What's New | Cyber Security Information Portal

1. Home
2. What's New

• Event: Build a Secure Cyberspace 2020 – “Secure Use of Mobile Devices” Sticker Design Contest (From 24-August-2020 to 7-December-2020)
  

  The Contest aims to arouse the awareness of public on mobile device security and to encourage them to exercise care when using mobile devices.

• GovCERT.HK - Weekly IT Security News Bulletin (19 October 2020 – 25 October 2020) (27-October-2020)
  

  - Takedown of TrickBot
  - Telegram and email accounts hijacked in SS7 mobile attack

• Phishing Attack - Fraudulent website related to The Bank of East Asia, Limited (23-October-2020)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited on fraudulent website, which has been reported to the HKMA.

• Phishing Attack - Phishing email related to Bank of China (Hong Kong) Limited (23-October-2020)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited on phishing email, which has been reported to the HKMA.

• GovCERT.HK - Security Alert (A20-10-07): Multiple Vulnerabilities in Cisco Products (22-October-2020)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco product running Cisco FXOS Software, Cisco Adaptive Security Appliance (ASA) Software, Firepower Threat Defense (FTD) Software or Cisco Firepower Management Center (FMC) Software.

• GovCERT.HK - Security Alert (A20-10-06): Multiple Vulnerabilities in Oracle Java and Oracle Products (October 2020) (21-October-2020)
  

  Oracle has released the Critical Patch Update (CPU) Advisory with collections of patches for multiple security vulnerabilities found in Java SE and various Oracle products.

• GovCERT.HK - Security Alert (A20-10-05): Multiple Vulnerabilities in VMware Products (21-October-2020)
  

  VMware has published a security advisory to address multiple vulnerabilities in VMware products.

• GovCERT.HK - Security Alert (A20-10-04): Multiple Vulnerabilities in Firefox (21-October-2020)
  

  Mozilla has published two security advisories (MFSA 2020-45 and MFSA 2020-46) to address multiple vulnerabilities in Firefox browser.

• Doxxing Case Defendant Sentenced for Breaching Injunction Order
  Privacy Commissioner Urges the Public Not to Flout the Law (20-October-2020)
  

  In a case which involved the posting of the personal data of a police officer on a social media platform in violation of an interim injunction order granted by the High Court, the defendant was convicted of civil contempt of court yesterday (October 19) and sentenced to 28 days’ imprisonment, suspended for one year.

• GovCERT.HK - Weekly IT Security News Bulletin (12 October 2020 – 18 October 2020) (19-October-2020)
  

  - Fix the "Bad Neighbour" bug in Windows Systems
  - BleedingTooth vulnerabilities in Linux Kernel

• Phishing Attack - Fraudulent website related to DBS Bank (Hong Kong) Limited (15-October-2020)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited on fraudulent website, which has been reported to the HKMA.

• GovCERT.HK - Security Alert (A20-10-03): Vulnerability in SonicWall Products (15-October-2020)
  

  SonicWall released a security advisory to address a buffer overflow vulnerability in SonicOS which is the operating system for SonicWall firewalls.

• Phishing Attack - Fraudulent website related to Union Bancaire Privée, UBP SA (14-October-2020)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Union Bancaire Privée, UBP SA on fraudulent website, which has been reported to the HKMA.

• GovCERT.HK - Security Alert (A20-10-02): Vulnerability in Adobe Flash Player (14-October-2020)
  

  Adobe has released security updates to address a vulnerability in Adobe Flash Player.

• GovCERT.HK - High Threat Security Alert (A20-10-01): Multiple Vulnerabilities in Microsoft Products (October 2020) (14-October-2020)
  

  Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.

• HKCERT - Security Blog: Ransomware: Double Extortion Attacks Continued - Intrusion via Exploiting VPN Gateway Vulnerability (13-October-2020)
  

  During the back-to-school season, HKCERT noticed that ransomware attacks have been targeting educational institutions all over the world while the trend of double extortion attacks continued. Related ransomware, such as Maze and Netwalker, were also very active. Users must stay vigilant.

• Phishing Attack - Suspicious mobile applications related to Fusion Bank Limited (12-October-2020)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Fusion Bank Limited on suspicious mobile applications (Apps), which has been reported to the HKMA.

