What's New | Cyber Security Information Portal

1. Home
2. What's New

• BugHunting Campaign 2025 (From 9-June-2025 to 31-August-2025)
  

  Cyber Security and Technology Crime Bureau of the Hong Kong Police Force joins hands with the Office of the Privacy Commissioner for Personal Data and a crowdsourced cybersecurity company, Cyberbay, to hold the third annual “BugHunting Campaign” between June and August 2025, aiming to equip small and medium-sized enterprises (SMEs) with enhanced cybersecurity protection and bolster Hong Kong’s overall cybersecurity.

• Cyber Security Staff Awareness Recognition Scheme (From 6-May-2025 to 15-August-2025)
  

  The Cyber Security Staff Awareness Recognition Scheme (the Scheme), co-organised by HKIRC and ISACA, was launched in 2024 to recognise organisations for their commitment to strengthening cyber security and enhancing staff awareness. We are delighted to announce that applications are now open for the upcoming round of the Scheme for 2025.

• HKCNSA Symposium 2025 (26-June-2025)
  

  The HKCNSA Symposium 2025 aims to cover important developments in global AI governance, focusing on what they mean for Hong Kong market. 

• Cybersecurity Service Provider Connect Programme - Recruitment Briefing Webinar for Cybersecurity Service Providers (25-June-2025)
  

  To strengthen collaboration between cybersecurity service providers and local enterprises, Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) will soon launch the “Cybersecurity Service Provider Connect Programme”.

• PISA Jam 2025 (21-June-2025)
  

  This conference brings together industry leaders, experts, and practitioners to explore the evolving landscape of cyber security. Participants will engage in discussions on the latest challenges posed by cyber threats, the impact of new regulations and standards, and the role of emerging technologies in safeguarding information.

• PCPD + HKPC Data Security Training Series for SMEs - Seminar on “Understanding Data Security and Privacy Risks Related to AI for SMEs” (13-June-2025)
  

  This seminar will explore the application of AI technology by SMEs in businesses and the data security and personal data privacy risks involved.

• Transport Department alerts public to fraudulent websites purported to be from HKeToll (13-June-2025)
  

  The Transport Department (TD) today (June 13) alerted members of the public to fraudulent website addresses that pretend to be the HKeToll (see the HKeToll website for details) and seek to deceive users into making payments and obtaining their credit card information.

• Scam alert related to banks (13-June-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to the press releases issued by the banks listed below relating to fraudulent websites, internet banking login screens, phishing emails or other scams, which have been reported to the HKMA.

• Scam alert related to banks (12-June-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to the press releases issued by the banks listed below relating to fraudulent websites, internet banking login screens, phishing emails or other scams, which have been reported to the HKMA.

• Security Alert (A25-06-10): Multiple Vulnerabilities in Fortinet Products (11-June-2025)
  

  Fortinet released security advisories to address multiple vulnerabilities in Fortinet systems.

• Security Alert (A25-06-09): Multiple Vulnerabilities in Google Chrome (11-June-2025)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Security Alert (A25-06-08): Multiple Vulnerabilities in Firefox (11-June-2025)
  

  Mozilla has published the advisory (MFSA2025-47) to address multiple vulnerabilities in Firefox browser.

• Security Alert (A25-06-07): Multiple Vulnerabilities in Adobe Reader/Acrobat (11-June-2025)
  

  Patches are released for Adobe Reader and Acrobat to address multiple vulnerabilities.

• High Threat Security Alert (A25-06-06): Multiple Vulnerabilities in Microsoft Products (June 2025) (11-June-2025)
  

  Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.

• Government urges public to be wary of fraudulent advertisements on Voluntary Health Insurance Scheme (11-June-2025)
  

  The Voluntary Health Insurance Scheme (VHIS) Office of the Health Bureau today (June 11) reminds the public to stay vigilant against fraudulent VHIS advertisements to safeguard their personal interests.

• LCQ17: Combat fraudulent calls and SMS messages (11-June-2025)
  

  Following is a question by the Hon Kingsley Wong and a written reply by the Secretary for Security, Mr Tang Ping-keung, in the Legislative Council today (June 11).

• A Debt Collection Agency Convicted of Direct Marketing Offences Privacy Commissioner Welcomes the Court’s Ruling (11-June-2025)
  

  The West Kowloon Magistrates’ Court today convicted Credit Base (HK) Limited (the Company) of two charges of direct marketing offences under the Personal Data (Privacy) Ordinance (PDPO).

• Scam alert related to banks (10-June-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to the press releases issued by the banks listed below relating to fraudulent websites, internet banking login screens, phishing emails or other scams, which have been reported to the HKMA.

• Security Alert (A25-06-05): Multiple Vulnerabilities in QNAP Products (9-June-2025)
  

  QNAP has published security advisories to address multiple vulnerabilities in QNAP products.

• Inland Revenue Department alerts public to fraudulent SMS messages (9-June-2025)
  

  The Inland Revenue Department (IRD) today (June 9) alerted members of the public to fraudulent SMS messages purportedly issued by the IRD, which invite recipients to claim profits tax subsidy via a hyperlink provided.

• Scam alert related to banks (9-June-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to the press releases issued by the banks listed below relating to fraudulent websites, internet banking login screens, phishing emails or other scams, which have been reported to the HKMA.

• BugHunting Campaign 2025 opens for applications (with photo) (9-June-2025)
  

  Jointly organised by the Hong Kong Police Force, the Office of the Privacy Commissioner for Personal Data, and Cyberbay, a local crowdsourced cybersecurity company, the BugHunting Campaign 2025 is officially open for registration for small and medium-sized enterprises (SMEs) starting today (June 9).

• “AI Security Matters for All” Privacy Commissioner’s Office Launches a Series of Promotional and Educational Activities to Promote AI Security in Privacy Awareness Week 2025 (9-June-2025)
  

  To enhance the awareness of the public and organisations to artificial intelligence (AI) security, the PCPD will launch a series of promotional and educational activities under the theme of “AI Security Matters for All”. These activities include the running of thematic trams for roving promotion, a newly launched “AI Security” thematic website, and a series of thematic seminars, all aimed at reminding all sectors of the society to safeguard personal data privacy when using AI. 

• Promoting AI Security — Privacy Commissioner Publishes “Hong Kong Letter” (9-June-2025)
  

  The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, published a “Hong Kong Letter” on RTHK Radio 1 on 7 June 2025 to elaborate on the importance of organisations formulating internal policies or guidelines on artificial intelligence (AI). 

• HKPF holds "The Little Grape's 5th Anti-Scam Birthday Party" to promote scam prevention messages (with photos) (8-June-2025)
  

  The Hong Kong Police Force held "The Little Grape's 5th Anti-Scam Birthday Party" today (June 8) at Harcourt Garden in Admiralty to celebrate the 5th anniversary of the anti-scam mascot, "The Little Grape". Through interactive games and fun challenges, the event aimed to boost public awareness of scam prevention.

• Embracing the e+ Internet Generation Parent Seminar (5): Unlocking e-Book Treasures × Navigating Online Friendships with Caution (7-June-2025)
  

  The Education Bureau, Hong Kong Education City, and the Committee on Home-School Co-operation will co-organise the “Embracing the e+ Internet Generation Parent Seminar (5): Unlocking e-Book Treasures × Navigating Online Friendships with Caution”. Registered social workers from Hong Kong Playground Association will analyse authentic cases to help parents understand potential risks in their children’s online friendships, along with preventive measures and response strategies.

• Scam alert related to banks (6-June-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to the press releases issued by the banks listed below relating to fraudulent websites, internet banking login screens, phishing emails or other scams, which have been reported to the HKMA.

• Security Alert (A25-06-04): Multiple Vulnerabilities in Cisco Products (5-June-2025)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

• Scam alert related to banks (5-June-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to the press releases issued by the banks listed below relating to fraudulent websites, internet banking login screens, phishing emails or other scams, which have been reported to the HKMA.

• Beware of counterfeit mobile apps purporting to be made by Guangdong-Hong Kong-Macao Greater Bay Area Development Office (5-June-2025)
  

  The Guangdong-Hong Kong-Macao Greater Bay Area Development Office of the Constitutional and Mainland Affairs Bureau today (June 5) again appealed to members of the public for heightened vigilance against counterfeit mobile apps purporting to be made by the Office.

• High Threat Security Alert (A25-06-03): Multiple Vulnerabilities in Microsoft Edge (4-June-2025)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Scam alert related to banks (4-June-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to the press releases issued by the banks listed below relating to fraudulent websites, internet banking login screens, phishing emails or other scams, which have been reported to the HKMA.

• Security Alert (A25-06-02): Multiple Vulnerabilities in Android (3-June-2025)
  

  Google has released Android Security Bulletin June 2025 to fix multiple security vulnerabilities in Android operating system

• High Threat Security Alert (A25-06-01): Multiple Vulnerabilities in Google Chrome (3-June-2025)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Scam alert related to banks (3-June-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to the press releases issued by the banks listed below relating to fraudulent websites, internet banking login screens, phishing emails or other scams, which have been reported to the HKMA.

• A 23-year-old Female Arrested for Suspected Doxxing of Ex-boyfriend Arising from Relationship Entanglements (3-June-2025)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese female aged 23 in the New Territories. The arrested person was suspected to have disclosed the personal data of her ex-boyfriend without his consent, in contravention of section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO).

• Promoting AI Security – Privacy Commissioner Speaks at the Hong Kong AI Governance Conference (2-June-2025)
  

  The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, attended the Hong Kong AI Governance Conference themed “Shaping the Future of Responsible GenAI in Hong Kong” on 30 May 2025 and delivered a keynote speech titled “New Horizons of Privacy Protection in the Era of GenAI”.

• HKCS x ISACA Seminar: Beyond Compliance – Opportunities ahead with the new Critical Infrastructure Protection Ordinance (30-May-2025)
  

  Organised by the Hong Kong Computer Society (HKCS), the Information Systems Audit and Control Association (ISACA) China Hong Kong Chapter, and City University of Hong Kong. It aims to explore the exciting opportunities that lie ahead for Hong Kong following the passage of the Protection of Critical Infrastructure (Computer Systems) Ordinance by the Legislative Council on 19 March 2025.

• Security Alert (A25-05-21): Multiple Vulnerabilities in Microsoft Edge (30-May-2025)
  

  Microsoft released a security update to address vulnerabilities in Microsoft Edge.

• Security Alert (A25-05-20): Vulnerability in Apache Tomcat (30-May-2025)
  

  The Apache Software Foundation released security updates to address the vulnerability in the Apache Tomcat.

• HKMA warns public of fraudulent social media accounts impersonating HKMA Chief Executive (30-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) today (May 30) urged members of the public to be vigilant against fraudulent social media accounts impersonating the Chief Executive of the HKMA, Mr Eddie Yue.

• Hong Kong Security Watch Report (Q1 2025) (29-May-2025)
  

  The Hong Kong Security Watch Report aims to raise public awareness of the problem of compromised systems in Hong Kong, enabling them to make better decision in information security. The data in this quarterly report focuses on the activities of compromised systems in Hong Kong which suffer from, or have participated in various types of cyber-attacks, including web defacement, phishing and botnets. “Computers in Hong Kong” refer to those whose network geolocation is Hong Kong, or the top-level domain of their host name is “.hk”. Also, this report will review major security incidents and explore hot security topics with easy-to-adopt security advice with an aim to improve public’s information security posture and enhance their security resilience capabilities.

• HKMA and HKUST sign MoU to advance cybersecurity innovation for Hong Kong's financial sector (with photo) (29-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) and the School of Business and Management of the Hong Kong University of Science and Technology (HKUST Business School) today (May 29) announced the signing of a Memorandum of Understanding (MoU) to strengthen collaboration in applied cybersecurity research tailored to the needs of Hong Kong's financial sector.

• Security Alert (A25-05-19): Multiple Vulnerabilities in Google Chrome (28-May-2025)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Security Alert (A25-05-18): Multiple Vulnerabilities in Firefox (28-May-2025)
  

  Mozilla has published the advisories (MFSA2025-42, MFSA2025-43, and MFSA2025-44) to address multiple vulnerabilities in Firefox browser

• Fraudulent website and internet banking login screen related to Chong Hing Bank Limited (28-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to The Bank of East Asia, Limited (28-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Shanghai Commercial Bank Limited (28-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to China Construction Bank (Asia) Corporation Limited (28-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Construction Bank (Asia) Corporation Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Shanghai Commercial Bank Limited (27-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent social media account related to Bank of Singapore Limited (27-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited relating to a fraudulent social media account, which has been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Chong Hing Bank Limited (27-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (27-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• HKPF and DPO jointly organise 9th Inter-departmental Cyber Security Drill to enhance ability of government departments to counter cyber attacks (with photos) (26-May-2025)
  

  The Cyber Security and Technology Crime Bureau of the Hong Kong Police Force (HKPF) and the Government Computer Emergency Response Team Hong Kong (GovCERT.HK) under the Digital Policy Office (DPO) jointly held the 9th Inter-departmental Cyber Security Drill today (May 26) to further enhance the overall defensive capabilities of government departments against cyber attacks.

• Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (26-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Shanghai Commercial Bank Limited (26-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to China Construction Bank (Asia) Corporation Limited (26-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Construction Bank (Asia) Corporation Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to The Hongkong and Shanghai Banking Corporation Limited (26-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Chong Hing Bank Limited (26-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Standard Chartered Bank (Hong Kong) Limited (26-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Standard Chartered Bank (Hong Kong) Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• HKCNSA 2025 HONG KONG CIO LUNCHEON 2.0 (23-May-2025)
  

  This event will gather top experts from government, industry, and academia to share the latest cybersecurity trends and technologies in cybersecurity, focusing on Hong Kong's critical infrastructure. These talks will offer valuable insights and practical advice to enhance business defenses and tackle current and future challenges.

• Build a Secure Cyberspace 2025 - “Let's Secure as we Digitalise” Webinar (23-May-2025)
  

  The Digital Policy Office (DPO), the Cyber Security and Technology Crime Bureau (CSTCB) of the Hong Kong Police Force (HKPF) and the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) co-organise the “Let’s Secure as we Digitalise” webinar, in which cybersecurity experts will share the latest information, existing risks, as well as cybersecurity measures that can be adopted in the cyberworld. Through these sharings, this webinar aims to enhance the public's ability to recognise online traps and learn more about techniques for fraud prevention.

• Transport Department alerts public to fraudulent websites purported to be from HKeToll (23-May-2025)
  

  The Transport Department (TD) today (May 23) alerted members of the public to fraudulent website addresses that pretend to be the HKeToll (see the HKeToll website for details) and seek to deceive users into making payments and obtaining their credit card information.

• Presentation by Mr Brian Sun, Assistant Commissioner (Data Applications), at the “12th CIO Innovation Forum Hong Kong 2025” (with photos) (22-May-2025)
  

  Mr Brian Sun, Assistant Commissioner (Data Applications), delivered a presentation at the “12th CIO Innovation Forum Hong Kong 2025”.

• Security Alert (A25-05-17): Multiple Vulnerabilities in Cisco Products (22-May-2025)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

• Security Alert (A25-05-16): Multiple Vulnerabilities in Google Chrome (22-May-2025)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Fraudulent website and internet banking login screen related to Chong Hing Bank Limited (22-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Promoting AI Security – Privacy Commissioner Publishes an Article entitled “Companies must take the initiative on safe AI practices” and Interviewed by Media (22-May-2025)
  

  The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, published an article entitled “Companies must take the initiative on safe AI practices”.

• Fraudulent website and internet banking login screen related to Fubon Bank (Hong Kong) Limited (20-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Fubon Bank (Hong Kong) Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Dah Sing Bank, Limited (20-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Dah Sing Bank, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (20-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Chong Hing Bank Limited (20-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Shanghai Commercial Bank Limited (20-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• A 46-year-old Female Arrested for Suspected Doxxing Arising from Monetary Disputes (20-May-2025)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) today  arrested a Chinese female aged  46  in Kowloon.

• Security Alert (A25-05-15): Multiple Vulnerabilities in Firefox (19-May-2025)
  

  Mozilla has published the advisories (MFSA2025-36, MFSA2025-37 and MFSA2025-38) to address multiple vulnerabilities in Firefox browser.

• 財經事務及庫務局副局長在立法會Web3及虛擬資產發展事宜小組委員會會議就對虛擬資產投資者及使用者的保障開場發言全文 (Chinese only) (19-May-2025)
  

  以下是財經事務及庫務局副局長陳浩濂今日（五月十九日）在立法會Web3及虛擬資產發展事宜小組委員會會議就對虛擬資產投資者及使用者的保障的開場發言全文。 (Chinese only)

• Fraudulent websites and internet banking login screens related to Chong Hing Bank Limited (19-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (19-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Shanghai Commercial Bank Limited (19-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Privacy Commissioner’s Office Urges Caution against Fake Neighbour Scams (19-May-2025)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) has noted the emergence of a new type of fraudulent trick. Residents in different housing estates across Hong Kong have received SMS messages purporting to be from their neighbours, complaining about issues such as water seepage or noise, and asking the residents to contact them via instant messaging applications. Subsequent verifications by estate management offices confirmed these messages to be fraudulent.

• Build a Secure Cyberspace 2025 - “Let's Secure as we Digitalise” Instant Messaging Apps Stickers Design Contest (From 19-March-2025 to 18-May-2025)
  

  The Contest aims to allow participants to understand the importance of cybersecurity through a fun and interactive way and to further raise public awareness of cybersecurity, hoping that a collaborative platform can be built to strengthen the city's ability to combat cyberattacks.

• 香港人工智能發展大棋盤 (Chinese Only) (17-May-2025)
  

  人工智能不只是引領新一輪科技革命和產業變革的戰略性技術，更將成為國力的重要體現。 (Chinese Only)

• Security Alert (A25-05-14): Vulnerability in SonicWall SMA1000 Series Products (16-May-2025)
  

  SonicWall released a security advisory to address vulnerability in SonicWall SMA1000 Series products.

• High Threat Security Alert (A25-05-13): Multiple Vulnerabilities in Ivanti Endpoint Manager Mobile (16-May-2025)
  

  Ivanti has released security advisory to address multiple vulnerabilities in Ivanti Endpoint Manager Mobile.

• High Threat Security Alert (A25-05-12): Multiple Vulnerabilities in Microsoft Edge (16-May-2025)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Cybersecurity & Diverse Innovation Symposium 2025 successfully concludes (with photos) (16-May-2025)
  

  Jointly organised by the Cyber Security and Technology Crime Bureau of the Hong Kong Police Force (HKPF) and the Digital Policy Office (DPO), the Cybersecurity & Diverse Innovation Symposium 2025 was held today (May 16) at the Hong Kong Convention and Exhibition Centre. The Symposium explored various topics, including the latest cybersecurity challenges, cross-sector collaboration, and innovation-driven defense strategies.

• Fraudulent website and internet banking login screen related to Shanghai Commercial Bank Limited (16-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• The Treasury alerts public to fraudulent SMS messages (16-May-2025)
  

  The Treasury today (May 16) alerted members of the public to fraudulent SMS messages purportedly issued by the Treasury, which ask recipients to pay a fixed penalty offence via a hyperlink provided.

• Fraudulent website and internet banking login screen related to The Bank of East Asia, Limited (16-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Chong Hing Bank Limited (16-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Cybersecurity & Diverse Innovation Symposium 2025 (16-May-2025)
  

  The Cybersecurity & Diverse Innovation Symposium 2025, jointly organised by the Digital Policy Office (DPO) and the Cyber Security and Technology Crime Bureau (CSTCB) of the Hong Kong Police Force (HKPF), will bring together cybersecurity professionals, industry leaders, and public sector representatives to explore the evolving landscape of cybersecurity, emerging technologies, and collaborative strategies for digital resilience.  The symposium features keynote sessions, panel discussions and solution showcases on areas including cyber threats and innovation development, industry collaboration and ecological security, and technology-driven resilience building and AI governance. 

• High Threat Security Alert (A25-05-11): Multiple Vulnerabilities in Google Chrome (15-May-2025)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Fraudulent social media account related to Bank of Singapore Limited (15-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited relating to a fraudulent social media account, which has been reported to the HKMA.

• Fraudulent website and internet banking login screen related to The Bank of East Asia, Limited (15-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Shanghai Commercial Bank Limited (15-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Speech by Ir Tony Wong, JP, Commissioner for Digital Policy, at the “AI x Cybersecurity Forum” (with photos) (Chinese only) (14-May-2025)
  

  Only Chinese version is available for this speech / presentation.

• Promoting AI Security – Privacy Commissioner Publishes an Article on Hong Kong Lawyer (14-May-2025)
  

  The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, published an article titled “Fostering AI Security: The New Checklist on Guidelines for the Use of Generative AI by Employees” on Hong Kong Lawyer.

• High Threat Security Alert (A25-05-10): Multiple Vulnerabilities in Fortinet Products (14-May-2025)
  

  Fortinet released security advisories to address multiple vulnerabilities in Fortinet systems.

• High Threat Security Alert (A25-05-09): Multiple Vulnerabilities in Microsoft Products (May 2025) (14-May-2025)
  

  Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.

• Security Alert (A25-05-08): Multiple Vulnerabilities in Apple Products (13-May-2025)
  

  Apple has released iOS 18.5, iPadOS 18.5, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6 and Safari 18.5 to fix the multiple vulnerabilities in various Apple devices.

• Fraudulent websites and internet banking login screens related to DBS Bank (Hong Kong) Limited (13-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Investigation results of suspected intrusion into outsourced network system of operator of Kwai Tsing District Health Centre announced (12-May-2025)
  

  The Primary Healthcare Commission (PHC Commission) under the Health Bureau announced today (May 12) that, upon the investigation conducted by an independent cybersecurity expert commissioned by the Kwai Tsing Safe Community and Healthy City Association (KTSCHCA), the operator of the Kwai Tsing District Health Centre (Kwai Tsing DHC), it has been confirmed that there was no leakage of members' data in the suspected intrusion incident involving the outsourced network system of the KTSCHCA on April 27.

• CSA HKM Knowledge Sharing Event – May 2025 (9-May-2025)
  

  To help enterprise development and security teams understand what they are up against, we will dive into some of the fastest growing, and most damaging, types of software supply chain attacks. We will present practical measures that enterprises can take to protect themselves against each of these specific attack vectors, and conclude with a holistic approach that enterprises can take to achieve comprehensive software supply chain security.

• Security Alert (A25-05-07): Vulnerability in Microsoft Edge (9-May-2025)
  

  Microsoft released a security update to address a vulnerability in Microsoft Edge.

• Security Alert (A25-05-06): Multiple Vulnerabilities in Cisco Products (9-May-2025)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

• Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (9-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Shanghai Commercial Bank Limited (9-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Chong Hing Bank Limited (9-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to The Hongkong and Shanghai Banking Corporation Limited (9-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Security Alert (A25-05-05): Multiple Vulnerabilities in SonicWall SMA100 Series Products (8-May-2025)
  

  SonicWall released a security advisory to address multiple vulnerabilities in SonicWall SMA100 Series products.

• Fraudulent website and internet banking login screen related to DBS Bank (Hong Kong) Limited (8-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (8-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Shanghai Commercial Bank Limited (8-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to fraudulent websites and an internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Chong Hing Bank Limited (8-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• The Privacy Commissioner’s Office has Completed Compliance Checks on 60 Organisations to Ensure AI Security (8-May-2025)
  

  To understand the usage of AI in Hong Kong and its impact on personal data privacy, the Office of the Privacy Commissioner for Personal Data (PCPD) carried out compliance checks on 28 local organisations from August 2023 to February 2024 and provided practical recommendations to organisations which developed or used AI.

• Security Alert (A25-05-04): Vulnerability in Google Chrome (7-May-2025)
  

  Google released a security update to address a vulnerability in Google Chrome.

• Fraudulent websites related to Octopus Cards Limited (7-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Octopus Cards Limited relating to fraudulent websites. The relevant stored value facility (SVF) licensee has reported the case to the HKMA.

• Fraudulent website and internet banking login screen related to Shanghai Commercial Bank Limited (7-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Chong Hing Bank Limited (7-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to The Bank of East Asia, Limited (7-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• LCQ7: Combating phishing (7-May-2025)
  

  Following is a question by the Hon Chan Kin-por and a written reply by the Secretary for Security, Mr Tang Ping-keung, in the Legislative Council today (May 7).

• Security Alert (A25-05-03): Multiple Vulnerabilities in Microsoft Edge (6-May-2025)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge

• Security Alert (A25-05-02): Multiple Vulnerabilities in Android (6-May-2025)
  

  Google has released Android Security Bulletin May 2025 to fix multiple security vulnerabilities in Android operating system.

• Phishing instant messages related to Industrial and Commercial Bank of China (Asia) Limited (6-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Industrial and Commercial Bank of China (Asia) Limited relating to phishing instant messages, which have been reported to the HKMA.

• 保安局局長在立法會保安事務委員會就設立落實《保障關鍵基礎設施（電腦系統）條例》專責辦公室首長級職位的建議開場發言 (Chinese only) (6-May-2025)
  

  以下是保安局局長鄧炳強今日（五月六日）出席立法會保安事務委員會就設立落實《保障關鍵基礎設施（電腦系統）條例》專責辦公室首長級職位的建議的開場發言。 (Chinese only)

• Security Alert (A25-05-01): Vulnerability in SonicWall SMA1000 Series Products (2-May-2025)
  

  SonicWall released a security advisory to address vulnerability in SonicWall SMA1000 Series products.

• Transport Department alerts public to fraudulent websites purported to be from HKeToll (2-May-2025)
  

  The Transport Department (TD) today (May 2) alerted members of the public to fraudulent website addresses that pretend to be the HKeToll (see the HKeToll website for details) and seek to deceive users into making payments and obtaining their credit card information.

• Fraudulent websites and internet banking login screens related to DBS Bank (Hong Kong) Limited (2-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Bank of China (Hong Kong) Limited (2-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent website related to Bank Julius Baer & Co. Ltd. (2-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank Julius Baer & Co. Ltd. relating to a fraudulent website, which has been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (2-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Chong Hing Bank Limited (2-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Shanghai Commercial Bank Limited (2-May-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Security Alert (A25-04-26): Multiple Vulnerabilities in Firefox (30-April-2025)
  

  Mozilla has published the advisories (MFSA2025-28, MFSA2025-29, and MFSA2025-30) to address multiple vulnerabilities in Firefox browser.

