist will improve parents' eye care knowledge to assist children in protecting their visual in daily life.
-
IoT Security in the Digital Age: Protecting Your Connected World (2-June-2023)
HKCERT collaborated with The Hong Kong Polytechnic University, to conduct a cyber security study on drones to raise public awareness of drone and IoT security.
-
Transport Department alerts public to fraudulent SMS message of HKeToll (2-June-2023)
The Transport Department (TD) today (June 2) alerted members of the public to fraudulent SMS message purportedly issued by the HKeToll. The SMS message provides a hyperlink to a fake HKeToll website.
-
Fraudulent websites and phishing emails related to Dah Sing Bank, Limited (2-June-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Dah Sing Bank, Limited relating to fraudulent websites and phishing emails, which have been reported to the HKMA.
-
Privacy Commissioner’s Office Publishes Two Reports (1-June-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) today published two reports, namely (1) an investigation report on the “Unauthorised Access to Credit Data in the TE Credit Reference System” and (2) a report on “Privacy Protection in the Digital Age: A Comparison of the Privacy Settings of 10 Online Shopping Platforms”, and the leaflet on “Tips for Users of Online Shopping Platforms”.
-
LCQ10: Regulating contents generated by artificial intelligence technology (31-May-2023)
Following is a question by the Hon Nixie Lam and a written reply by the Secretary for Innovation, Technology and Industry, Professor Sun Dong, in the Legislative Council today (May 31).
-
LCQ2: Developing Hong Kong into smart city (31-May-2023)
Following is a question by the Hon Andrew Lam and a reply by the Secretary for Innovation, Technology and Industry, Professor Sun Dong, in the Legislative Council today (May 31).
-
Fraudulent website related to Octopus Cards Limited (31-May-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Octopus Cards Limited relating to a fraudulent website.
-
The Mainland’s Measures on the Standard Contract forCross-border Transfers of Personal Information Will Take Effect Tomorrow (31-May-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) notes that the Measures on the Standard Contract for Cross-border Transfers of Personal Information (the Measures) promulgated by the Cyberspace Administration of China (CAC) will come into operation tomorrow (1 June).
-
Security Alert (A23-05-15): Vulnerability in VMware Products (31-May-2023)
VMware has published a security advisory to address a vulnerability in VMware NSX-T.
-
Security Alert (A23-05-14): Multiple Vulnerabilities in Google Chrome (31-May-2023)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
Fraudulent website related to Hang Seng Bank, Limited (29-May-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited relating to a fraudulent website, which has been reported to the HKMA.
-
Police Force engages in Metaverse exploring threats and opportunities of Web3 (with photos) (27-May-2023)
The Cyber Security and Technology Crime Bureau (CSTCB) of the Police launched the "CyberDefender Metaverse" platform today (May 27) and held its first online event "Exploring the Metaverse" to enlighten the public about the threats and opportunities linked with Web3 and the Metaverse, raise their awareness of new technology crimes, and bring them new experience.
-
Fraudulent websites, internet banking login screens and phishing instant messages related to Hang Seng Bank, Limited (24-May-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited relating to fraudulent websites, internet banking login screens and phishing instant messages, which have been reported to the HKMA.
-
Fraudulent mobile application and phishing instant messages related to Bank of America, National Association (24-May-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of America, National Association relating to a fraudulent mobile application (App) and phishing instant messages, which have been reported to the HKMA.
-
LCQ6: Prevention of school and cyber bullying (24-May-2023)
Following is a question by the Hon Lam So-wai and a reply by the Secretary for Education, Dr Choi Yuk-lin, in the Legislative Council today (May 24).
-
LCQ18: Application of generative artificial intelligence in primary and secondary schools (24-May-2023)
Following is a question by the Hon Mrs Regina Ip and a written reply by the Secretary for Education, Dr Choi Yuk-lin, in the Legislative Council today (May 24).
-
Security Alert (A23-05-13): Vulnerability in VMware NSX-T (24-May-2023)
VMware has published a security advisory to address a vulnerability in VMware NSX-T.
-
Security Alert (A23-05-12): Vulnerability in Apache Tomcat (23-May-2023)
The Apache Software Foundation released a security update to address a vulnerability in the Apache Tomcat.
-
EMSD temporarily suspends some online services due to cyber incident (20-May-2023)
The Electrical and Mechanical Services Department (EMSD) today (May 20) announced that due to abnormality found in the network system, it was suspected that part of the system has been hacked. For prudence's sake, the following online services have been suspended.
-
Fraudulent website, internet banking login screen and phishing emails related to Hang Seng Bank, Limited (19-May-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited relating to a fraudulent website, internet banking login screen and phishing emails, which have been reported to the HKMA.
-
Fraudulent websites related to Chong Hing Bank Limited (19-May-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites, which have been reported to the HKMA.
-
Security Alert (A23-05-11): Multiple Vulnerabilities in Microsoft Edge (19-May-2023)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
High Threat Security Alert (A23-05-10): Multiple Vulnerabilities in Apple iOS and iPadOS (19-May-2023)
Apple has released iOS 15.7.6, iOS 16.5, iPadOS 15.7.6 and iPadOS 16.5 to fix the vulnerabilities in various Apple devices.
-
Fraudulent website related to The Hongkong and Shanghai Banking Corporation Limited (18-May-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to a fraudulent website, which has been reported to the HKMA.
-
A 43-year-old Chinese Male Arrested for a Suspected Doxxing Offence Relating to Commercial Disputes (18-May-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 43 in the New Territories. The arrested person was suspected to have disclosed the personal data of a data subject without his consent, in contravention of section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO).
-
High Threat Security Alert (A23-05-09): Multiple Vulnerabilities in Cisco Products (18-May-2023)
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
-
Privacy Commissioner’s Office Organises Awards Presentation Ceremony of Short Video Competition for Primary School Students on “Respecting Privacy Begins with Me” (17-May-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) held an Awards Presentation Ceremony (Awards Presentation Ceremony) of a Short Video Competition for Primary School Students on “Respecting Privacy Begins with Me” (Competition) on 12 May to recognise the efforts of 23 outstanding primary school teams in promoting the respect for and protection of personal data privacy.
-
Unauthorised website and phishing email related to Citibank (Hong Kong) Limited (17-May-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Citibank (Hong Kong) Limited relating to an unauthorised website and phishing email, which have been reported to the HKMA.
-
Fraudulent websites related to Industrial and Commercial Bank of China (Asia) Limited (17-May-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Industrial and Commercial Bank of China (Asia) Limited relating to fraudulent websites, which have been reported to the HKMA.
-
Security Alert (A23-05-08): Multiple Vulnerabilities in Google Chrome (17-May-2023)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
Fraudulent website related to The Hongkong and Shanghai Banking Corporation Limited (16-May-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to a fraudulent website, which has been reported to the HKMA.
-
Fraudulent instant messages related to Livi Bank Limited (16-May-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Livi Bank Limited relating to fraudulent instant messages, which have been reported to the HKMA.
-
Fraudulent websites related to The Hongkong and Shanghai Banking Corporation Limited (15-May-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to fraudulent websites, which have been reported to the HKMA.
-
Fraudulent websites and phishing email related to The Bank of East Asia, Limited (15-May-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and phishing email, which have been reported to the HKMA.
-
Unmasking Cybercrime-as-a-Service: The Dark Side of Digital Convenience (15-May-2023)
HKCERT has set Cybercrime-as-a-Service (CaaS) as one of the top five information security risks for 2023.
-
Ethical Phishing Campaign 2023 (13-May-2023)
Please refer to the Chinese version.
-
Fraudulent website related to Bank of Communications (Hong Kong) Limited (12-May-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Communications (Hong Kong) Limited relating to a fraudulent website, which has been reported to the HKMA.
-
Security Alert (A23-05-07): Multiple Vulnerabilities in VMware Aria Operations (12-May-2023)
VMware has published a security advisory to address multiple vulnerabilities in VMware Aria Operations.