• GovCERT.HK - Weekly IT Security News Bulletin (5 October 2020 – 11 October 2020) (12-October-2020)
  

  - Vulnerabilities found in anti-malware tools
  - TV remote as a spying device

• Phishing Attack - Suspicious mobile application related to Livi Bank Limited (8-October-2020)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Livi Bank Limited on suspicious mobile application (App), which has been reported to the HKMA.

• Phishing Attack - Phishing email related to The Bank of East Asia, Limited (8-October-2020)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited on phishing email, which has been reported to the HKMA.

• Phishing Attack - Fraudulent website related to DBS Bank (Hong Kong) Limited (6-October-2020)
  

  he Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited on fraudulent website, which has been reported to the HKMA.

• Phishing Attack - Suspicious mobile applications related to Airstar Bank Limited (5-October-2020)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Airstar Bank Limited on suspicious mobile applications (Apps), which has been reported to the HKMA.

• GovCERT.HK - Weekly IT Security News Bulletin (28 September 2020 – 4 October 2020) (5-October-2020)
  

  - Phishing pages with CAPTCHAs
  - Be aware of cryptojacking

• GovCERT.HK - Security Alert (A20-09-08): Multiple Vulnerabilities in FortiGate and FortiOS (28-September-2020)
  

  FortiNet released security advisories to address multiple vulnerabilities in FortiGate and FortiOS software.

• GovCERT.HK - Weekly IT Security News Bulletin (21 September 2020 – 27 September 2020) (28-September-2020)
  

  - Critical vulnerability in Windows Netlogon Remote Protocol
  - Defending against fileless malware
  - Security issues related to QR codes

• Phishing Attack - Fraudulent website related to Airstar Bank Limited (25-September-2020)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Airstar Bank Limited on fraudulent website, which has been reported to the HKMA.

• GovCERT.HK - Security Alert (A20-09-07): Multiple Vulnerabilities in Cisco Products (25-September-2020)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco products running Cisco IOS and IOS XE.

• e-World Smart Tips - Use IoT Devices Securely (1-September-2020)
  

  - Points-to-note before using IoT devices
  - Keep the software and firmware updated
  - Use IoT devices carefully
  - Configure security settings for home router
  - Disable remote administration features of home router

• e-World Smart Tips - Best Practices for Data Protection (1-August-2020)
  

  - Protect Your Personal and Sensitive Information
  - Safe Use of Portable Devices
  - Cloud Storage Security
  - Using Instant Messaging Safely

• Resource Centre - Leaflet on "Information Security Guide for Small Businesses – Security Tips for Remote Working" (7-June-2020)
  

  Leaflet on "Information Security Guide for Small Businesses – Security Tips for Remote Working" is now available at the Resource Centre

• Learning Centre - Guide on Secure Video Conferencing (4-May-2020)
  

  Video conferencing (VC) is becoming an effective way of communication for remote working and for users at different locations to conduct real-time communications.

• Resource Centre - Infographics on "Security Tips on Working from Home" (1-April-2020)
  

  Infographics on “Security Tips on Working from Home” is now available at the Resource Centre

• Learning Centre - Security of Working from Home (7-April-2020)
  

  In view of the recent outbreak of coronavirus, many organisations have arranged for their employees to work from home to achieve social distancing...

• Resource Centre - Leaflet on "Information Security Guide for Small Businesses – Security Tips for e-Commerce" (1-March-2020)
  

  Leaflet on "Information Security Guide for Small Businesses – Security Tips for e-Commerce"

• Resource Centre - Infographics on "Smart Tips on Mobile Payment" (1-February-2020)
  

  Infographics on "Smart Tips on Mobile Payment" is now available at the Resource Centre

• Expert Corner - Attacker is now able to bypass 2FA – how to prevent (20-December-2019)
  

  2-Factor Authentication (2FA) has been rolled out in many organizations as their baseline security and is one of the items in top of mind in many CISO.

• Expert Corner - Password Choices (Chinese Version Only) (29-March-2020)
  

  每個人都有「不能說的密碼」，無論是網上銀行、購物還是社交媒體平台，現代人的生活與密碼不可分離...

• Alliance
• About Us
• Site Map
• Important Notices
• Privacy Policy
• Contact Us

Copyright © 2014 Office of the Government Chief Information Officer. All rights reserved.
Last update / review: October 2020