• Security Alert (A25-04-25): Multiple Vulnerabilities in Google Chrome (30-April-2025)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Fraudulent websites and internet banking login screens related to The Hongkong and Shanghai Banking Corporation Limited (30-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Phishing instant messages related to Industrial and Commercial Bank of China (Asia) Limited (30-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Industrial and Commercial Bank of China (Asia) Limited relating to phishing instant messages, which have been reported to the HKMA.

• Security Alert (A25-04-24): Multiple Vulnerabilities in Apache Tomcat (29-April-2025)
  

  The Apache Software Foundation released security updates to address the vulnerabilities in the Apache Tomcat.

• Primary Healthcare Commission announces suspected intrusion into outsourced network system of operator of Kwai Tsing District Health Centre (29-April-2025)
  

  The Primary Healthcare Commission (PHC Commission) under the Health Bureau announced yesterday (April 29) that the PHC Commission received notification from the Kwai Tsing Safe Community and Healthy City Association (KTSCHCA), the operator of the Kwai Tsing District Health Centre (Kwai Tsing DHC), on April 28 on suspected hacking of its outsourced service provider's network system, resulting in possible leakage of members' data.

• Fraudulent websites and internet banking login screens related to Dah Sing Bank, Limited (29-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Dah Sing Bank, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Presentation by Mr Donald Mak, Deputy Commissioner (Data Governance), at the “iAM Smart and Digital Corporation Identity Summit – Future-Proof Your Business: Seamless Security in the Age of Digital Trust” (with photo) (28-April-2025)
  

  Mr Donald Mak, Deputy Commissioner (Data Governance), delivered a keynote address at the “iAM Smart and Digital Corporation Identity Summit – Future-Proof Your Business: Seamless Security in the Age of Digital Trust”.

• Fraudulent website and internet banking login screen related to Chong Hing Bank Limited (28-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website and phishing instant messages related to DBS Bank (Hong Kong) Limited (28-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to a fraudulent website and phishing instant messages, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Fubon Bank (Hong Kong) Limited (28-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Fubon Bank (Hong Kong) Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Promoting AI Safety – Privacy Commissioner’s Office Organises a Seminar on “Good Practices in Privacy Protection in the Use of AI” (28-April-2025)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) organised a seminar on “Good Practices in Privacy Protection in the Use of AI” in hybrid mode on 24 April, which attracted about 300 participants.

• The Road to CSA Summit (From 9-April-2025 to 26-April-2025)
  

  Driven by CSA’s Research working groups, this thought leadership webinar series is designed to help organizations address today’s cloud security priorities, one crucial topic at a time.

• Phishing emails related to Tai Sang Bank Limited (25-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Tai Sang Bank Limited relating to phishing emails, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Chong Hing Bank Limited (25-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Shanghai Commercial Bank Limited (25-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Security Alert (A25-04-23): Vulnerability in SonicWall Products (24-April-2025)
  

  SonicWall released a security advisory to address a vulnerability in SonicWall systems.

• Man involved in fraudulent online money changer page convicted of money laundering (24-April-2025)
  

  A man was sentenced to respective nine-month and 54-month imprisonment terms today (April 24) at the District Court after two earlier convictions for providing his personal bank account details and log-in credentials to unknown individuals in exchange for a monetary reward, laundering a total of about $10 million, in contravention of "dealing with property known or believed to represent proceeds of indictable offence" (commonly known as money laundering) under the Organized and Serious Crimes Ordinance (OSCO). The sentences will be run concurrently.

• Fraudulent websites and internet banking login screens related to Dah Sing Bank, Limited (24-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Dah Sing Bank, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites related to Alipay Financial Services (HK) Limited (24-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Alipay Financial Services (HK) Limited relating to fraudulent websites.

• Fraudulent websites and internet banking login screens related to Chong Hing Bank Limited (24-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• High Threat Security Alert (A25-04-22): Vulnerability in Erlang/OTP (23-April-2025)
  

  Erlang has released a security advisory to address a vulnerability in Erlang/OTP.

• Transport Department alerts public to fraudulent websites purported to be from AlipayHK about Public Transport Fare Subsidy Scheme (23-April-2025)
  

  The Transport Department (TD) today (April 23) alerted members of the public to fraudulent website addresses (http[:]//alipaiyhk[.]online/hk/Login.html, https[:]//fet-woxx[.]online/hk) that pretend to be the Public Transport Fare Subsidy Scheme (PTFSS) and seek to deceive users of AlipayHK under the PTFSS into providing their personal information including mobile phone number and credit card account.

• Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (23-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Shanghai Commercial Bank Limited (23-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent website and social media account related to Dah Sing Bank, Limited (23-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Dah Sing Bank, Limited relating to a fraudulent website and a social media account, which have been reported to the HKMA.

• Security Alert (A25-04-21): Multiple Vulnerabilities in Cisco Products (22-April-2025)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

• Security Alert (A25-04-20): Multiple Vulnerabilities in Microsoft Edge (22-April-2025)
  

  Microsoft released a security update to address vulnerabilities in Microsoft Edge.

• High Threat Security Alert (A25-04-19): Vulnerability in SonicWall SMA 100 Series Products (22-April-2025)
  

  SonicWall released a security advisory to address vulnerability in SMA 100 series products.

• Security Alert (A25-04-18): Vulnerability in SonicWall Connect Tunnel Windows Client (22-April-2025)
  

  SonicWall released a security advisory to address a vulnerability in Connect Tunnel Windows Client.

• Security Alert (A25-04-17): Multiple Vulnerabilities in Cisco Products (22-April-2025)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

• High Threat Security Alert (A25-04-16): Multiple Vulnerabilities in Apple Products (22-April-2025)
  

  Apple has released iOS 18.4.1, iPadOS 18.4.1, macOS Sequoia 15.4.1, tvOS 18.4.1 and visionOS 2.4.1 to fix the multiple vulnerabilities in various Apple devices.

• Fraudulent website and internet banking login screen related to Shanghai Commercial Bank Limited (22-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Chong Hing Bank Limited (22-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to The Bank of East Asia, Limited (22-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• PolyU x NuttyShell Cybersecurity CTF 2025 (From 19-April-2025 to 21-April-2025)
  

  The Hong Kong Polytechnic University (PolyU) and the PolyU CTF team NuttyShell are jointly organizing the “PolyU x NuttyShell Cybersecurity CTF 2025,” which aims to nurture next-generation students who have a keen interest in working in cybersecurity and information security. This will allow our young generation to develop the skill sets required to thrive in this industry and expand their problem-solving mindset to handle the ever-changing world of technology and any challenges they may face.

• Fraudulent websites and internet banking login screens related to DBS Bank (Hong Kong) Limited (17-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Security Alert (A25-04-15): Multiple Vulnerabilities in Oracle Java and Oracle Products (April 2025) (16-April-2025)
  

  Oracle has released the Critical Patch Update (CPU) Advisory with collections of patches for multiple security vulnerabilities found in Java SE and various Oracle products.

• Security Alert (A25-04-14): Vulnerability in Firefox (16-April-2025)
  

  Mozilla has published an advisory (MFSA2025-25) to address a vulnerability in Firefox browser.

• Enhancing Data Security – Privacy Commissioner Publishes an Article on Hong Kong Lawyer (16-April-2025)
  

  The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, published an article titled “Safeguarding Personal Data Privacy in the Digital Age with PCPD’s Guidance on Cloud Computing” on Hong Kong Lawyer.

• Security Alert (A25-04-13): Vulnerability in Microsoft Edge (15-April-2025)
  

  Microsoft released a security update to address a vulnerability in Microsoft Edge

• Fraudulent websites and internet banking login screens related to Shanghai Commercial Bank Limited (15-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Chong Hing Bank Limited (15-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (15-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Digital Policy Office releases Hong Kong Generative Artificial Intelligence Technical and Application Guideline (15-April-2025)
  

  The Guideline aims to provide practical operational guidance for technology developers, service providers, and users in the application of generative artificial intelligence (AI) technology. The Guideline covers the scope and limitations of applications, potential risks and governance principles of generative AI technology, including technical risks such as data leakage, model bias, and errors that need to be addressed.

• Police and HKMA remind public to remain vigilant against phishing messages (15-April-2025)
  

  Police and the Hong Kong Monetary Authority (HKMA) today (April 16) remind members of the public to remain vigilant against phishing SMS messages purporting to be from Anti-Deception Coordination Centre (ADCC) and the HKMA.

• Speech by Mr Daniel Cheung, JP, Deputy Commissioner (Digital Infrastructure), at the “World Internet Conference Asia-Pacific Summit - Cybersecurity Workshop” (with photos) (15-April-2025)
  

  Mr Daniel Cheung, Deputy Commissioner (Digital Infrastructure), delivered a speech at the “World Internet Conference Asia-Pacific Summit - Cybersecurity Workshop”.

• World Internet Conference Asia-Pacific Summit explores future of AI and digital technologies (with photos) (14-April-2025)
  

  Hosted by the World Internet Conference (WIC), organised by the Hong Kong Special Administrative Region (HKSAR) Government and co-organised by the Innovation, Technology and Industry Bureau (ITIB), the World Internet Conference Asia-Pacific Summit kicked off today (April 14) at the Hong Kong Convention and Exhibition Centre.

• Fraudulent websites and internet banking login screens related to Shanghai Commercial Bank Limited (14-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Chong Hing Bank Limited (14-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (14-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Embracing the e+ Internet Generation Parent Seminar (4): Identifying Fake News & Vision Management Tips (12-April-2025)
  

  The Education Bureau, Hong Kong Education City, and the Committee on Home-School Co-operation will co-organise the “Embracing the e+ Internet Generation Parent Seminar (4): Identifying Fake News & Vision Management Tips”. An Assistant Professor from the Department of Communication at Hong Kong Baptist University will share the fact-checking strategy and relevant tools, using real-life cases to demonstrate how to discern the authenticity of online information.

• Security Alert (A25-04-12): Multiple Vulnerabilities in SonicWall NetExtender (11-April-2025)
  

  SonicWall released a security advisory to address multiple vulnerabilities in NetExtender.

• Security Alert (A25-04-11): Multiple Vulnerabilities in Juniper Networks Products (11-April-2025)
  

  Juniper Networks has published security advisories to address multiple vulnerabilities in Junos OS, Junos OS Evolved and Junos Space.

• Transport Department alerts public to fraudulent websites purported to be from HKeToll (11-April-2025)
  

  ​The Transport Department (TD) today (April 11) alerted members of the public to fraudulent website addresses that pretend to be the HKeToll (see the HKeToll website for details) and seek to deceive users into making payments and obtaining their credit card information.

• Fraudulent websites and internet banking login screens related to Chong Hing Bank Limited (11-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Shanghai Commercial Bank Limited (11-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (11-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Phishing instant messages related to Mox Bank Limited (10-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Mox Bank Limited relating to phishing instant messages, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to The Bank of East Asia, Limited (10-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Chong Hing Bank Limited (10-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Shanghai Commercial Bank Limited (10-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Government cautions public against online video about investment plan purported to be recommended by CE (9-April-2025)
  

  A Government spokesman today (April 9) cautioned the public not to believe in a forged video created by artificial intelligence circulating online, which claimed that the Chief Executive urged the public to participate in an investment plan with high returns.

• Security Alert (A25-04-10): Multiple Vulnerabilities in Fortinet Products (9-April-2025)
  

  Fortinet released security advisories to address multiple vulnerabilities in Fortinet systems.

• Security Alert (A25-04-09): Vulnerability in Google Chrome (9-April-2025)
  

  Google released a security update to address vulnerability in Google Chrome.

• High Threat Security Alert (A25-04-08): Multiple Vulnerabilities in Microsoft Products (April 2025) (9-April-2025)
  

  Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.

• Reporting to Legislative Council – Secretary for Constitutional and Mainland Affairs and Privacy Commissioner Attend Special Meeting of the Legislative Council Finance Committee (9-April-2025)
  

  During the meeting, the Privacy Commissioner pointed out that the PCPD has introduced various “Data Security” tools to support different industries.

• Security Alert (A25-04-07): Multiple Vulnerabilities in Android (8-April-2025)
  

  Google has released Android Security Bulletin April 2025 to fix multiple security vulnerabilities in Android operating system.

• Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (8-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Chong Hing Bank Limited (8-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to DBS Bank (Hong Kong) Limited (8-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Shanghai Commercial Bank Limited (8-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Security Alert (A25-04-06): Multiple Vulnerabilities in Microsoft Edge (7-April-2025)
  

  Microsoft released a security update to address vulnerabilities in Microsoft Edge.

• High Threat Security Alert (A25-04-05): Vulnerability in Ivanti Products (7-April-2025)
  

  Ivanti has released security advisories to address the vulnerability in Ivanti products.

• A Male Arrested for Suspected Doxxing Arising from Repair Works Dispute (7-April-2025)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 61 in the New Territories. The arrested person was suspected to have disclosed the personal data of a customer without her consent, in contravention of section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO).

• Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (7-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Phishing emails related to DBS Bank (Hong Kong) Limited (7-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to phishing emails, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Shanghai Commercial Bank Limited (7-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website related to Bank Julius Baer & Co. Ltd. (7-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank Julius Baer & Co. Ltd. relating to a fraudulent website, which has been reported to the HKMA.