-
Fraudulent websites related to Hang Seng Bank, Limited (11-May-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited relating to fraudulent websites, which have been reported to the HKMA.
-
A 37-year-old Chinese Male Arrested for Suspected Reposting of Doxxing Message (11-May-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 37 in the New Territories. He was suspected to have disclosed the personal data of a data subject without her consent, in contravention of section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO).
-
LCQ19: Artificial intelligence chatbot ChatGPT (10-May-2023)
Following is a question by the Hon Yung Hoi-yan and a written reply by the Acting Secretary for Innovation, Technology and Industry, Ms Lillian Cheong, in the Legislative Council today (May 10)
-
LCQ10: Protecting personal data when developing and using artificial intelligence (10-May-2023)
Following is a question by the Hon Chan Yung and a written reply by the Secretary for Constitutional and Mainland Affairs, Mr Erick Tsang Kwok-wai, in the Legislative Council today (May 10).
-
Security Alert (A23-05-06): Multiple Vulnerabilities in Firefox (10-May-2023)
Mozilla has published the advisories (MFSA2023-16 and MFSA2023-17) to address multiple vulnerabilities in Firefox browser.
-
High Threat Security Alert (A23-05-05): Multiple Vulnerabilities in Microsoft Products (May 2023) (10-May-2023)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
-
CSA HKM Knowledge Sharing Event – May 2023 (11-May-2023)
The Knowledge Sharing Event in May will be focused on another hot topic – AI and Cloud computing again.
-
Fraudulent websites related to Hang Seng Bank, Limited (8-May-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited relating to fraudulent websites, which have been reported to the HKMA.
-
Security Alert (A23-05-04): Multiple Vulnerabilities in Microsoft Edge (8-May-2023)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
Build a Secure Cyberspace 2023 - “Protect Your Online Security in Web 3.0” Seminar (5-May-2023)
With the development of internet and its evolvement into the third generation, the complexity of cyber attack increases at the same time. How could we protect ourselves online? Join the “Protect Your Online Security in Web 3.0” seminar co-organised by the Hong Kong Computer Emergency Response Coordination Centre (HKCERT), the Office of the Government Chief Information Officer (OGCIO) and the Hong Kong Police Force (HKPF), and learn from information security experts how to strengthen your security in the world of Web 3.0.
-
Security Alert (A23-05-03): Multiple Vulnerabilities in Fortinet Products (4-May-2023)
Fortinet released security advisories to address multiple vulnerabilities in Fortinet products.
-
Security Alert (A23-05-02): Multiple Vulnerabilities in Google Chrome (3-May-2023)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
Security Alert (A23-05-01): Multiple Vulnerabilities in Android (2-May-2023)
Google has released Android Security Bulletin May 2023 to fix multiple security vulnerabilities in Android operating system.
-
Fraudulent website and phishing instant message related to DBS Bank (Hong Kong) Limited (28-April-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to a fraudulent website and phishing instant message, which have been reported to the HKMA.
-
Fraudulent website related to Bank of Singapore Limited (28-April-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited relating to a fraudulent website, which has been reported to the HKMA.
-
Beware of counterfeit mobile apps purporting to be made by Guangdong-Hong Kong-Macao Greater Bay Area Development Office (28-April-2023)
The Guangdong-Hong Kong-Macao Greater Bay Area Development Office of the Constitutional and Mainland Affairs Bureau today (April 28) appealed to members of the public for heightened vigilance against counterfeit mobile apps purporting to be made by the Office.
-
Fraudulent website and phishing email related to The Hongkong and Shanghai Banking Corporation Limited (28-April-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to fraudulent website and phishing email, which have been reported to the HKMA.
-
High Threat Security Alert (A23-04-19): Vulnerability in TP-Link Archer AX21 (26-April-2023)
TP-Link released a security update to address a vulnerability in TP-Link Archer AX21.
-
Security Alert (A23-04-18): Multiple Vulnerabilities in VMware Products (26-April-2023)
VMware has published a security advisory to address multiple vulnerabilities in VMware products.
-
High Threat Security Alert (A23-04-17): Multiple Vulnerabilities in Microsoft Edge (24-April-2023)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge..
-
Transport Department alerts public to fraudulent SMS message of HKeToll (22-April-2023)
The Transport Department (TD) today (April 22) alerted members of the public to fraudulent SMS message purportedly issued by the HKeToll.
-
Suspicious website related to China CITIC Bank International Limited (21-April-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited relating to a suspicious website, which has been reported to the HKMA.
-
Fraudulent mobile application related to China Construction Bank (Asia) Corporation Limited (21-April-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Construction Bank (Asia) Corporation Limited relating to a fraudulent App, which has been reported to the HKMA.
-
Fraudulent websites and phishing emails related to The Hongkong and Shanghai Banking Corporation Limited (21-April-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to fraudulent websites and phishing emails, which have been reported to the HKMA.
-
High Threat Security Alert (A23-04-16): Multiple Vulnerabilities in VMware Aria Operations for Logs (21-April-2023)
VMware has published a security advisory to address multiple vulnerabilities in VMware Aria Operations for Logs..
-
Fraudulent websites and phishing emails related to The Hongkong and Shanghai Banking Corporation Limited (20-April-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to fraudulent websites and phishing emails, which have been reported to the HKMA.
-
Security Alert (A23-04-15): Vulnerability in Drupal (20-April-2023)
Drupal has released security advisories to address a vulnerability in the Drupal products..
-
High Threat Security Alert (A23-04-14): Multiple Vulnerabilities in Cisco Products (20-April-2023)
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software..
-
Phishing social media accounts and unauthorised messages related to TNG (Asia) Limited (19-April-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by TNG (Asia) Limited relating to phishing social media accounts and unauthorised messages.
-
Security Alert (A23-04-13): Multiple Vulnerabilities in Oracle Java and Oracle Products (April 2023) (19-April-2023)
Oracle has released the Critical Patch Update (CPU) Advisory with collections of patches for multiple security vulnerabilities found in Java SE and various Oracle products..
-
High Threat Security Alert (A23-04-12): Multiple Vulnerabilities in Google Chrome (19-April-2023)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
A 27-year-old Chinese Female Arrested for a Suspected Doxxing Offence (19-April-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese female aged 27 in Kowloon.
-
Fraudulent websites, internet banking login screens and phishing instant messages related to Hang Seng Bank, Limited (18-April-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited relating to fraudulent websites, internet banking login screens and phishing instant messages, which have been reported to the HKMA.
-
HKIRC x SUCCESS Webinar – Webinar : “How to Protect Your Enterprise from Cyber Threats” (17-April-2023)
HKIRC x SUCCESS Webinar – Webinar : “How to Protect Your Enterprise from Cyber Threats”The digital transformation undoubtedly brings enormous business opportunities for enterprises, but it also brings numerous cyber security concerns. As cyber security incidents become more frequent, it is more necessary for enterprises to enhance their network resilience, deepen their understanding of cyber security, and properly respond to cyber threats, to protect their data assets comprehensively. This seminar invites experts in technology crimes and cyber security to share their insights on local network crime trends, case studies, enterprise cyber security and employee awareness, with a view to helping SMEs in reducing the risks of cyber security threats.
-
High Threat Security Alert (A23-04-11): Vulnerability in Microsoft Edge (17-April-2023)
Microsoft released a security update to address a vulnerability in Microsoft Edge.
-
High Threat Security Alert (A23-04-10): Vulnerability in Google Chrome (17-April-2023)
Google released a security update to address a vulnerability in Google Chrome.
-
SITI attends National Security Education Day Seminar (Chinese only) (with photo) (15-April-2023)
Please refer to the Chinese version.
-
Fraudulent websites and phishing messages related to Alipay Financial Services (HK) Limited (14-April-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Alipay Financial Services (HK) Limited relating to fraudulent websites and phishing messages.
-
Fraudulent websites related to China CITIC Bank International Limited (14-April-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited relating to fraudulent websites, which have been reported to the HKMA.
-
Phishing social media advertisements and fraudulent websites related to PPS (14-April-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by EPS Company (Hong Kong) Limited on PPS-related phishing social media advertisements and fraudulent websites.
-
e-World Smart Tips - Security Tips on Mobile Payment (13-April-2023)
- Security measures for mobile payment (Chinese Version Only)
- Good practices when using mobile payment (Chinese Version Only)
- Points-to-note when making mobile payment (Chinese Version Only)
- Smart tips for using mobile payment safely (Chinese Version Only) -
Fraudulent website, internet banking login screen and phishing email related to Hang Seng Bank, Limited (13-April-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited relating to a fraudulent website, an internet banking login screen and a phishing email, which have been reported to the HKMA.
-
Security Alert (A23-04-09): Multiple Vulnerabilities in Adobe Reader/Acrobat (12-April-2023)
Security updates are released for Adobe Reader and Acrobat to address multiple vulnerabilities.
-
Inland Revenue Department alerts public to fraudulent emails (12-April-2023)
The Inland Revenue Department today (April 12) alerted members of the public to fraudulent emails purportedly issued by the department, which invite recipients to claim tax refunds.
-
Security Alert (A23-04-08): Multiple Vulnerabilities in Firefox (12-April-2023)
Mozilla has published the advisories (MFSA2023-13 and MFSA2023-14) to address multiple vulnerabilities in Firefox browser.
-
Security Alert (A23-04-07): Multiple Vulnerabilities in Fortinet Products (12-April-2023)
Fortinet released security advisories to address multiple vulnerabilities in Fortinet products.
-
High Threat Security Alert (A23-04-06): Multiple Vulnerabilities in Microsoft Products (April 2023) (12-April-2023)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
-
Security Alert (A23-04-05): Multiple Vulnerabilities in Microsoft Edge (11-April-2023)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
High Threat Security Alert (A23-04-04): Multiple Vulnerabilities in Apple iOS and iPadOS (11-April-2023)
Apple has released iOS 15.7.5, iOS 16.4.1, iPadOS 15.7.5 and iPadOS 16.4.1 to fix the vulnerabilities in various Apple devices.
-
Security Alert (A23-04-03): Multiple Vulnerabilities in Android (6-April-2023)
Google has released Android Security Bulletin April 2023 to fix multiple security vulnerabilities in Android operating system.
-
Security Alert (A23-04-02): Multiple Vulnerabilities in Google Chrome (6-April-2023)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
Security Alert (A23-04-01): Multiple Vulnerabilities in Cisco Products (6-April-2023)
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
-
Fraudulent website and phishing email related to Dah Sing Bank, Limited (3-April-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Dah Sing Bank, Limited relating to a fraudulent website and phishing email, which have been reported to the HKMA.
-
Fraudulent websites related to China CITIC Bank International Limited (3-April-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited relating to fraudulent websites, which have been reported to the HKMA.
-
Fraudulent website related to Fubon Bank (Hong Kong) Limited (3-April-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Fubon Bank (Hong Kong) Limited relating to a fraudulent website, which has been reported to the HKMA.
-
CSA HKM Knowledge Sharing Event – March 2023 (30-March-2023)
In the second CSA HKM Knowledge Sharing Event in March, our expert speaker will talk about the ever changing DevOps, DevSecOps in the Cloud Computing environment.
-
Fraudulent website and phishing instant message related to Industrial and Commercial Bank of China (Asia) Limited (30-March-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Industrial and Commercial Bank of China (Asia) Limited relating to a fraudulent website and phishing instant message, which have been reported to the HKMA.
-
Fraudulent websites related to Chong Hing Bank Limited (30-March-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites, which have been reported to the HKMA.
-
Security Alert (A23-03-18): Multiple Vulnerabilities in QNAP Products (30-March-2023)
QNAP has published security advisories to address multiple vulnerabilities in QNAP products..
-
Reaching Out to Social Welfare Sector - PCPD Officer speaks at the Information Technology Security Seminar (30-March-2023)
Mr Tamson TAM, Personal Data Officer (Information Technology) of the Office of the Privacy Commissioner for Personal Data (PCPD), spoke at the Information Technology Security Seminar organised by the Information Technology Resource Centre of the Hong Kong Council of Social Service on 28 March, during which he gave an overview of the “Guidance Note on Data Security Measures for Information and Communications Technology” issued by the PCPD to the participants.
-
Fraudulent website related to Chong Hing Bank Limited (29-March-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to a fraudulent website, which has been reported to the HKMA.
-
High Threat Security Alert (A23-03-17): Multiple Vulnerabilities in Apple iOS and iPadOS (28-March-2023)
Apple has released iOS 15.7.4, iOS 16.4, iPadOS 15.7.4 and iPadOS 16.4 to fix the vulnerabilities in various Apple devices.
-
Do you know what is Identity/Credential Theft? (27-March-2023)
Cyber theft of identity and credentials is not a new phenomenon. However, the COVID-19 pandemic has accelerated people’s growing reliance on online services for work and personal tasks, creating more opportunities for cyber criminals to steal our personal information for their own gains.
-
"真假資訊要辨清 切勿胡亂係咁Share" Video (Chinese version only) (27-March-2023)
Please refer to the Chinese version.
-
Security Alert (A23-03-16): Vulnerability in Microsoft Windows Snipping Tools (27-March-2023)
Microsoft has released an out-of-band security update to address the vulnerability in Microsoft Windows Snipping Tools.
-
Unauthorised instant messages related to Union Bancaire Privée, UBP SA (27-March-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Union Bancaire Privée, UBP SA relating to unauthorised instant messages, which have been reported to the HKMA.
-
Security Alert (A23-03-15): Vulnerability in OpenSSL (27-March-2023)
OpenSSL has released 1.1.1u, 3.0.9 and 3.1.1 to fix the vulnerability in various versions of OpenSSL.
-
Security Alert (A23-03-14): Multiple Vulnerabilities in Microsoft Edge (27-March-2023)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
Fraudulent website and instant message related to The Bank of East Asia, Limited (27-March-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent website and instant message, which have been reported to the HKMA.
-
A 31-year-old Chinese Male Arrested for a Suspected Doxxing Offence (24-March-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 31 in Kowloon.
-
Security Alert (A23-03-13): Vulnerability in Apache Tomcat (23-March-2023)
The Apache Software Foundation released a security update to address a vulnerability in the Apache Tomcat.
-
Security Alert (A23-03-12): Multiple Vulnerabilities in Cisco Products (23-March-2023)
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
-
Security Alert (A23-03-11): Multiple Vulnerabilities in Google Chrome (22-March-2023)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
Police and OGCIO jointly host Inter-departmental Cyber Security Drill to enhance Government's cyber defence capability (with photos) (22-March-2023)
The Cyber Security and Technology Crime Bureau (CSTCB) of the Hong Kong Police Force and the Government Computer Emergency Response Team Hong Kong under the Office of the Government Chief Information Officer (OGCIO) co-organised the 7th Inter-departmental Cyber Security Drill today (March 22).
-
Privacy Commissioner’s Office Urges the Public to Guard against Phishing Websites and Fraudulent SMS Messages (21-March-2023)
As the society resumes normalcy, many citizens have begun to travel abroad. The Office of the Privacy Commissioner for Personal Data (PCPD) noted recent reports on a phishing website which claimed to provide submission service of electronic entry permit applications to a foreign government, with a view to swindling personal data, including credit card information, and money out of citizens in the process of declaring health conditions.
-
Transport Department alerts public to fraudulent SMS message (20-March-2023)
The Transport Department (TD) today (March 20) alerted members of the public to fraudulent SMS message purportedly issued by HKeToll.