• Phishing messages and fraudulent websites related to Octopus Cards Limited (7-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Octopus Cards Limited relating to phishing messages and fraudulent websites.

• Fraudulent website purporting to be HKMA's official website (7-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) would like to alert members of the public to a fraudulent website with the domain name survey-hkma[.]com.

• Understanding CTI Implementation to Strengthen Cyber Defence (7-April-2025)
  

  Implementing CTI helps security teams make better decisions and respond quickly to new threats. This proactive approach not only strengthens defenses but also encourages ongoing improvements, making organizations more resilient against cyber risks.

• Security Alert (A25-04-04): Multiple Vulnerabilities in Cisco Products (3-April-2025)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

• Fraudulent website and internet banking login screen related to The Hongkong and Shanghai Banking Corporation Limited (3-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Shanghai Commercial Bank Limited (3-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Chong Hing Bank Limited (3-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (3-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Dah Sing Bank, Limited (3-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Dah Sing Bank, Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Security Alert (A25-04-02): Multiple Vulnerabilities in Firefox (2-April-2025)
  

  Mozilla has published the advisories (MFSA2025-20, MFSA2025-21, MFSA2025-22, MFSA2025-23 and MFSA2025-24) to address multiple vulnerabilities in Firefox browser.

• Security Alert (A25-04-03): Multiple Vulnerabilities in Google Chrome (2-April-2025)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome

• Fraudulent websites and internet banking login screens related to DBS Bank (Hong Kong) Limited (2-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent website related to The Hongkong and Shanghai Banking Corporation Limited (2-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to a fraudulent website, which has been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Chong Hing Bank Limited (2-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Dah Sing Bank, Limited (2-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Dah Sing Bank, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• LCQ6: Regulation of use of electronic screen products by children and adolescents (2-April-2025)
  

  Following is a question by the Hon Luk Chung-hung and a reply by the Secretary for Health, Professor Lo Chung-mau, in the Legislative Council today (April 2).

• Government cautions public on fake information about so-called "Government Investment Platform" (2-April-2025)
  

  A Government spokesman today (April 2) cautioned the public not to believe in a video circulating online, which appears to be artificially generated and falsely presents the Financial Secretary promoting a so-called "Government Investment Platform".

• High Threat Security Alert (A25-04-01): Multiple Vulnerabilities in Apple Products (1-April-2025)
  

  Apple has released iOS 15.8.4, iPadOS 15.8.4, iOS 18.3.2, iOS 16.7.11, iPadOS 16.7.11, iPadOS 17.7.6, iOS 18.4, iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, Safari 18.4, visionOS 2.4, tvOS 18.4 and Xcode 16.3 to fix the multiple vulnerabilities in various Apple devices.

• Fraudulent website and internet banking login screen related to Chong Hing Bank Limited (1-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (1-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent mobile application related to Bank of Singapore Limited (1-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited relating to a fraudulent mobile application (App), which has been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Shanghai Commercial Bank Limited (1-April-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Promoting AI Security – Assistant Privacy Commissioner Speaks at the 3rd AI Rule of Law Forum (1-April-2025)
  

  The Assistant Privacy Commissioner for Personal Data (Compliance, Global Affairs and Research) of the Office of the Privacy Commissioner for Personal Data (PCPD), Ms Joanne WONG, attended the 3rd Artificial Intelligence Rule of Law Forum (Forum) on 29 March 2025 in Guangzhou and delivered a keynote speech titled “Protecting Personal Data Privacy in the AI Era: Hong Kong’s Perspective”.

• Fraudulent website related to The Hongkong and Shanghai Banking Corporation Limited (31-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to a fraudulent website, which has been reported to the HKMA.

• Suspicious website related to Tai Sang Bank Limited (31-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Tai Sang Bank Limited relating to a suspicious website, which has been reported to the HKMA.

• The Office of the Privacy Commissioner for Personal Data (PCPD) today published (1) the Checklist on Guidelines for the Use of Generative AI by Employees and (2) the investigation findings of the data breach incident of ImagineX Management Company Limited. (31-March-2025)
  

  Privacy Commissioner’s Office Publishes (1) Checklist on Guidelines for the Use of Generative AI by Employees and (2) Investigation Findings on the Data Breach Incident of ImagineX Management Company Limited

• Security Alert (A25-03-25): Vulnerability in Firefox (28-March-2025)
  

  Mozilla has published an advisory (MFSA2025-19) to address a vulnerability in Firefox browser.

• Fraudulent website and social media accounts related to Dah Sing Bank, Limited (28-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Dah Sing Bank, Limited relating to a fraudulent website and social media accounts, which have been reported to the HKMA.

• Seminar on Teacher CPD Series: Hong Kong K12 Cybersecurity 2025 — Best Practices and Compliance Strategies 'Protecting Data and Ensuring Security' (27-March-2025)
  

  This seminar will cover core topics in cybersecurity, electronic inventory management, application security, K-12 cybersecurity education strategies, campus network security, and cybersecurity policies in the Mainland and Hong Kong.

• High Threat Security Alert (A25-03-24): Vulnerability in Microsoft Edge (27-March-2025)
  

  Microsoft released a security update to address a vulnerability in Microsoft Edge.

• Digital Policy Office introduces initiatives to promote cybersecurity in 2025 (with photos) (27-March-2025)
  

  The Digital Policy Office (DPO) introduced the key initiatives for promoting cybersecurity this year at the 2025 Cybersecurity Initiatives Briefing today (March 27).

• Security Alert (A25-03-23): Vulnerability in VMware Tools (26-March-2025)
  

  VMware has published a security advisory to address a vulnerability in VMware Tools.

• High Threat Security Alert (A25-03-22): Vulnerability in Google Chrome (26-March-2025)
  

  Google released a security update to address a vulnerability in Google Chrome

• LCQ7: Information security of government departments and public organisations (26-March-2025)
  

  Following is a question by the Hon Jeffrey Lam and a written reply by the Secretary for Innovation, Technology and Industry, Professor Sun Dong, in the Legislative Council today (March 26).

• Fraudulent websites and internet banking login screens related to Chong Hing Bank Limited (26-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (26-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Presentation by Mr Brian Sun, Chief Systems Manager (Data Applications)2, at the “‘Balancing Artificial Intelligent (AI) Safety with AI Innovation’ Seminar” (with photos) (Chinese only) (25-March-2025)
  

  Only Chinese version is available for this speech / presentation.

• Fraudulent websites, internet banking login screens and phishing emails related to Dah Sing Bank, Limited (25-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Dah Sing Bank, Limited relating to fraudulent websites, internet banking login screens and phishing emails, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Shanghai Commercial Bank Limited (25-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Phishing instant messages related to Industrial and Commercial Bank of China (Asia) Limited (25-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Industrial and Commercial Bank of China (Asia) Limited relating to phishing instant messages, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to OCBC Bank (Hong Kong) Limited (25-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by OCBC Bank (Hong Kong) Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Security Alert (A25-03-21): Multiple Vulnerabilities in Microsoft Edge (24-March-2025)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Fraudulent websites and internet banking login screens related to Chong Hing Bank Limited (24-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Bank of China (Hong Kong) Limited (24-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (24-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Shanghai Commercial Bank Limited (24-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• A Male Arrested for Suspected Doxxing Arising from a Friend’s Monetary Disputes (24-March-2025)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 73 on Hong Kong Island. The arrested person was suspected to have disclosed the personal data of a data subject without the latter’s consent, in contravention of section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO).

• Security Alert (A25-03-20): Vulnerability in Veeam Backup and Replication Products (21-March-2025)
  

  Veeam has published security advisory to address vulnerability in Veeam Backup and Replication products.

• Fraudulent websites and internet banking login screens related to Chong Hing Bank Limited (21-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to OCBC Bank (Hong Kong) Limited (21-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by OCBC Bank (Hong Kong) Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to China CITIC Bank International Limited (21-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Shanghai Commercial Bank Limited (21-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (21-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Enhancing Data Security for SMEs – Privacy Commissioner’s Office and HKPC Jointly Organise a Seminar on “Prevention of Cyber Attacks for SMEs” (21-March-2025)
  

  To assist small and medium-sized enterprises (SMEs) in enhancing data security, the Office of the Privacy Commissioner for Personal Data (PCPD) and the Hong Kong Productivity Council (HKPC) have collaborated to launch the “Data Security Training Series for SMEs”.

• Speech by Mr Daniel Cheung, JP, Deputy Commissioner (Digital Infrastructure), at the “Hong Kong Institute of Bankers Cybersecurity Solutions Day 2025” (with photo) (20-March-2025)
  

  Mr Daniel Cheung, Deputy Commissioner (Digital Infrastructure), delivered a speech at the “Hong Kong Institute of Bankers Cybersecurity Solutions Day 2025”.

• HKIB Cybersecurity Solutions Day 2025 (20-March-2025)
  

  This global gathering unites top minds from banks, insurance firms, consultancy groups, tech providers, and more to share actionable insights and strategies for enhancing financial institutions' resilience against evolving threats.

• Security Alert (A25-03-19): Vulnerability in Google Chrome (20-March-2025)
  

  Google released a security update to address a vulnerability in Google Chrome.

• Fraudulent website and internet banking login screen related to Fubon Bank (Hong Kong) Limited (20-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Fubon Bank (Hong Kong) Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Shanghai Commercial Bank Limited (20-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (20-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Chong Hing Bank Limited (20-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Security Alert (A25-03-18): Multiple Vulnerabilities in PHP (19-March-2025)
  

  PHP has released security advisories to address multiple vulnerabilities in PHP

• 立法會：保安局局長就《保護關鍵基礎設施（電腦系統）條例草案》全體委員會審議階段動議修正案發言全文 (Chinese only) (19-March-2025)
  

  以下是保安局局長鄧炳強今日（三月十九日）在立法會會議全體委員會審議階段就《保護關鍵基礎設施（電腦系統）條例草案》動議修正案發言全文。(Chinese only)

• Fraudulent websites and internet banking login screens related to Chong Hing Bank Limited (19-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Phishing instant messages related to Industrial and Commercial Bank of China (Asia) Limited (19-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Industrial and Commercial Bank of China (Asia) Limited relating to phishing instant messages, which have been reported to the HKMA.

• Fraudulent websites and social media pages related to DBS Bank (Hong Kong) Limited (19-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to fraudulent websites and social media pages, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to China Construction Bank (Asia) Corporation Limited (19-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Construction Bank (Asia) Corporation Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Bank of China (Hong Kong) Limited (18-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (18-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to China Construction Bank (Asia) Corporation Limited (18-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Construction Bank (Asia) Corporation Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• LegCo to consider Protection of Critical Infrastructures (Computer Systems) Bill (17-March-2025)
  

  The Legislative Council (LegCo) will hold a meeting on Wednesday (March 19) at 11am in the Chamber of the LegCo Complex. During the meeting, the Second Reading debate on the Protection of Critical Infrastructures (Computer Systems) Bill will resume.

• SITI attends press conference of World Internet Conference Asia-Pacific Summit in Beijing (with photos) (17-March-2025)
  

  The Secretary for Innovation, Technology and Industry, Professor Sun Dong, attended a press conference for the World Internet Conference (WIC) Asia-Pacific Summit in Beijing this morning (March 17) together with the Secretary General of the WIC, Mr Ren Xianliang, to announce the launch of the Asia-Pacific Summit 2025 in Hong Kong.

• Fraudulent website and internet banking login screen related to Chong Hing Bank Limited (17-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Shanghai Commercial Bank Limited (17-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website related to Bank Julius Baer & Co. Ltd. (17-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank Julius Baer & Co. Ltd. relating to a fraudulent website, which has been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to China Construction Bank (Asia) Corporation Limited (17-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Construction Bank (Asia) Corporation Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• SITI attends press conference of World Internet Conference Asia-Pacific Summit in Beijing (Chinese only) (with photo) (17-March-2025)
  

  The Secretary for Innovation, Technology and Industry, Professor Sun Dong, spoke at the press conference of World Internet Conference Asia-Pacific Summit in Beijing today (March 17). (Chinese only) (with photo)

• Fraudulent mobile application related to Bank of Communications (Hong Kong) Limited (14-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Communications (Hong Kong) Limited relating to a fraudulent mobile application (App), which has been reported to the HKMA.

• Phishing instant messages related to Industrial and Commercial Bank of China (Asia) Limited (14-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Industrial and Commercial Bank of China (Asia) Limited relating to phishing instant messages, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to China Construction Bank (Asia) Corporation Limited (14-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Construction Bank (Asia) Corporation Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Chong Hing Bank Limited (14-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (14-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Administrative Appeals Board Dismisses EC Healthcare’s Appeal (13-March-2025)
  

  The Administrative Appeals Board (AAB) earlier dismissed the appeal lodged by EC Healthcare against the decision of the Privacy Commissioner for Personal Data (Privacy Commissioner) to serve an enforcement notice. 

• Security Alert (A25-03-17): Multiple Vulnerabilities in Cisco Products (13-March-2025)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

• Security Alert (A25-03-16): Multiple Vulnerabilities in Microsoft Edge (13-March-2025)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Security Alert (A25-03-15): Vulnerability in Juniper Networks Junos OS (13-March-2025)
  

  Juniper Networks has published security advisory to address vulnerability in Junos OS.