-
Fraudulent website and mobile application related to Chong Hing Bank Limited (16-March-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent website and mobile application (App), which have been reported to the HKMA.
-
Security Alert (A23-03-10): Multiple Vulnerabilities in Drupal (16-March-2023)
Drupal has released security advisories to address multiple vulnerabilities in the Drupal products..
-
WSD urges public to be alert to fraudulent SMS message (15-March-2023)
The Water Supplies Department (WSD) today (March 15) alerted the public to a fraudulent SMS message purportedly issued by the department.
-
Judiciary alerts public to phishing email (15-March-2023)
The Judiciary today (March 15) called on the public to stay vigilant to a phishing email sent from the email account "Mr Justice Anthony Chan < crystalstiefel21@gmail[DOT]com >". The email falsely claims that it was issued by a judge of the High Court.
-
Fraudulent website related to Chong Hing Bank Limited (15-March-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to a fraudulent website, which has been reported to the HKMA.
-
LCQ14: Combating deception offences (15-March-2023)
Following is a question by the Hon Martin Liao and a written reply by the Acting Secretary for Security, Mr Michael Cheuk, in the Legislative Council today (March 15):
-
Bogus SMS purportedly from HKMA (15-March-2023)
The Hong Kong Monetary Authority (HKMA) received public enquiries about SMS purportedly from HKMA staff to follow up on matters relating to bank accounts and fund transfers.
-
Security Alert (A23-03-09): Multiple Vulnerabilities in Firefox (15-March-2023)
Mozilla has published the advisories (MFSA2023-09 and MFSA2023-10) to address multiple vulnerabilities in Firefox browser..
-
High Threat Security Alert (A23-03-08): Multiple Vulnerabilities in Microsoft Products (March 2023) (15-March-2023)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
-
Security Alert (A23-03-07): Multiple Vulnerabilities in Microsoft Edge (14-March-2023)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
Security Alert (A23-03-06): Multiple Vulnerabilities in Cisco IOS XR Software (9-March-2023)
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
-
Fraudulent website related to OCBC Wing Hang Bank Limited (9-March-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by OCBC Wing Hang Bank Limited relating to a fraudulent website, which has been reported to the HKMA.
-
Two Men Arrested for Suspected Doxxing Relating to Rental Disputes (9-March-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested two men on Hong Kong Island.
-
Fraudulent websites related to DBS Bank (Hong Kong) Limited (8-March-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to fraudulent websites, which have been reported to the HKMA.
-
Security Alert (A23-03-05): Multiple Vulnerabilities in Android (8-March-2023)
Google has released Android Security Bulletin March 2023 to fix multiple security vulnerabilities in Android operating system.
-
Security Alert (A23-03-04): Multiple Vulnerabilities in Apache HTTP Server (8-March-2023)
The Apache Software Foundation released a security update to address multiple vulnerabilities in the HTTP Server and its modules.
-
Security Alert (A23-03-03): Multiple Vulnerabilities in Google Chrome (8-March-2023)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
Security Alert (A23-03-02): Multiple Vulnerabilities in Fortinet Products (8-March-2023)
Fortinet released security advisories to address multiple vulnerabilities in Fortinet products.
-
Second Sentencing for the New Doxxing Offence (8-March-2023)
The Shatin Magistrates’ Court earlier convicted a 36-year old female, Ms SHAM Chun-kiu (defendant), of 14 charges of the new doxxing offence upon her guilty plea.
-
Inland Revenue Department alerts public to fraudulent emails (7-March-2023)
The Inland Revenue Department today (March 7) alerted members of the public to fraudulent emails purportedly issued by the department, which invite recipients to claim tax refunds.
-
Security Alert (A23-03-01): Multiple Vulnerabilities in SonicWall Products (6-March-2023)
SonicWall has released security advisories to address multiple vulnerabilities in SonicOS which is the operating system for SonicWall firewalls.
-
InfoSec Tours - Safe Social Networking (Chinese version only) (6-March-2023)
Please refer to the Chinese version.
-
InfoSec Tours - Safe Online Shopping (Chinese version only) (6-March-2023)
Please refer to the Chinese version.
-
CSA HKM Knowledge Sharing Event – March 2023 (2-March-2023)
Cybersecurity in Cloud Computing is always changing. In this ever-changing world we have a lot of things happening. Our Council member – Samuel NG is a definitely a pioneer in this industry. He would like to bring in a hot topic in IT world – ChapGPT.
-
High Threat Security Alert (A23-02-23): Multiple Vulnerabilities in Cisco Products (2-March-2023)
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
-
Suspicious websites related to Chong Hing Bank Limited (2-March-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to suspicious websites, which have been reported to the HKMA.
-
e-World Smart Tips - IoT Devices Security (1-March-2023)
- Choose IoT devices with security features (Chinese Version Only)
- Properly set up your IoT devices (Chinese Version Only)
- Protect your privacy when using social media (Chinese Version Only)
- Safe use of IoT devices with Bluetooth Low Energy (BLE) (Chinese Version Only) -
HKCERT Security Tips: Beware of Fake ChatGPT Apps and Phishing Websites (28-February-2023)
The artificial intelligence chatbot, ChatGPT, which gained 100 million users worldwide within just two months of its launch in November 2022, has recently introduced a paid subscription service called ChatGPT Plus.
-
Security Alert (A23-02-22): Multiple Vulnerabilities in Microsoft Edge (27-February-2023)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
Fraudulent email related to Citibank (Hong Kong) Limited (27-February-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Citibank (Hong Kong) Limited relating to a fraudulent email, which has been reported to the HKMA.
-
First Hong Kong Cybersecurity Skills Competition (26-February-2023)
To increase the readiness of cybersecurity professionals by providing industrial knowledge and vocational training through the competition;To improve the qualities of work ethics and professional skills which are crucial for the cybersecurity professionals;To develop a training and certification programme that suits cybersecurity industry in Hong Kong. It aims to raise the professional skills and labor forces for the industry;To establish a recognition and award mechanism for cybersecurity professionals to further develop their career;To define and promote Hong Kong's regional and industry standards of the roles and competence requirements of cybersecurity practitioners.
-
A 42-year-old Chinese Male Arrested for a Suspected Doxxing Offence (24-February-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 42 in the New Territories.
-
Security Alert (A23-02-21): Vulnerability in Apache Tomcat (23-February-2023)
The Apache Software Foundation released a security update to address a vulnerability in the Apache Tomcat.
-
Security Alert (A23-02-20): Multiple Vulnerabilities in Google Chrome (23-February-2023)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
Security Alert (A23-02-19): Multiple Vulnerabilities in Cisco Products (23-February-2023)
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
-
Security Alert (A23-02-18): Multiple Vulnerabilities in VMware Products (22-February-2023)
VMware has published security advisories to address multiple vulnerabilities in VMware products.
-
Fraudulent website and instant message related to Union Bancaire Privée, UBP SA (22-February-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Union Bancaire Privée, UBP SA relating to a fraudulent website and instant message, which have been reported to the HKMA.
-
Fraudulent websites related to DBS Bank (Hong Kong) Limited (22-February-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to fraudulent websites, which have been reported to the HKMA.
-
Verify from Various Sources to Ensure Security When Searching for Answers with AI (20-February-2023)
Recently, the artificial intelligence (AI) ChatBot, ChatGPT, has taken the Internet by storm. It is reported that the tool already has 100 million users. Most users say that compared with traditional search engines which only rely on input queries to provide websites of highly relevance, ChatGPT allows users to ask questions in the format of a person-to-person dialogue and then output responses. In addition, the generated answers are very accurate with detailed explanations, saving the time to search for information after using search engines.
-
Cyber Defenders' Carnival (18-February-2023)
Cyber Defenders' Carnival is coming soon! Cyber Defender assembles efforts territory-wide to safeguard the cyber world.
-
Fraudulent website related to Bank of Singapore Limited (17-February-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited relating to a fraudulent website, which has been reported to the HKMA.
-
High Threat Security Alert (A23-02-17): Multiple Vulnerabilities in Fortinet Products (17-February-2023)
Fortinet released security advisories to address multiple vulnerabilities in Fortinet products.
-
Security Alert (A23-02-16): Multiple Vulnerabilities in Cisco Products (16-February-2023)
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
-
Fraudulent website related to Hang Seng Bank, Limited (16-February-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited relating to a fraudulent website, which has been reported to the HKMA.
-
Security Alert (A23-02-15): Multiple Vulnerabilities in Citrix Products (15-February-2023)
Citrix released security advisories to address multiple vulnerabilities in Citrix products.
-
Security Alert (A23-02-14): Multiple Vulnerabilities in Firefox (15-February-2023)
Mozilla has published the advisories (MFSA2023-05 and MFSA2023-06) to address multiple vulnerabilities in Firefox browser.
-
High Threat Security Alert (A23-02-13): Multiple Vulnerabilities in Microsoft Products (February 2023) (15-February-2023)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
-
Security Alert (A23-02-12): Vulnerability in SonicWall Email Security (14-February-2023)
SonicWall has released a security advisory to address an information disclosure vulnerability in SonicWall Email Security.
-
High Threat Security Alert (A23-02-11): Multiple Vulnerabilities in Apple iOS and iPadOS (14-February-2023)
Apple has released iOS 16.3.1 and iPadOS 16.3.1 to fix the vulnerabilities in various Apple devices..
-
Cyber Attack and Defence Elite Training 2022/23 (Chinese only) (From 4-October-2022 to 11-February-2023)
Please refer to the Chinese version.
-
Security Alert (A23-02-10): Multiple Vulnerabilities in OpenSSL (10-February-2023)
OpenSSL has released 1.1.1t and 3.0.8 to fix the vulnerabilities in various versions of OpenSSL.
-
Security Alert (A23-02-09): Multiple Vulnerabilities in Microsoft Edge (10-February-2023)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
Fraudulent mobile applications related to Chong Hing Bank Limited (9-February-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent mobile applications (Apps), which have been reported to the HKMA.
-
Unauthorised instant messages related to Mox Bank Limited (9-February-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Mox Bank Limited relating to unauthorised instant messages, which have been reported to the HKMA.
-
Hong Kong Cyber Security Incidents on the Rise HKCERT Urges the Community to Raise Information Security Awareness (8-February-2023)
The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) of the Hong Kong Productivity Council (HKPC) held a briefing today to summarise the information security situation in Hong Kong in 2022 and release the security forecast for 2023, and invited scholars from the Hong Kong Polytechnic University (PolyU) to share the latest security risks of the Internet of Things (IoT) and Web 3.0.
-
Hong Kong Customs clarifies no public auction ever arranged through external parties after noticing suspicious social media platform pages and websites again (8-February-2023)
Hong Kong Customs made a clarification today (February 8) that it has never arranged a public auction by means of a social media platform or a website to sell confiscated items.
-
Security Alert (A23-02-08): Multiple Vulnerabilities in Google Chrome (8-February-2023)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
Fraudulent website related to DBS Bank (Hong Kong) Limited (7-February-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to a fraudulent website, which has been reported to the HKMA.
-
Security Alert (A23-02-07): Multiple Vulnerabilities in Android (7-February-2023)
Google has released Android Security Bulletin February 2023 to fix multiple security vulnerabilities in Android operating system.
-
How to Mitigate New Cyber Security Risks Arising from the Growing Use of Technology in Industrial Operations (6-February-2023)
In recent years, more enterprises and public utilities are leveraging 5G and Internet of Things (IoT) technologies to connect their industrial operation technology (OT) systems to the information technology (IT) systems or the Internet.
-
Suspicious websites related to Fubon Bank (Hong Kong) Limited (6-February-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Fubon Bank (Hong Kong) Limited relating to suspicious websites, which have been reported to the HKMA.
-
Security Alert (A23-02-06): Multiple Vulnerabilities in F5 Products (6-February-2023)
F5 has published security advisories to address multiple vulnerabilities in F5 devices.
-
Security Alert (A23-02-04): Vulnerability in Microsoft Edge (6-February-2023)
Microsoft released a security update to address a vulnerability in Microsoft Edge.
-
Security Alert (A23-02-05): Vulnerability in VMware Workstation (6-February-2023)
VMware has published a security advisory to address a vulnerability in VMware Workstation.
-
Security Alert (A23-02-03): Multiple Vulnerabilities in Cisco Products (2-February-2023)
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
-
Security Alert (A23-02-02): Vulnerability in QNAP Products (1-February-2023)
QNAP has published a security advisory to address a vulnerability in QNAP QTS and QNAP QuTS hero.
-
Unauthorised mobile application related to Chong Hing Bank Limited (2-February-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to an unauthorised mobile application (App), which has been reported to the HKMA.
-
Security Alert (A23-02-01): Vulnerability in VMware vRealize Operations (1-February-2023)
VMware has published a security advisory to address a vulnerability in VMware vRealize Operations.
-
Conviction Secured for 36-year Old Female in a Doxxing Case Relating to Monetary Disputea (1-February-2023)
The Shatin Magistrates’ Court today (1 February 2023) convicted a 36-year old female, Ms SHAM Chun-kiu (defendant), of 14 charges of doxxing offence upon her guilty plea.
-
A 29-year-old Chinese Male Arrested for Posting Doxxing Posters (1-February-2023)
The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 29 in Kowloon.
-
Resource Centre - Leaflet on "NFT - Risks and Advice" (31-January-2023)
Leaflet on "Information Security Guide - NFT - Risks and Advice" is now available at the Resource Centre
-
Suspicious websites related to Fubon Bank (Hong Kong) Limited (31-January-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Fubon Bank (Hong Kong) Limited relating to suspicious websites, which have been reported to the HKMA.
-
CSA HKM Knowledge Sharing Event – January 2023 (31-January-2023)
In this year the Cloud Security Alliance Hong Kong & Macau Chapter will continue to lead and conduct more cloud security and audit training.
-
Security Alert (A23-01-17): Multiple Vulnerabilities in Microsoft Edge (30-January-2023)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
Unauthorised mobile application related to Chong Hing Bank Limited (27-January-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to an unauthorised mobile application (App), which has been reported to the HKMA.
-
Phishing instant message related to Bank of Singapore Limited (26-January-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited relating to a phishing instant message, which has been reported to the HKMA.
-
Security Alert (A23-01-16): Multiple Vulnerabilities in Google Chrome (26-January-2023)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
High Threat Security Alert (A23-01-15): Multiple Vulnerabilities in VMware vRealize Log Insight (26-January-2023)
VMware has published a security advisory to address multiple vulnerabilities in VMware products.
-
High Threat Security Alert (A23-01-14): Multiple Vulnerabilities in Apple iOS and iPadOS (26-January-2023)
Apple has released iOS 12.5.7, iOS 15.7.3, iOS 16.3, iPadOS 15.7.3 and iPadOS 16.3 to fix the vulnerabilities in various Apple devices.
-
Unauthorised mobile application related to Chong Hing Bank Limited (20-January-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to an unauthorised mobile application (App), which has been reported to the HKMA.
-
Security Alert (A23-01-13): Multiple Vulnerabilities in Microsoft Edge (20-January-2023)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
Security Alert (A23-01-12): Vulnerability in Drupal (19-January-2023)
Drupal has released a security advisory to address a vulnerability in the Drupal products.
-
Security Alert (A23-01-11): Multiple Vulnerabilities in Cisco Products (19-January-2023)
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
-
Upgrade Your End-of-Support Microsoft Products as Soon as Possible (19-January-2023)
If your refrigerator supplier stops providing maintenance services, will you “ignore it” and let the refrigerator’s fresh-keeping and refrigeration functions gradually disappear to become a hotbed for gems? Likewise, the security risks you face will only increase if you stick to computer operating systems and programs that no longer receive any official patches, technical support, and security updates.