• Fraudulent website and internet banking login screen related to China Minsheng Banking Corp., Ltd. (13-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Minsheng Banking Corp., Ltd. relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Shanghai Commercial Bank Limited (13-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (13-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Chong Hing Bank Limited (13-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to China Construction Bank (Asia) Corporation Limited (13-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Construction Bank (Asia) Corporation Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Causal Talk on Security and AI (13-March-2025)
  

  Topics and Speakers: 1)The attacker hits a wall(攻擊者無從下手) by Samiux 2)How to talk to AI and AI experience sharing by Andy Kong

• CSA HKM Knowledge Sharing Event – March 2025 (13-March-2025)
  

  In the Knowledge Sharing Event organised by Cloud Security Alliance Hong Kong & Macau Chapter on March 13, our guest speaker, Matt Wong, Senior Security Cloud Solution Architect at Microsoft, will share with you on how to establish a secure AI infrastructure in Cloud environment in Azure.

• Seminar on Teacher CPD Series: Enhancing Information Literacy for AI Teaching Challenges (13-March-2025)
  

  Join us for an engaging seminar that will explore effective strategies for selecting, using, and evaluating diverse information sources. You'll learn how to identify reliable information and empower your students to conduct efficient research, ultimately enhancing the quality of your teaching.

• Security Alert (A25-03-14): Multiple Vulnerabilities in Fortinet FortiWeb (12-March-2025)
  

  Fortinet released security advisories to address multiple vulnerabilities in Fortinet systems.

• Security Alert (A25-03-13): Multiple Vulnerabilities in Adobe Reader/Acrobat (12-March-2025)
  

  Patches are released for Adobe Reader and Acrobat to address multiple vulnerabilities.

• High Threat Security Alert (A25-03-12): Multiple Vulnerabilities in Microsoft Products (March 2025) (12-March-2025)
  

  Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.

• High Threat Security Alert (A25-03-11): Vulnerability in Apple Products (12-March-2025)
  

  Apple has released iOS 18.3.2, iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1 and visionOS 2.3.2 to fix the vulnerability in various Apple devices.

• Fraudulent websites and internet banking login screens related to Shanghai Commercial Bank Limited (12-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (12-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to China Construction Bank (Asia) Corporation Limited (12-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Construction Bank (Asia) Corporation Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Raising Public’s Awareness to Combat Fraud – Privacy Commissioner’s Office Organises a Seminar on “Protecting Personal Data to Prevent Fraud” (12-March-2025)
  

  At the seminar, the Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, shared with the participants some practical tips on protecting personal data when they use instant messaging applications, social media and  smartphones. Mr Andy LAU, Senior Inspector of Police, Anti-Deception Coordination Centre (ADCC) (Publicity) of the Commercial Crime Bureau of the Hong Kong Police Force, also spoke as a guest speaker on the latest trends of scams, using real cases as examples.

• Privacy Commissioner’s Office Publishes Investigation Findings on the Data Breach Incident of the Companies Registry and Commenced Compliance Check regarding Deliveroo’s Cessation of Operations in Hong Kong (12-March-2025)
  

  On completion of its investigation into the data breach incident of the Companies Registry (the Registry), the Office of the Privacy Commissioner for Personal Data (PCPD) published the investigation findings today. The investigation arose from a data breach notification submitted by the Registry to the PCPD on 19 April 2024, reporting the risk of personal data leakage identified in the e-Search Services of the e-Services Portal (the Incident).

• Security Alert (A25-03-10): Multiple Vulnerabilities in Google Chrome (11-March-2025)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Security Alert (A25-03-09): Vulnerability in Apache Tomcat (11-March-2025)
  

  The Apache Software Foundation released security updates to address the vulnerability in the Apache Tomcat.

• Fraudulent websites and internet banking login screens related to Chong Hing Bank Limited (11-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (11-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Shanghai Commercial Bank Limited (11-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to China Construction Bank (Asia) Corporation Limited (11-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Construction Bank (Asia) Corporation Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• The 17th InfoSecurity Summit 2025 (11-March-2025)
  

  The 2025 summit carries the theme of ‘Navigating the Complexities of Cybersecurity in the Age of Emerging Technologies”. As the world moves further into the AI and digital age, emerging technologies offer new opportunities for growth and efficiency. However, such advances bring a significant increase in cybersecurity risks and complexity, requiring a proactive and collaborative approach that integrates security, resilience and quantifiable risk measurement into all aspects of technology development and deployment.

• Security Alert (A25-03-08): Multiple Vulnerabilities in QNAP Products (10-March-2025)
  

  QNAP has published security advisories to address multiple vulnerabilities in QNAP products.

• Security Alert (A25-03-07): Multiple Vulnerabilities in Microsoft Edge (10-March-2025)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Fraudulent websites and internet banking login screens related to Chong Hing Bank Limited (10-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to China Construction Bank (Asia) Corporation Limited (10-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Construction Bank (Asia) Corporation Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (10-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Industrial and Commercial Bank of China (Asia) Limited (10-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Industrial and Commercial Bank of China (Asia) Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• A Female Arrested for Suspected Doxxing Arising from Online Shopping Dispute (10-March-2025)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese female aged 31 in the New Territories. The arrested person was suspected to have disclosed the personal data of a customer without her consent, in contravention of section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO).

• “Privacy-Friendly Awards 2025” (From 13-January-2025 to 7-March-2025)
  

  The Awards this year, with the theme of “Safeguarding Data Security: Marching towards a New Digital Era”, aim to recognise the commitment and efforts of organisations in the protection of personal data privacy, while encouraging them to implement good data governance and enhancing their awareness of protecting personal data privacy and data security.

• Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (7-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to China Construction Bank (Asia) Corporation Limited (7-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Construction Bank (Asia) Corporation Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to DBS Bank (Hong Kong) Limited (7-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• When Cybersecurity Meets 'Her Power': Unlocking the Potential of Women in Cybersecurity (7-March-2025)
  

  The cybersecurity field lacks diversity and female talent, with the gender gap most evident in high-level cybersecurity positions. According to statistics, women hold only 17% of Chief Information Security Officer (CISO) positions in Fortune 500 companies. HKCERT is honoured to invite three female practitioners at different stages of their careers to share their experiences and insights. We hope to inspire more women to join the cybersecurity industry by showcasing female representatives in the field.

• Fraudulent websites and internet banking login screens related to Shanghai Commercial Bank Limited (7-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Security Alert (A25-03-06): Multiple Vulnerabilities in Cisco Products (6-March-2025)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

• Security Alert (A25-03-05): Multiple Vulnerabilities in Google Chrome (6-March-2025)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Security Alert (A25-03-04): Multiple Vulnerabilities in Firefox (6-March-2025)
  

  Mozilla has published the advisories (MFSA2025-14, MFSA2025-15, MFSA2025-16, MFSA2025-17 and MFSA2025-18) to address multiple vulnerabilities in Firefox browser.

• High Threat Security Alert (A25-03-03): Multiple Vulnerabilities in VMware Products (6-March-2025)
  

  VMware has published a security advisory to address multiple vulnerabilities in VMware products.

• HKPF holds 2025 Bank Staff Recognition Ceremony to commend banking industry for combatting deception (with photos) (6-March-2025)
  

  The Hong Kong Police Force held the 2025 Bank Staff Recognition Ceremony today (March 6) to commend the banking industry for their exceptional contributions to combatting deception cases. Eighteen banks and nine bank staff received corporate awards and the Spotlight Award respectively.

• Fraudulent websites, internet banking login screens and social media accounts related to Nanyang Commercial Bank, Limited (6-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Nanyang Commercial Bank, Limited relating to fraudulent websites, internet banking login screens and social media accounts, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (6-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites related to OCBC Bank (Hong Kong) Limited (6-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by OCBC Bank (Hong Kong) Limited relating to fraudulent websites, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Chong Hing Bank Limited (6-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Industrial and Commercial Bank of China (Asia) Limited (6-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Industrial and Commercial Bank of China (Asia) Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent website related to Bank Julius Baer & Co. Ltd. (6-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank Julius Baer & Co. Ltd. relating to a fraudulent website, which has been reported to the HKMA.

• Phishing emails related to DBS Bank (Hong Kong) Limited (6-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to phishing emails, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to China Construction Bank (Asia) Corporation Limited (6-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Construction Bank (Asia) Corporation Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Government cautions public on fake information online about launch of "Hong Kong Coin" purported to be announced by CE (6-March-2025)
  

  A Government spokesman today (March 6) cautioned the public not to believe in the fake information being circulated online about the "launch of National Hong Kong Coin" on blockchain purported to be announced by the Chief Executive.

• Fraudulent website and phishing instant messages related to The Hongkong and Shanghai Banking Corporation Limited (5-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to a fraudulent website and phishing instant messages, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Shanghai Commercial Bank Limited (5-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Phishing instant messages related to Industrial and Commercial Bank of China (Asia) Limited (5-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Industrial and Commercial Bank of China (Asia) Limited relating to phishing instant messages, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to China Construction Bank (Asia) Corporation Limited (5-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Construction Bank (Asia) Corporation Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent website related to Bank Julius Baer & Co. Ltd. (5-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank Julius Baer & Co. Ltd. relating to a fraudulent website, which has been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to DBS Bank (Hong Kong) Limited (5-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• CSB clarifies online rumors (5-March-2025)
  

  Regarding a false message circulating on the Internet that "the Government has announced that the Clerical Assistant grade will be fully integrated into the Assistant Clerical Officer grade by 2027", a spokesman for the Civil Service Bureau clarified today (March 5) that no such announcement had been made, and a report had been made to the Police.

• Security Alert (A25-03-02): Multiple Vulnerabilities in Android (4-March-2025)
  

  Google has released Android Security Bulletin March 2025 to fix multiple security vulnerabilities in Android operating system.

• Video - Zero tolerance for cyberbullying. Be a smart netizen. (Chinese version only) (4-March-2025)
  

  The cyber world of the Internet is not a virtual space not bound by law, most of the ordinances targeting crime prevention in the real world apply also in the cyber world of the Internet. We must refuse to initiate or participate in cyberbullying.

• Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (4-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Chong Hing Bank Limited (4-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Security Alert (A25-03-01): Vulnerability in Synology DiskStation Manager (3-March-2025)
  

  Synology has published a security advisory to address a vulnerability in various versions of DiskStation Manager (DSM).

• Privacy Commissioner’s Office and HKPC Collaborate in Launching the “Data Security Training Series for SMEs” to Assist SMEs in Enhancing Data Security (3-March-2025)
  

  The Training Series consists of three seminars on different topics relating to data security, including strategies to prevent cyber attacks for SMEs, ways and means to handle a data breach incident and how to address the data security and privacy risks associated with artificial intelligence.

• Invest Hong Kong provides updates on information security incident (3-March-2025)
  

  ​Invest Hong Kong (InvestHK) provided an update today (March 3) on the information security incident identified on February 22 which involved a malicious ransomware attack to part of InvestHK's computer systems. According to InvestHK's investigation findings, there was no evidence indicating leakage of personal information. No further suspicious activities have been identified.

• Fraudulent website and internet banking login screen related to Shanghai Commercial Bank Limited (3-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to China Construction Bank (Asia) Corporation Limited (3-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Construction Bank (Asia) Corporation Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent website related to Bank of Communications (Hong Kong) Limited (3-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Communications (Hong Kong) Limited relating to a fraudulent website, which has been reported to the HKMA.

• Fraudulent websites, internet banking login screens and social media accounts related to Nanyang Commercial Bank, Limited (3-March-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Nanyang Commercial Bank, Limited relating to fraudulent websites, internet banking login screens and social media accounts, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (28-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Chiyu Banking Corporation Limited (28-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chiyu Banking Corporation Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to China Construction Bank (Asia) Corporation Limited (28-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Construction Bank (Asia) Corporation Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Promoting AI Security – Assistant Privacy Commissioner Joins Panel Discussion at AI STR (Safety, Trust, Responsibility) Forum (28-February-2025)
  

  The Assistant Privacy Commissioner for Personal Data (Compliance, Global Affairs and Research) of the Office of the Privacy Commissioner for Personal Data (PCPD), Ms Joanne WONG, attended Artificial Intelligence Safety, Trust, and Responsibility Forum (AI STR Forum) on 27 February 2025.

• Raising Public Awareness of Fraud Prevention – Privacy Commissioner’s Office Launches a New Anti-fraud Promotional Poster (28-February-2025)
  

  Starting from 2023, the Office of the Privacy Commissioner for Personal Data (PCPD) has launched a series of anti-fraud publicity activities under the theme of “Don’t Hand Over Your Personal Data – Beware of Fraudsters”, which included broadcasting promotional videos, distributing promotional posters, organising thematic seminars, etc., with a view to raising public awareness of fraud prevention.

• Security Alert (A25-02-19): Multiple Vulnerabilities in Cisco Products (27-February-2025)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

• Fraudulent website and internet banking login screen related to Chong Hing Bank Limited (27-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website related to Bank of Communications (Hong Kong) Limited (27-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Communications (Hong Kong) Limited relating to a fraudulent website, which has been reported to the HKMA.