-
e-World Smart Tips - Safe Use of Social Media and Instant Messaging (18-January-2023)
- Appropriate management of accounts and applications (Chinese Version Only)
- Settings of social media accounts (Chinese Version Only)
- Protect your privacy when using social media (Chinese Version Only)
- Points-to-note when using instant messengers (Chinese Version Only)
- Dealing with social media scams (Chinese Version Only) -
Security Alert (A23-01-10): Multiple Vulnerabilities in Oracle Java and Oracle Products (January 2023) (18-January-2023)
Oracle has released the Critical Patch Update (CPU) Advisory with collections of patches for multiple security vulnerabilities found in Java SE and various Oracle products.
-
Security Alert (A23-01-09): Multiple Vulnerabilities in Apache HTTP Server (18-January-2023)
The Apache Software Foundation released a security update to address multiple vulnerabilities in the HTTP Server and its modules.
-
Security Alert (A23-01-08): Multiple Vulnerabilities in Firefox (18-January-2023)
Mozilla has published the advisories (MFSA2023-01 and MFSA2023-02) to address multiple vulnerabilities in Firefox browser..
-
Fraudulent websites and phishing emails related to The Hongkong and Shanghai Banking Corporation Limited (16-January-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to fraudulent websites and phishing emails, which have been reported to the HKMA.
-
Fraudulent website related to Bank of China (Hong Kong) Limited (13-January-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to a fraudulent website, which has been reported to the HKMA.
-
Security Alert (A23-01-07): Multiple Vulnerabilities in Microsoft Edge (13-January-2023)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
Fraudulent mobile applications related to Chong Hing Bank Limited (12-January-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent mobile applications (Apps), which has been reported to the HKMA.
-
High Threat Security Alert (A23-01-06): Multiple Vulnerabilities in Cisco Products (12-January-2023)
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.
-
網絡安全研討會 – 如何撰寫校本資訊保安政策 / 指引(Policy / Guideline)及 可接受使用政策(AUP)(Chinese only) (11-January-2023)
Please refer to the Chinese version.
-
Security Alert (A23-01-05): Multiple Vulnerabilities in Adobe Reader/Acrobat (11-January-2023)
Security updates are released for Adobe Reader and Acrobat to address multiple vulnerabilities.
-
Security Alert (A23-01-04): Multiple Vulnerabilities in Google Chrome (11-January-2023)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
High Threat Security Alert (A23-01-03): Multiple Vulnerabilities in Microsoft Products (January 2023) (11-January-2023)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
-
Fraudulent website related to DBS Bank (Hong Kong) Limited (10-January-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to a fraudulent website, which has been reported to the HKMA.
-
Suspicious website related to United Overseas Bank Ltd. (10-January-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by United Overseas Bank Ltd. relating to a suspicious website, which has been reported to the HKMA.
-
Phishing emails related to Tai Sang Bank Limited (9-January-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Tai Sang Bank Limited relating to phishing emails, which have been reported to the HKMA.
-
"LeaveHomeSafe" system ceased operation (8-January-2023)
The Office of the Government Chief Information Officer (OGCIO) today (January 8) announced that following the relaxation of different anti-epidemic measures, the resumption of normal travel of Hong Kong and the Mainland in a progressive, orderly and comprehensive manner, as well as the resumption of normalcy of public's daily lives, the "LeaveHomeSafe" system has ceased operation and the app will not be further updated.
-
Police hold professional training to enhance cybersecurity of critical infrastructures (6-January-2023)
The Cyber Security and Technology Crime Bureau (CSTCB) of the Hong Kong Police Force held the "Cyber Attack and Defence Elite Training (CADET) 2022/23 – Professional Series" training course at the business solution hub DIGIBox of 3 Hong Kong today (January 6), kicking off the "All-round CyberDefence" campaign held between January and March this year.
-
Unauthorised mobile application related to Chong Hing Bank Limited (6-January-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to an unauthorised mobile application (App), which has been reported to the HKMA.
-
Security Alert (A23-01-02): Multiple Vulnerabilities in Fortinet Products (4-January-2023)
Fortinet released security advisories to address multiple vulnerabilities in Fortinet products.
-
Security Alert (A23-01-01): Multiple Vulnerabilities in Android (4-January-2023)
Google has released Android Security Bulletin January 2023 to fix multiple security vulnerabilities in Android operating system.
-
Fraudulent website and phishing email related to The Hongkong and Shanghai Banking Corporation Limited (3-January-2023)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to a fraudulent website and phishing email, which have been reported to the HKMA.
-
"LeaveHomeSafe" hotline and mobile support stations to cease operation (2-January-2023)
The Office of the Government Chief Information Officer (OGCIO) today (January 2) announced that following the relaxation of different anti-epidemic measures, the "LeaveHomeSafe" telephone hotline (2626 3066) and the mobile support stations at 25 MTR stations for supporting the vaccine pass measure will cease operation from January 8 onwards.
-
Fraudulent website and internet banking login screen related to Fubon Bank (Hong Kong) Limited (30-December-2022)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Fubon Bank (Hong Kong) Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.
-
Fraudulent websites and phishing emails related to The Hongkong and Shanghai Banking Corporation Limited (30-December-2022)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to fraudulent websites and phishing emails, which have been reported to the HKMA.
-
Analysing AgentTesla Spyware (29-December-2022)
According to Israeli cyber security solution provider Check Point’s “Global Threat Impact Index” monthly report published in early November, it was reported that AgentTesla continued to be one of the “Most Wanted Malwares” affecting local organisations.
-
REO accepts PCPD's investigation report on two data breach incidents (29-December-2022)
The Registration and Electoral Office (REO) accepts the investigation report of the Privacy Commissioner for Personal Data (PCPD) issued today (December 29) on the two data breach incidents that occurred on March 23 and April 28 this year and will take the steps specified in the enforcement notice and follow up on the recommendations made in the report to forestall the recurrence of similar incidents.
-
Unauthorised mobile application related to Chong Hing Bank Limited (29-December-2022)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to an unauthorised mobile application (App), which has been reported to the HKMA.
-
High Threat Security Alert (A22-12-15): Vulnerability in Linux Operating Systems (28-December-2022)
A remote code execution vulnerability is found in the Linux kernel 5.15 through 5.19 with KSMBD enabled.
-
Privacy Commissioner’s Office Laid Charge in a Doxxing Case (23-December-2022)
The Office of the Privacy Commissioner for Personal Data (PCPD) today laid a charge against a Chinese male aged 31 (defendant) for “disclosing personal data without consent”, contrary to section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO).
-
CSO alerts public to deceptive advertisements purported to be interviews with CS (23-December-2022)
The Chief Secretary for Administration's Office (CSO) today (December 23) strongly clarified that, as regards the deceptive advertisements and webpages found on online news portals and in social media recently that carry the name and news photos of the Chief Secretary for Administration (CS), and lure users to click on for taking them to suspicious transaction platforms allegedly involving virtual currency bitcoins, the CSO has never issued or authorised such advertisements. The CS has never conducted the so-called interviews as claimed by such advertisements, and the remarks in the advertisements are all fictitious.
-
CSA HKM Knowledge Sharing Event – December 2022 (22-December-2022)
In the December event, we will hear from China based software security vendor Beijing Anpro Information Technology Co., Ltd. (北京安普諾資訊技術有限公司) on how they look at CyberSecurity and how they develop their products.
-
Beware of Phishing Campaigns During Festive Season (22-December-2022)
Attracted by the discounts on offer as well as convenience, many would choose to do their festive shopping online. However, HKCERT had recently observed a number of phishing attacks targeting online shoppers.
-
e-World Smart Tips - Defense Lines for Remote Working (21-December-2022)
- Roles and security measures to be taken by organisations (Chinese Version Only)
- Secure use of working devices when working remotely (Chinese Version Only)
- Points-to-note about remote working environment and network (Chinese Version Only)
- Good habits when working remotely (Chinese Version Only) -
Fraudulent website and phishing email related to The Hongkong and Shanghai Banking Corporation Limited (21-December-2022)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to a fraudulent website and phishing email, which have been reported to the HKMA.
-
Opening Speech by Mr Simon Siu, Chief Systems Manager (Cyber Security), at the “Hong Kong Cyber Security New Generation Capture the Flag (CTF) Challenge 2022” Webinar cum Award Presentation Ceremony (Chinese only) (19-December-2022)
Only Chinese version is available for this speech / presentation.
-
“Hong Kong Cyber Security New Generation Capture the Flag Challenge 2022” Local Cyber Security Young Talents Grow Ever Stronger as More World CTF Players Join the Battle (19-December-2022)
The Hong Kong Productivity Council (HKPC) and its Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) jointly organised the “Hong Kong Cyber Security New Generation Capture the Flag Challenge 2022” (CTF Challenge 2022), aiming to enhance the cyber security awareness of young people in Hong Kong, and groom more information security talents.
-
Hong Kong Cyber Security New Generation Capture-The-Flag Challenge 2022 Webinar and Award Presentation Ceremony (19-December-2022)
The award presentation ceremony will be held on 19 December, 2022. Apart from presenting the awards to the winners, cyber security experts will also be on hand to share their views on cyber security, and how to leverage vulnerability management solutions to improve security and security risk management. Besides, there will be a panel discussion on how the new generation can join the trade.
-
Security Alert (A22-12-14): Multiple Vulnerabilities in VMware vRealize Operations (19-December-2022)
VMware has published a security advisory to address multiple vulnerabilities in VMware vRealize Operations.
-
Security Alert (A22-12-13): Multiple Vulnerabilities in Microsoft Edge (19-December-2022)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
Fraudulent website and phishing email related to The Hongkong and Shanghai Banking Corporation Limited (16-December-2022)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to a fraudulent website and phishing email, which has been reported to the HKMA.
-
Cybersec Infohub x HKIRC Seminar: Levelling Up Cyber Security and Data Protection (16-December-2022)
In this seminar, we have invited data protection and cyber security experts to share their insights on threat trends, data security measures and guidance on using information and communication technology (ICT), and lessons learnt from data breach incidents.
-
First Sentencing Case of the New Doxxing Offence (15-December-2022)
The Shatin Magistrates’ Court earlier on 6 October 2022 convicted a 27-year old male, Mr HO Muk-wah, of seven charges of the new doxxing offence upon his guilty plea.
-
Fraudulent website related to DBS Bank (Hong Kong) Limited (15-December-2022)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to a fraudulent website, which has been reported to the HKMA.
-
How can you Safeguard Crypto-Assets? (14-December-2022)
As a continuing effort to promote the development and experience sharing of Next Generation Internet technologies and applications in Hong Kong, HKNGIS (the Hong Kong Next Generation Internet Society) is pleased to organise a technical webinar with the theme “How can you Safeguard Crypto-Assets?” to be held in the afternoon of December 14, 2022 (Wednesday) on Zoom.
-
Security Alert (A22-12-12): Multiple Vulnerabilities in Firefox (14-December-2022)
Mozilla has published the advisories (MFSA2022-51 and MFSA2022-52) to address multiple vulnerabilities in Firefox browser.
-
Security Alert (A22-12-11): Multiple Vulnerabilities in Google Chrome (14-December-2022)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
Security Alert (A22-12-10): Multiple Vulnerabilities in VMware Products (14-December-2022)
VMware has published security advisories to address multiple vulnerabilities in VMware products.
-
High Threat Security Alert (A22-12-09): Vulnerability in Citrix Products (14-December-2022)
Citrix released a security advisory to address a remote code execution vulnerability in Citrix Application Delivery Controller and Citrix Gateway.
-
High Threat Security Alert (A22-12-08): Multiple Vulnerabilities in Apple iOS and iPadOS (14-December-2022)
Apple has released iOS 15.7.2, iOS 16.2, iPadOS 15.7.2 and iPadOS 16.2 to fix the vulnerabilities in various Apple devices.
-
High Threat Security Alert (A22-12-07): Multiple Vulnerabilities in Microsoft Products(December 2022) (14-December-2022)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
-
Hongkong Post alerts public to phishing SMS messages and fraudulent websites (14-December-2022)
Hongkong Post reminds members of the public to be alert to the recent new phishing SMS messages and fraudulent websites purported to be from Hongkong Post.
-
Fraudulent website and phishing instant messages related to Hang Seng Bank, Limited (13-December-2022)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited relating to a fraudulent website and phishing instant messages, which have been reported to the HKMA.
-
High Threat Security Alert (A22-12-06): Vulnerability in Fortinet FortiOS (13-December-2022)
Fortinet released security advisory to address a remote code execution vulnerability in Fortinet FortiOS.
-
A 32-year-old Chinese Male Convicted of Online Doxxing (13-December-2022)
The West Kowloon Magistrates’ Court today convicted a 32-year old male, Mr IP Chun-hin (defendant), of two charges of the new doxxing offence.
-
Security Alert (A22-12-05): Multiple Vulnerabilities in VMware Products (12-December-2022)
VMware has published a security advisory to address multiple vulnerabilities in VMware products.
-
"Cyber Attack and Defence Elite Training 2022/23 - Youth Series" kick-off ceremony held today (10-December-2022)
The Hong Kong Police Force (HKPF) held the kick-off ceremony for the Cyber Attack and Defence Elite Training (CADET) 2022/23 - Youth Series at the Hong Kong Metropolitan University today (December 10) to launch the first large-scale cyber security promotion campaign for young people in the Guangdong-Hong Kong-Macao Greater Bay Area (Greater Bay Area), in collaboration with partners from the Mainland and Macao. Over 2 000 young people aged between 14 and 24 from Hong Kong, Guangdong and Macao participated in the kick-off ceremony.
-
Black Hat Tour – PoC Attack Against Flying Drone (9-December-2022)
The speaker of the event will be Captain Kelvin. He is an independent security researcher and a specialist in hardware analysis and digital forensics. He focuses on the drone security and forensics researches.
-
Fraudulent mobile application related to The Bank of East Asia, Limited (9-December-2022)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to a fraudulent mobile app, which has been reported to the HKMA.
-
Unauthorised mobile application related to Chong Hing Bank Limited (8-December-2022)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to an unauthorised mobile application (App), which has been reported to the HKMA.
-
A 35-year-old Chinese Female Arrested for a Suspected Doxxing Offence Relating to Emotional Dispute (8-December-2022)
The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese female aged 35 on Hong Kong Island.
-
LCQ16: Fraudulent use of credit cards for online purchases (7-December-2022)
Following is a question by the Hon Edward Leung and a written reply by the Secretary for Financial Services and the Treasury, Mr Christopher Hui, in the Legislative Council today (December 7)
-
Privacy Commissioner’s Office Laid Charges in a Doxxing Case (7-December-2022)
The Office of the Privacy Commissioner for Personal Data (PCPD) today laid a total of 14 charges against a Chinese female aged 36 (defendant) for “disclosing personal data without consent”, contrary to section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO).
-
Security Alert (A22-12-04): Multiple Vulnerabilities in Fortinet Products (7-December-2022)
Fortinet released security advisories to address multiple vulnerabilities in Fortinet products.
-
Security Alert (A22-12-03): Multiple Vulnerabilities in Android (6-December-2022)
Google has released Android Security Bulletin December 2022 to fix multiple security vulnerabilities in Android operating system.