• Fraudulent website and internet banking login screen related to The Bank of East Asia, Limited (27-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Shanghai Commercial Bank Limited (27-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to China Construction Bank (Asia) Corporation Limited (26-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Construction Bank (Asia) Corporation Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Chong Hing Bank Limited (26-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Shanghai Commercial Bank Limited (26-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Phishing instant messages related to Industrial and Commercial Bank of China (Asia) Limited (26-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Industrial and Commercial Bank of China (Asia) Limited relating to phishing instant messages, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to China Construction Bank (Asia) Corporation Limited (25-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Construction Bank (Asia) Corporation Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Chong Hing Bank Limited (25-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent social media account related to Airstar Bank Limited (25-February-2025)
  

  Fraudulent social media account related to Airstar Bank Limited

• Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (25-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Security Alert (A25-02-18): Multiple Vulnerabilities in Microsoft Edge (24-February-2025)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• A 43-year-old Male Arrested for Suspected Doxxing Arising from Monetary Dispute (24-February-2025)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 43 in Kowloon. The arrested person was suspected to have disclosed the personal data of his former friend and her daughter without the former friend’s consent, in contravention of section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO).

• Suspicious website related to Tai Sang Bank Limited (24-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Tai Sang Bank Limited relating to a suspicious website, which has been reported to the HKMA.

• Phishing instant messages related to Industrial and Commercial Bank of China (Asia) Limited (24-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Industrial and Commercial Bank of China (Asia) Limited relating to phishing instant messages, which have been reported to the HKMA.

• Mastering China's Cyber Defenses (24-February-2025)
  

  Grade Protection and CISP Certification for Enhanced Security.

• Invest Hong Kong reports information security incident (23-February-2025)
  

  Invest Hong Kong (InvestHK) announced today (February 23) that an information security incident was identified yesterday (February 22). The incident involved a malicious ransomware attack to part of InvestHK's computer systems.

• Embracing the e+ Internet Generation Parent Seminar (3): Together in Spine Health Awareness of Online Pitfalls (21-February-2025)
  

  In today's digital age, students are increasingly immersed in the online world. While the Internet provides a wealth of information, it also poses significant risks and challenges. How can parents enhance their digital safety awareness to safeguard their children's online security?

• Education Bureau alerts public to website of organisation falsely claiming to have support from "Hong Kong Education Bureau" (21-February-2025)
  

  The Education Bureau (EDB) today (February 21) called on the public to stay vigilant against an organisation calling itself "Kyiv State University of Economics and Business (Hong Kong Campus)". Its website falsely claims to have the support from the "Hong Kong Education Bureau" and contains a hyperlink to the EDB website.

• Phishing instant messages related to Industrial and Commercial Bank of China (Asia) Limited (21-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Industrial and Commercial Bank of China (Asia) Limited relating to phishing instant messages, which have been reported to the HKMA.

• Security Alert (A25-02-17): Multiple Vulnerabilities in Cisco Products (20-February-2025)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

• Phishing message and fraudulent website related to Alipay Financial Services (HK) Limited (20-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Alipay Financial Services (HK) Limited relating to a phishing message and a fraudulent website.

• Phishing emails related to DBS Bank (Hong Kong) Limited (20-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to phishing emails, which have been reported to the HKMA.

• Phishing instant messages related to Ant Bank (Hong Kong) Limited (20-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Ant Bank (Hong Kong) Limited relating to phishing instant messages, which have been reported to the HKMA.

• Security Alert (A25-02-16): Multiple Vulnerabilities in OpenSSH (19-February-2025)
  

  OpenSSH has released a new version to address multiple vulnerabilities in various versions of OpenSSH.

• Security Alert (A25-02-15): Multiple Vulnerabilities in Google Chrome (19-February-2025)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome

• Security Alert (A25-02-14): Vulnerability in Firefox (19-February-2025)
  

  Mozilla has published an advisory (MFSA2025-12) to address a vulnerability in Firefox browser.

• Suspicious website related to DBS Bank (Hong Kong) Limited (19-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to a suspicious website, which has been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Shanghai Commercial Bank Limited (19-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent websites, internet banking login screens and phishing instant messages related to The Hongkong and Shanghai Banking Corporation Limited (19-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to fraudulent websites, internet banking login screens and phishing instant messages, which have been reported to the HKMA.

• LCQ17: Cracking down on online defamation and cyber-bullying (19-February-2025)
  

  Following is a question by Prof the Hon Chow Man-kong and a written reply by the Secretary for Security, Mr Tang Ping-keung, in the Legislative Council today (February 19).

• Fraudulent website and internet banking login screen related to China Construction Bank (Asia) Corporation Limited (18-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Construction Bank (Asia) Corporation Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website related to Bank of Communications (Hong Kong) Limited (18-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Communications (Hong Kong) Limited relating to a fraudulent website, which has been reported to the HKMA.

• Phishing emails related to Bank of China (Hong Kong) Limited (18-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to phishing emails, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Chong Hing Bank Limited (18-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA. 

• Security Alert (A25-02-13): Multiple Vulnerabilities in Microsoft Edge (17-February-2025)
  

  Microsoft released a security update to address vulnerabilities in Microsoft Edge.

• Reporting to Legislative Council – Privacy Commissioner Attends Meeting of Legislative Council Panel on Constitutional Affairs to Brief Members on PCPD’s Work in 2024 (17-February-2025)
  

  The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, attended the Legislative Council Panel on Constitutional Affairs on 17 February to brief Members on the work of her Office (PCPD) in 2024 and its strategic focus this year.

• Security Alert (A25-02-12): Multiple Vulnerabilities in Google Chrome (13-February-2025)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome

• Transport Department alerts public to fraudulent SMS messages purported to be from HKeToll (13-February-2025)
  

  The Transport Department (TD) today (February 13) alerted members of the public to fraudulent SMS messages purported to be issued by the HKeToll and provided a hyperlink with the domain name (http[:]//hketoll.taobaocainiao.top[/]ZA17vEtuG6) that lead to a fake HKeToll website, which seeks to deceive recipients into making payments and obtain their credit card information.

• Fraudulent websites and internet banking login screens related to The Hongkong and Shanghai Banking Corporation Limited (13-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to DBS Bank (Hong Kong) Limited (13-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Phishing instant messages related to Industrial and Commercial Bank of China (Asia) Limited (13-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Industrial and Commercial Bank of China (Asia) Limited relating to phishing instant messages, which have been reported to the HKMA.

• High Threat Security Alert (A25-02-11): Multiple Vulnerabilities in Ivanti Products (12-February-2025)
  

  Ivanti has released a security advisory to address multiple vulnerabilities in Ivanti products.

• Security Alert (A25-02-10): Vulnerability in Fortinet FortiOS (12-February-2025)
  

  Fortinet released a security advisory to address a vulnerability in Fortinet FortiOS.

• High Threat Security Alert (A25-02-09): Multiple Vulnerabilities in Microsoft Products (February 2025) (12-February-2025)
  

  Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components

• Fraudulent websites and social media accounts related to Chong Hing Bank Limited (12-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites and social media accounts, which have been reported to the HKMA.

• Security Alert (A25-02-08): Vulnerability in Apple iOS and iPadOS (11-February-2025)
  

  Apple has released iOS 18.3.1, iPadOS 17.7.5 and iPadOS 18.3.1 to fix the vulnerability in various Apple devices.

• Fraudulent websites and internet banking login screens related to DBS Bank (Hong Kong) Limited (11-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent website related to Bank Julius Baer & Co. Ltd. (11-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank Julius Baer & Co. Ltd. relating to a fraudulent website, which has been reported to the HKMA.

• Enhancing Data Security – Privacy Commissioner’s Office Collaborates with HKIRC to Launch the Third Episode of Promotional Video  (11-February-2025)
  

  To assist organisations in raising employees’ awareness of cyber security and personal data protection, the Office of the Privacy Commissioner for Personal Data (PCPD) and the Hong Kong Internet Registration Corporation Limited (HKIRC) have jointly launched a series of promotional videos to provide relevant guidance and tips in a lively manner to organisations.

• A Debt Collector Arrested for Suspected Doxxing (11-February-2025)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 40 in Kowloon. The arrested person was suspected to have disclosed the personal data of the data subject without his consent, in contravention of section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO).

• Security Alert (A25-02-07): Multiple Vulnerabilities in Microsoft Edge (7-February-2025)
  

  Microsoft released a security update to address vulnerabilities in Microsoft Edge.

• Fraudulent websites and internet banking login screens related to The Hongkong and Shanghai Banking Corporation Limited (7-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Fubon Bank (Hong Kong) Limited (7-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Fubon Bank (Hong Kong) Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Security Alert (A25-02-06): Multiple Vulnerabilities in Cisco Products (6-February-2025)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

• Security Alert (A25-02-05): Multiple Vulnerabilities in Google Chrome (5-February-2025)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Security Alert (A25-02-04): Multiple Vulnerabilities in Firefox (5-February-2025)
  

  Mozilla has published the advisories (MFSA2025-07, MFSA2025-08 and MFSA2025-09) to address multiple vulnerabilities in Firefox browser

• Fraudulent websites, internet banking login screens and mobile applications (Apps) related to China Construction Bank (Asia) Corporation Limited (5-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Construction Bank (Asia) Corporation Limited relating to fraudulent websites, internet banking login screens and Apps, which have been reported to the HKMA.

• Security Alert (A25-02-03): Multiple Vulnerabilities in Android (4-February-2025)
  

  Google has released Android Security Bulletin February 2025 to fix multiple security vulnerabilities in Android operating system.

• Fraudulent websites and phishing emails related to DBS Bank (Hong Kong) Limited (4-February-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to fraudulent websites and phishing emails, which have been reported to the HKMA.

• Security Alert (A25-02-02): Vulnerability in Microsoft Edge (3-February-2025)
  

  Microsoft released a security update to address a vulnerability in Microsoft Edge.

• Security Alert (A25-02-01): Vulnerability in Google Chrome (3-February-2025)
  

  Google released a security update to address a vulnerability in Google Chrome.

• InfoSec Tours - Protect yourself in the Cyberworld (Chinese version only) (3-February-2025)
  

  Please refer to the Chinese version.

• High Threat Security Alert (A25-01-18): Multiple Vulnerabilities in Apple Products (28-January-2025)
  

  Apple has released iOS 18.3, iPadOS 17.7.4, iPadOS 18.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3 and Safari 18.3 to fix the vulnerabilities in various Apple devices.

• Security Alert (A25-01-17): Vulnerability in Microsoft Edge (27-January-2025)
  

  Microsoft released a security update to address a vulnerability in Microsoft Edge.

• ORO reports incident involving loss of backup tapes (27-January-2025)
  

  A spokesman for the Official Receiver's Office (ORO) said today (January 27) that the department attaches the utmost importance to an incident involving the loss of magnetic backup tapes and expresses sincere apologies.

• Security Alert (A25-01-16): Multiple Vulnerabilities in QNAP Products (24-January-2025)
  

  QNAP has published security advisories to address multiple vulnerabilities in QNAP products.

• High Threat Security Alert (A25-01-15): Vulnerability in SonicWall SMA1000 Series Products (24-January-2025)
  

  SonicWall released a security advisory to address a vulnerability in SMA1000 series products.

• Beware of fake news and project claimed to be related to HKMA (24-January-2025)
  

  The Hong Kong Monetary Authority (HKMA) has received enquiries from the public regarding fake news related to the HKMA, claiming an individual in charge of a poverty alleviation project met with the Chief Executive of the HKMA, Mr Eddie Yue, and discussed poverty relief funds.

• Phishing instant messages related to Bank of Communications Co., Ltd. (24-January-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Communications Co., Ltd. relating to phishing instant messages, which have been reported to the HKMA.

• Phishing instant messages related to Industrial and Commercial Bank of China (Asia) Limited (24-January-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Industrial and Commercial Bank of China (Asia) Limited relating to phishing instant messages, which have been reported to the HKMA.

• Phishing instant messages related to Bank of Communications (Hong Kong) Limited (24-January-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Communications (Hong Kong) Limited relating to phishing instant messages, which have been reported to the HKMA.

• Resource Centre - Infographics on "Digital Signage Security Best Practices" (24-January-2025)
  

  Infographics on "Digital Signage Security Best Practices" is now available at the Resource Centre

• Security Alert (A25-01-14): Multiple Vulnerabilities in Google Chrome (23-January-2025)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• High Threat Security Alert (A25-01-13): Multiple Vulnerabilities in Cisco Products (23-January-2025)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

• Privacy Commissioner’s Office Reports on its Work in 2024 and Publishes Investigation Findings on the Data Breach Incident of Oxfam Hong Kong (23-January-2025)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) today reported on its work in 2024 and published the investigation findings of the data breach incident of Oxfam Hong Kong (Oxfam).

• Security Alert (A25-01-12): Multiple Vulnerabilities in Oracle Java and Oracle Products (January 2025) (22-January-2025)
  

  Oracle has released the Critical Patch Update (CPU) Advisory with collections of patches for multiple vulnerabilities found in Java SE and various Oracle products.

• LCQ2: Prevention of personal data breaches and financial crimes (22-January-2025)
  

  Following is a question by the Hon Carmen Kan and a reply by the Secretary for Constitutional and Mainland Affairs, Mr Erick Tsang Kwok-wai, in the Legislative Council today (January 22).

• “HKCERT Capture The Flag 2024” Concludes Successfully with Record Participation Gathering Top Global Teams in Hong Kong, Nurturing Future Cyber Security Talent (22-January-2025)
  

  Hong Kong Productivity Council (HKPC) in collaboration with the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT), and Digital Policy Office of the HKSAR Government, successfully hosted the “HKCERT Capture the Flag Challenge 2024” (CTF Challenge) on 20-21 January. The event attracted over record-making 1,300 participants from renowned teams across the Chinese Mainland, other parts of Asia, Europe, and the United States, setting. 

• Fraudulent websites and internet banking login screens related to Chiyu Banking Corporation Limited (21-January-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chiyu Banking Corporation Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• "HKCERT Capture the Flag Challenge 2024" - Seminar and Award Presentation Ceremony (21-January-2025)
  

  HKCERT Capture The Flag 2024 Seminar and Ceremony which organised by the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT), the Hong Kong Productivity Council (HKPC) and Digital Policy Office (DPO) will be held on 21 January 2025. Cybersecurity experts will share the latest security information.

• Security Alert (A25-01-11): Multiple Vulnerabilities in Microsoft Edge (20-January-2025)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Fraudulent websites and internet banking login screens related to China CITIC Bank International Limited (20-January-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to China Construction Bank (Asia) Corporation Limited (20-January-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Construction Bank (Asia) Corporation Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Chong Hing Bank Limited (20-January-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• HKCERT Unveils "Hong Kong Cyber Security Outlook 2025" Phishing Hits Five-year High Vulnerabilities in Supply Chain and AI Content Hijacking Emerge as Key Risks Over Half of Enterprises Fear Cyber Attacks on IoT Digital Signages (20-January-2025)
  

  The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) held a media briefing today to present the "Hong Kong Cyber Security Outlook 2025 cum IoT Security Study Report on Digital Signage". The briefing summarised Hong Kong's cyber security landscape in 2024 and released security forecast for 2025, highlighting supply chain security and AI content hijacking will become the primary cyber security risks in Hong Kong.

• Enhancing Digital Signage Security: Security Findings and Recommendations from the Latest Study (20-January-2025)
  

  In today's digital age, digital signage has become a popular tool for industries to promote products and display information to customers. However, as an IoT device that is commonly placed in public areas, digital signage is susceptible to cyber attacks. Therefore, HKCERT conducted a comprehensive security study on digital signages.

• High Threat Security Alert (A25-01-10): Multiple Vulnerabilities in Ivanti Products (17-January-2025)
  

  Ivanti has released security advisories to address multiple vulnerabilities in Ivanti products.

• Fraudulent website and internet banking login screen related to Shanghai Commercial Bank Limited (17-January-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Fubon Bank (Hong Kong) Limited (17-January-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Fubon Bank (Hong Kong) Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website related to The Hongkong and Shanghai Banking Corporation Limited (16-January-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to a fraudulent website, which has been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Fubon Bank (Hong Kong) Limited (16-January-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Fubon Bank (Hong Kong) Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraud Enquiries Soar by Over 40% Privacy Commissioner’s Office Offers Six Tips to Prevent Fraud (16-January-2025)
  

  As the Year of the Dragon draws to a close, the Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, appeals to members of the public and organisations to be aware of various forms of fraudulent tricks, particularly those involving fraudulent recruitment advertisements and AI deepfake technology, and offers six tips to safeguard personal data privacy.

• Fraudulent websites and internet banking login screens related to Fubon Bank (Hong Kong) Limited (15-January-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Fubon Bank (Hong Kong) Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Phishing instant messages related to Bank of China (Hong Kong) Limited (15-January-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to phishing instant messages, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to China Construction Bank (Asia) Corporation Limited (15-January-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Construction Bank (Asia) Corporation Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Phishing messages and fraudulent websites related to Octopus Cards Limited (15-January-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Octopus Cards Limited relating to phishing messages and fraudulent websites.

• LCQ7: Cracking down on phishing scams (15-January-2025)
  

  Following is a question by Prof the Hon Chow Man-kong and a written reply by the Secretary for Security, Mr Tang Ping-keung, in the Legislative Council today (January 15).

• Security Alert (A25-01-09): Multiple Vulnerabilities in Google Chrome (15-January-2025)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• High Threat Security Alert (A25-01-08): Multiple Vulnerabilities in Fortinet Products (15-January-2025)
  

  Fortinet released security advisories to address multiple vulnerabilities in Fortinet systems.

• High Threat Security Alert (A25-01-07): Multiple Vulnerabilities in Microsoft Products (January 2025) (15-January-2025)
  

  Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components

• Fraudulent website related to Bank Julius Baer & Co. Ltd. (14-January-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank Julius Baer & Co. Ltd. relating to a fraudulent website, which has been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Shanghai Commercial Bank Limited (14-January-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to The Bank of East Asia, Limited (14-January-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to China Construction Bank (Asia) Corporation Limited (14-January-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Construction Bank (Asia) Corporation Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to DBS Bank (Hong Kong) Limited (14-January-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Chong Hing Bank Limited (14-January-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Remarks by S for S after Fight Crime Committee meeting (with video) (13-January-2025)
  

  Following is the remarks by the Secretary for Security, Mr Tang Ping-keung, at a media session after the Fight Crime Committee meeting at the Central Government Offices today (January 13).

• Fraudulent website and internet banking login screen related to The Bank of East Asia, Limited (13-January-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Nanyang Commercial Bank, Limited (13-January-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Nanyang Commercial Bank, Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website related to Bank of Communications (Hong Kong) Limited (13-January-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Communications (Hong Kong) Limited relating to a fraudulent website, which has been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Chong Hing Bank Limited (13-January-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Shanghai Commercial Bank Limited (10-January-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Security Alert (A25-01-06): Multiple Vulnerabilities in Juniper Networks Products (9-January-2025)
  

  Juniper Networks has published security advisories to address multiple vulnerabilities in Junos OS, Junos OS Evolved and Junos Space.

• High Threat Security Alert (A25-01-05): Multiple Vulnerabilities in SonicWall Products (9-January-2025)
  

  SonicWall released security advisories to address multiple vulnerabilities in SonicWall systems.

• High Threat Security Alert (A25-01-04): Multiple Vulnerabilities in Ivanti Products (9-January-2025)
  

  Ivanti has released a security advisory to address multiple vulnerabilities in Ivanti products.

• New Zealand-based information technology solutions provider opens regional office in Hong Kong (with photo) (9-January-2025)
  

  ​Invest Hong Kong announced today (January 8) that New Zealand-based information technology (IT) solutions provider, OptimaTech, has officially opened its regional office in Hong Kong, leveraging the city's strategic location as the base to expand in the region.

• Fraudulent websites and internet banking login screens related to Nanyang Commercial Bank, Limited (9-January-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Nanyang Commercial Bank, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Privacy Commissioner’s Office Publishes Investigation Findings on the Data Breach Incident of the Urban Renewal Authority and a Guidance on Cloud Computing (9-January-2025)
  

  On completion of its investigations into the data breach incident of the Urban Renewal Authority, the Office of the Privacy Commissioner for Personal Data (PCPD) published the investigation findings today.  The PCPD also published a “Guidance on Cloud Computing” in parallel.

• Security Alert (A25-01-03): Multiple Vulnerabilities in Firefox (8-January-2025)
  

  Mozilla has published the advisories (MFSA2025-01, MFSA2025-02 and MFSA2025-03) to address multiple vulnerabilities in Firefox browser.

• Security Alert (A25-01-02): Vulnerability in Google Chrome (8-January-2025)
  

  Google released a security update to address vulnerability in Google Chrome.

• Fraudulent website related to Dah Sing Bank, Limited (8-January-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Dah Sing Bank, Limited relating to a fraudulent website, which has been reported to the HKMA.

• Security Alert (A25-01-01): Multiple Vulnerabilities in Android (7-January-2025)
  

  Google has released Android Security Bulletin January 2025 to fix multiple security vulnerabilities in Android operating system.

• Phishing instant messages related to China CITIC Bank International Limited (7-January-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited relating to phishing instant messages, which have been reported to the HKMA.

• Phishing instant messages related to Bank of China (Hong Kong) Limited (7-January-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to phishing instant messages, which have been reported to the HKMA.

• Phishing instant messages related to Welab Bank Limited (2-January-2025)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Welab Bank Limited relating to phishing instant messages, which have been reported to the HKMA.

• Phishing instant messages related to Mox Bank Limited (31-December-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Mox Bank Limited relating to phishing instant messages, which have been reported to the HKMA.

• High Threat Security Alert (A24-12-18): Vulnerability in Palo Alto Products (30-December-2024)
  

  Palo Alto has published a security advisory to address a vulnerability in PAN-OS.

• Enhancing Data Security – Privacy Commissioner’s Office Collaborates with HKIRC to Launch a New Episode of Promotional Video  (30-December-2024)
  

  To assist organisations in raising employees’ awareness of cyber security and personal data protection, the Office of the Privacy Commissioner for Personal Data (PCPD) and the Hong Kong Internet Registration Corporation Limited (HKIRC) have jointly launched a series of promotional videos to provide relevant guidance and tips to organisations in a lively manner.

• OFNAA holds exhibition to promote healthy Internet use (with photos) (27-December-2024)
  

  The Office for Film, Newspaper and Article Administration (OFNAA) is holding an exhibition themed "Saying NO to Objectionable Information" at Kai Tin Shopping Centre in Lam Tin for three consecutive days starting from today (December 27). Through exhibition panels, game booths and education videos, the exhibition aims to enhance the public's understanding of the Control of Obscene and Indecent Articles Ordinance (Cap. 390) (COIAO) and promote healthy Internet use among children and young people.

• Fraudulent websites and phishing instant messages related to The Hongkong and Shanghai Banking Corporation Limited (24-December-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to fraudulent websites and phishing instant messages, which have been reported to the HKMA.

• Phishing instant messages related to Industrial and Commercial Bank of China (Asia) Limited (24-December-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Industrial and Commercial Bank of China (Asia) Limited relating to phishing instant messages, which have been reported to the HKMA. 

• Fraudulent mobile application related to Bank of Singapore Limited (24-December-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited relating to a fraudulent mobile application (App), which has been reported to the HKMA.

• Phishing instant messages related to Bank of China (Hong Kong) Limited (24-December-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to phishing instant messages, which have been reported to the HKMA.

• High Threat Security Alert (A24-12-17): Multiple Vulnerabilities in Sophos Firewall (23-December-2024)
  

  Sophos has published a security advisory to address multiple vulnerabilities in Sophos Firewall.

• Security Alert (A24-12-16): Multiple Vulnerabilities in Microsoft Edge (20-December-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Fraudulent website and social media accounts related to Bank of Singapore Limited (20-December-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited relating to a fraudulent website and social media accounts, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Nanyang Commercial Bank, Limited (20-December-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Nanyang Commercial Bank, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Inland Revenue Department alerts public to fraudulent SMS messages (20-December-2024)
  

  The Inland Revenue Department today (December 20) alerted members of the public to fraudulent SMS messages purportedly issued by the Government, which allege that the department is implementing a tax refund policy and suggest the recipient to contact an officer through WhatsApp to claim a tax refund.

• Hongkong Post alerts public to fraudulent SMS messages purportedly from "HKPost" (20-December-2024)
  

  Hongkong Post appealed to members of the public to stay alert to fraudulent SMS messages purportedly to be sent by Hongkong Post.

• Cybersecurity Symposium 2024 (19-December-2024)
  

  The event aims to foster collaboration between public bodies and local organisations to strengthen the city's cybersecurity resilience, supporting Hong Kong's development as a leading digital economy, and thereby contributing to the nation’s high-quality development across all sectors. The symposium features (i) keynote sessions and panel discussions on emerging threats, attack and defense strategies, and governance of artificial intelligence, (ii) showcases of latest cybersecurity solutions and services, and (iii) networking opportunities where you can connect with industry peers and exchange insights on overcoming challenges and implementing best practices.

• Security Alert (A24-12-15): Multiple Vulnerabilities in Google Chrome (19-December-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Fraudulent websites and phishing instant messages related to The Chugoku Bank, Ltd (18-December-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Chugoku Bank, Ltd relating to fraudulent websites and phishing instant messages, which have been reported to the HKMA.

• Phishing instant messages related to Industrial and Commercial Bank of China (Asia) Limited (18-December-2024)
  

  ​The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Industrial and Commercial Bank of China (Asia) Limited relating to phishing instant messages, which have been reported to the HKMA.

• Enhancing Data Security for Schools – Privacy Commissioner’s Office Organises a Seminar for the Education Sector (18-December-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) organised a seminar on “Preventing and Handling Data Breach Incidents and Enhancing Data Security Measures for the Education Sector” in hybrid mode on 16 December, which attracted over 380 principals and teachers to attend.

• Security Alert (A24-12-14): Multiple Vulnerabilities in Apache Tomcat (18-December-2024)
  

  The Apache Software Foundation released security updates to address the vulnerabilities in the Apache Tomcat.

• High Threat Security Alert (A24-12-13): Vulnerability in Apache Struts (17-December-2024)
  

  The Apache Software Foundation has released a security bulletin to address the vulnerability in Apache Struts.

• Taking Security Best Practice During Festive Season (17-December-2024)
  

  As the year comes to a close, many people start planning their long holidays to spend time with family and friends, purchase new items, or travel abroad. Online services have gained immense popularity during this time.