-
High Threat Security Alert (A22-12-02): Multiple Vulnerabilities in Microsoft Edge (6-December-2022)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
e-World Smart Tips - IoT Devices Security (6-December-2022)
- Definition and risks of IoT Devices (Chinese Version Only)
- Points-to-note when purchasing and disposing of IoT devices (Chinese Version Only)
- Points-to-note when using IoT devices (i) (Chinese Version Only)
- Points-to-note when using IoT devices (ii) (Chinese Version Only)
- Securing Your Enterprise IoT Devices (Chinese Version Only) -
Phishing emails related to Mega International Commercial Bank Co., Ltd. (5-December-2022)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Mega International Commercial Bank Co., Ltd. relating to phishing emails, which have been reported to the HKMA.
-
High Threat Security Alert (A22-12-01): Vulnerability in Google Chrome (5-December-2022)
Google released a security update to address a vulnerability in Google Chrome.
-
A 59-year-old Chinese Female Arrested for a Suspected Doxxing Offence (2-December-2022)
The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese female aged 59 in New Territories North.
-
Phishing emails related to Tai Sang Bank Limited (1-December-2022)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Tai Sang Bank Limited relating to phishing emails, which have been reported to the HKMA.
-
Unauthorised website related to Chong Hing Bank Limited (1-December-2022)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to an unauthorised website, which has been reported to the HKMA.
-
Security Alert (A22-11-19): Multiple Vulnerabilities in Google Chrome (1-December-2022)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
Fraudulent website related to Bank Julius Baer & Co. Ltd. (30-November-2022)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank Julius Baer & Co. Ltd. relating to a fraudulent website, which has been reported to the HKMA.
-
Security Alert (A22-11-18): Vulnerability in VMware Tools for Windows (30-November-2022)
VMware has published a security advisory to address a vulnerability in VMware Tools for Windows.
-
High Threat Security Alert (A22-11-17): Vulnerability in Microsoft Edge (29-November-2022)
Microsoft released a security update to address a vulnerability in Microsoft Edge.
-
Fraudulent website related to OCBC Wing Hang Bank Limited (29-November-2022)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by OCBC Wing Hang Bank Limited relating to a fraudulent website, which has been reported to the HKMA.
-
High Threat Security Alert (A22-11-16): Vulnerability in Google Chrome (25-November-2022)
Google released a security update to address a vulnerability in Google Chrome.
-
PCPD's response to media enquiry on the Suspected Disclosure and Selling of Data of WhatsApp Users (Chinese version only) (25-November-2022)
This media response provides Chinese version only.
-
Fraudulent website related to OCBC Wing Hang Bank Limited (25-November-2022)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by OCBC Wing Hang Bank Limited relating to a fraudulent website, which has been reported to the HKMA.
-
Phishing instant messages related to Airstar Bank Limited (25-November-2022)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Airstar Bank Limited relating to phishing instant messages, which have been reported to the HKMA.
-
CSA HKM Knowledge Sharing Event – November 2022 (24-November-2022)
This event we will look into cloud security from an attacker's viewpoint. As we mentioned before, despite the fact that cloud environment is quite secure after many years of enhancement, attacks still happen.
-
A 48-year-old Chinese Male Arrested for a Suspected Doxxing Offence Relating to Part-time Worker Dispute (24-November-2022)
The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 48 in New Territories North. He was suspected to have disclosed the personal data of a data subject without her consent, in contravention of section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO).
-
Phishing instant messages related to Ant Bank (Hong Kong) Limited (22-November-2022)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Ant Bank (Hong Kong) Limited relating to phishing instant messages, which has been reported to the HKMA.
-
Always Keep System Security Up-to-Date to Prevent Customer Data from Becoming Phishing Feeds (18-November-2022)
Local photo printing chain, Fotomax, fell victim to a ransomware attack and malicious encryption of its database in October last year, resulting in the leakage of over 600,000 customer data, including name, gender, date of birth, phone number, email address, contact address and delivery address.
-
Fraudulent website purporting to be HKMA's official website: https://hkma-gov[dot]com (17-November-2022)
The Hong Kong Monetary Authority (HKMA) would like to alert members of the public to a fraudulent website with the domain name https://hkma-gov[dot]com/.
-
Security Alert (A22-11-15): Multiple Vulnerabilities in F5 Products (17-November-2022)
F5 has published security advisories to address multiple vulnerabilities in BIG-IP and BIG-IQ devices.
-
Security Alert (A22-11-14): Multiple Vulnerabilities in Cisco Identity Services Engine (17-November-2022)
Cisco released a security advisory to address multiple vulnerabilities in Cisco devices and software.
-
LCQ16: Online shopping (16-November-2022)
Following is a question by the Hon Chan Han-pan and a written reply by the Acting Secretary for Commerce and Economic Development, Dr Bernard Chan, in the Legislative Council today (November 16)
-
Security Alert (A22-11-13): Multiple Vulnerabilities in Firefox (16-November-2022)
Mozilla has published the advisories (MFSA2022-47 and MFSA2022-48) to address multiple vulnerabilities in Firefox browser.
-
Social Welfare Department alerts public to fraudulent emails (14-November-2022)
The Social Welfare Department (SWD) today (November 14) alerted members of the public to fraudulent emails purportedly issued by the SWD on health insurance subsidies.
-
Hong Kong Cyber Security New Generation Capture the Flag (CTF) Challenge 2022 (From 11-November-2022 to 13-November-2022)
The contest aims to strengthen the cyber security skills and awareness of the industry and students and encourage problem solving through teamwork, creative thinking and cyber security skills. The deadline for registration will be 31 October.
-
Security Alert (A22-11-12): Multiple Vulnerabilities in Microsoft Edge (11-November-2022)
Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.
-
Inland Revenue Department alerts public to fraudulent emails (11-November-2022)
The Inland Revenue Department today (November 11) alerted members of the public to fraudulent emails purportedly issued by the department, which invite recipients to claim tax refunds.
-
“HKT Hong Kong Enterprise Cyber Security Readiness Index” Surpasses 50 for the First Time Staff Security Awareness Still Requires Big Improvement (10-November-2022)
The Hong Kong Productivity Council (HKPC) released the results of the “HKT Hong Kong Enterprise Cyber Security Readiness Index 2022”, which reports an Overall Index at 53.3 (maximum being 100)
-
Unauthorised mobile application related to Chong Hing Bank Limited (10-November-2022)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to an unauthorised mobile application (App), which has been reported to the HKMA.
-
Security Alert (A22-11-11): Multiple Vulnerabilities in Cisco Products (10-November-2022)
Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software. .
-
Security Alert (A22-11-10): Multiple Vulnerabilities in Apple iOS and iPadOS (10-November-2022)
Apple has released iOS 16.1.1 and iPadOS 16.1.1 to fix the vulnerabilities in various Apple devices. .
-
Security Alert (A22-11-09): Multiple Vulnerabilities in Google Chrome (9-November-2022)
Google released a security update to address multiple vulnerabilities in Google Chrome.
-
High Threat Security Alert (A22-11-08): Multiple Vulnerabilities in VMware Workspace ONE Assist (9-November-2022)
VMware has published a security advisory to address multiple vulnerabilities in VMware Workspace ONE Assist. .
-
High Threat Security Alert (A22-11-07): Multiple Vulnerabilities in Microsoft Products (November 2022) (9-November-2022)
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.
-
Security Alert (A22-11-06): Multiple Vulnerabilities in Android (8-November-2022)
Google has released Android Security Bulletin November 2022 to fix multiple security vulnerabilities in Android operating system.
-
Fraudulent websites related to Chong Hing Bank Limited (7-November-2022)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites, which have been reported to the HKMA.
-
Fraudulent websites and internet banking login screens related to Far Eastern International Bank (7-November-2022)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Far Eastern International Bank relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.
-
Fraudulent mobile applications related to Fusion Bank Limited (7-November-2022)
The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Fusion Bank Limited relating to fraudulent mobile applications (Apps), which have been reported to the HKMA.