• Police hold Anti-Scam Carnival (with photos) (14-December-2024)
  

  The Commercial Crime Bureau (CCB), the Cyber Security and Technology Crime Bureau (CSTCB) and the Financial Intelligence and Investigation Bureau (FIIB) of the Hong Kong Police Force held the Anti-Scam Carnival at the West Kowloon Cultural District today (December 14) to increase the public awareness of scam prevention, money laundering and cyber threats through thematic game booths, as well as various music, dance and magic performances, attracting over 8 500 participants.

• Security Alert (A24-12-12): Multiple Vulnerabilities in Microsoft Edge (13-December-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Fraudulent websites and internet banking login screens related to Chong Hing Bank Limited (13-December-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to China Construction Bank (Asia) Corporation Limited (13-December-2024)
  

  ​The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Construction Bank (Asia) Corporation Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Nanyang Commercial Bank, Limited (13-December-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Nanyang Commercial Bank, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Shanghai Commercial Bank Limited (13-December-2024)
  

  ​The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Security Alert (A24-12-11): Multiple Vulnerabilities in Apple iOS and iPadOS (12-December-2024)
  

  Apple has released iOS 18.2, iPadOS 17.7.3 and iPadOS 18.2 to fix the vulnerabilities in various Apple devices.

• Phishing messages and fraudulent websites related to Octopus Cards Limited (12-December-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Octopus Cards Limited relating to phishing messages and fraudulent websites. The relevant stored value facility (SVF) licensee has reported the case to the HKMA.

• Fraudulent website and internet banking login screen related to Nanyang Commercial Bank, Limited (12-December-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Nanyang Commercial Bank, Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Security Alert (A24-12-10): Multiple Vulnerabilities in Adobe Reader/Acrobat (11-December-2024)
  

  Patches are released for Adobe Reader and Acrobat to address multiple vulnerabilities.

• Security Alert (A24-12-09): Multiple Vulnerabilities in Google Chrome (11-December-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Security Alert (A24-12-08): Multiple Vulnerabilities in Ivanti Products (11-December-2024)
  

  Ivanti has released security advisories to address multiple vulnerabilities in Ivanti products

• High Threat Security Alert (A24-12-07): Multiple Vulnerabilities in Microsoft Products (December 2024) (11-December-2024)
  

  Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.

• Fraudulent website related to Bank Julius Baer & Co. Ltd. (11-December-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank Julius Baer & Co. Ltd. relating to a fraudulent website, which has been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Chong Hing Bank Limited (11-December-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• 立法會：保安局局長動議二讀《保護關鍵基礎設施（電腦系統）條例草案》發言全文 (Chinese only) (11-December-2024)
  

  以下是保安局局長鄧炳強今日（十二月十一日）在立法會會議動議二讀《保護關鍵基礎設施（電腦系統）條例草案》（《條例草案》）的發言全文。(Chinese only)

• Fraudulent websites and internet banking login screens related to China CITIC Bank International Limited (11-December-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Nanyang Commercial Bank, Limited (11-December-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Nanyang Commercial Bank, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to Industrial and Commercial Bank of China (Asia) Limited (11-December-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Industrial and Commercial Bank of China (Asia) Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to China Construction Bank (Asia) Corporation Limited (10-December-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Construction Bank (Asia) Corporation Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent websites and internet banking login screens related to The Bank of East Asia, Limited (10-December-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Bank of East Asia, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent mobile application related to Bank of Singapore Limited (10-December-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited relating to a fraudulent mobile application (App), which has been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Shanghai Commercial Bank Limited (10-December-2024)
  

  ​The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• InfoSec Tours - Safety Rules for the Cyberworld (Chinese version only) (10-December-2024)
  

  Please refer to the Chinese version.

• Security Alert (A24-12-06): Multiple Vulnerabilities in QNAP Products (9-December-2024)
  

  QNAP has published security advisories to address multiple vulnerabilities in QNAP products.

• Fraudulent website and internet banking login screen related to Industrial and Commercial Bank of China (Asia) Limited (9-December-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Industrial and Commercial Bank of China (Asia) Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to China CITIC Bank International Limited (9-December-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to China Construction Bank (Asia) Corporation Limited (9-December-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Construction Bank (Asia) Corporation Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Shanghai Commercial Bank Limited (9-December-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Administration’s paper on Capital Works Reserve Fund Head 710 Computerization Subhead A007GX (Block Allocation) New Administrative Computer Systems: 2025-2026 Estimates of Expenditure (9-December-2024)
  

  This paper seeks Members’ support for the 2025-26 Estimates under Capital Works Reserve Fund (“CWRF”) Head 710 Computerisation Subhead A007GX (Block Allocation) – New Administrative Computer Systems.

• Privacy Commissioner’s Office Publishes Investigation Findings on the Data Breach Incident of the Electrical and Mechanical Services Department and the “Blind” Recruitment Advertisements Posted on the Online Platform of Jobs DB Hong Kong Limited (9-December-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) today published two sets of investigation findings. The first set of findings relates to the data breach incident of the Electrical and Mechanical Services Department and the second set of findings relates to the “blind” recruitment advertisements (Blind Ads) posted on the online platform of Jobs DB Hong Kong Limited (JobsDB).

• Security Alert (A24-12-05): Multiple Vulnerabilities in SonicWall SMA 100 Series Products (6-December-2024)
  

  SonicWall released a security advisory to address multiple vulnerabilities in SMA 100 series products.

• Security Alert (A24-12-04): Multiple Vulnerabilities in Microsoft Edge (6-December-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Opening Remarks by Ms Candy Chan, Assistant Commissioner (Project Governance and Cybersecurity), at the “Hong Kong China Network Security Association 1st Anniversary Ceremony” (with photos) (5-December-2024)
  

  Ms Candy Chan, Assistant Commissioner (Project Governance and Cybersecurity), delivered opening remarks at the “HKCNSA 1st Anniversary Ceremony”.

• Expansion of Suspicious Account Alert for automated teller machine transactions (5-December-2024)
  

  The Hong Kong Monetary Authority (HKMA), in collaboration with the Hong Kong Police Force (the Police) and the Hong Kong Association of Banks (HKAB), announced today (December 5) the expansion of the Suspicious Account Alert to include transactions at automated teller machines (ATMs) (including cash deposit machines).

• Enhancing Cybersecurity – Privacy Commissioner Attends the HKCNSA 1st Anniversary Ceremony (5-December-2024)
  

  The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, attended the Hong Kong China Network Security Association (HKCNSA) 1st Anniversary Ceremony as the Guest of Honour on 5 December. The Privacy Commissioner extended congratulations to the HKCNSA and wished the association continuous success, while helping its members to bolster their ability to safeguard data security.

• Security Alert (A24-12-03): Vulnerability in Google Chrome (4-December-2024)
  

  Google released a security update to address a vulnerability in Google Chrome.

• Protection of Critical Infrastructures (Computer Systems) Bill to be gazetted on Friday (4-December-2024)
  

  A spokesman for the Security Bureau said today (December 4) that the Government will publish the Protection of Critical Infrastructures (Computer Systems) Bill in the Gazette on Friday (December 6) and introduce it into the Legislative Council for First Reading and Second Reading on December 11.

• Promoting Cyber Security and AI Security – Privacy Commissioner Publishes an Article on Hong Kong Lawyer  (4-December-2024)
  

  The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, published an article titled “Cyber Security and AI Security: Prioritising Protection of Personal Data Privacy in the Digital Era” on Hong Kong Lawyer.

• Security Alert (A24-12-02): Multiple Vulnerabilities in Android (3-December-2024)
  

  Google has released Android Security Bulletin December 2024 to fix multiple security vulnerabilities in Android operating system.

• Digital Policy Office launches data governance thematic web page (3-December-2024)
  

  The Digital Policy Office (DPO) launched a thematic web page on data governance today (December 3) covering the Principles of Data Governance and the relevant strategy, guidelines, and technical standards, etc concerning data governance to introduce the Government's data governance policies in a one-stop manner.

• WSD urges public to be alert to fraudulent SMS messages (3-December-2024)
  

  The Water Supplies Department (WSD) today (December 3) alerted the public to fraudulent SMS messages purportedly issued by the department.

• Security Alert (A24-12-01): Multiple Vulnerabilities in Synology DiskStation Manager (2-December-2024)
  

  Synology has published a security advisory to address multiple vulnerabilities in various versions of DiskStation Manager (DSM).

• SKDO receives report of theft of electronic devices from Sub-district Care Team (1-December-2024)
  

  The Sai Kung District Office (SKDO) received a report of theft of electronic devices from a Sub-district Care Team yesterday (November 30).

• Transport Department alerts public to fraudulent websites purported to be from HKeToll (29-November-2024)
  

  The Transport Department (TD) today (November 29) alerted members of the public to fraudulent website addresses that pretend to be the HKeToll (see the HKeToll website for details) and seek to deceive users into making payments and obtain their credit card information.

• HKMA welcomes launch of HKUST's InvestLM Generative A.I. Platform (28-November-2024)
  

  The Hong Kong Monetary Authority (HKMA) welcomes the launch of the InvestLM Generative A.I. Platform announced today (November 28) by the School of Business and Management of the Hong Kong University of Science and Technology (HKUST Business School).

• Enhancing Cybersecurity – PCPD's Representative Attends “Cyber Security Staff Awareness Recognition Scheme” Recognition Ceremony (28-November-2024)
  

  Assistant Privacy Commissioner for Personal Data (Corporate Communications and Compliance), Ms Joyce LAI, attended the “Cyber Security Staff Awareness Recognition Scheme” Recognition Ceremony on 27 November to present awards and deliver a speech on the importance of human firewall on personal data protection.

• Security Alert (A24-11-22): Multiple Vulnerabilities in Firefox (27-November-2024)
  

  Mozilla has published the advisories (MFSA2024-63, MFSA2024-64 and MFSA2024-65) to address multiple vulnerabilities in Firefox browser.

• Innovation and Technology leadership series thematic seminar held to enhance capabilities of Government senior management in spearheading implementation of digital government (with photos) (27-November-2024)
  

  The Digital Policy Office (DPO) and the Civil Service College (CSC) jointly launched the Innovation and Technology (I&T) leadership series thematic seminar for the senior management of the Government today (November 27). The seminar series serves to further enhance the understanding and capabilities of the senior management in information system management, cybersecurity and data security, thereby enabling them to lead their teams to build a secure and high-quality digital government.

• Security Alert (A24-11-21): Multiple Vulnerabilities in Drupal (25-November-2024)
  

  Drupal published security advisories to address multiple vulnerabilities in the Drupal products.

• Security Alert (A24-11-20): Multiple Vulnerabilities in QNAP Products (25-November-2024)
  

  QNAP has published security advisories to address multiple vulnerabilities in QNAP products.

• Security Alert (A24-11-19): Multiple Vulnerabilities in PHP (25-November-2024)
  

  PHP has released security advisories to address multiple vulnerabilities in PHP

• Security Alert (A24-11-18): Multiple Vulnerabilities in Microsoft Edge (25-November-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Hong Kong FinTech Week 2024 illuminates Hong Kong's pathway to fintech innovation (with photos) (25-November-2024)
  

  Hong Kong FinTech Week (HKFW) 2024 concluded on November 1. The week commenced with the two-day main conference on October 28 and 29, featuring engaging panels, speeches and discussions among government officials, regulators, fintech innovators and industry leaders from around the world.

• CA organises fun day cum exhibition to promote awareness of phone scams (with photos) (23-November-2024)
  

  To raise public vigilance and awareness of telecommunications scams, the Communications Authority (CA) is organising the large-scale "Say NO to Phone Scams" Fun Day cum Exhibition in Kowloon Park today and tomorrow (November 23 and 24), with a view to promoting awareness against phone and SMS scams.

• Transport Department alerts public to fraudulent websites purported to be from HKeToll (22-November-2024)
  

  The Transport Department (TD) today (November 22) alerted members of the public to fraudulent website addresses that pretend to be the HKeToll (see Annex) and seek to deceive users into making payments and obtain their credit card information.

• USITI and CDP attend World Internet Conference Wuzhen Summit (with photos) (21-November-2024)
  

  The Under Secretary for Innovation, Technology and Industry, Ms Lillian Cheong, and the Commissioner for Digital Policy, Mr Tony Wong, attended different forums of the 2024 World Internet Conference Wuzhen Summit held in Hangzhou today (November 21) and exchanged views on Hong Kong's latest developments in innovation and technology with representatives of government institutions, international organisations, enterprises and research institutes from the Mainland and abroad.

• Fraudulent websites related to Nanyang Commercial Bank, Limited (21-November-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Nanyang Commercial Bank, Limited relating to fraudulent websites, which have been reported to the HKMA.

• 立法會：創新科技及工業局局長就「制訂『人工智能+』策略」議員議案總結發言(Chinese only) (21-November-2024)
  

  以下是創新科技及工業局局長孫東教授今日（十一月二十一日）在立法會會議就黃錦輝議員動議的「制訂『人工智能+』策略」議案的總結發言。(Chinese only)

• 立法會：創新科技及工業局局長就「制訂『人工智能+』策略」議員議案開場發言(Chinese only) (21-November-2024)
  

  以下是創新科技及工業局局長孫東教授今日（十一月二十一日）在立法會會議就黃錦輝議員動議的「制訂『人工智能+』策略」議案的開場發言。(Chinese only)

• HKPC and PCPD Jointly Release “Hong Kong Enterprise Cyber Security Readiness Index” Rises by 5.8 Points Approaching the Level in Year 2022 “Human Awareness Building” Remains at Low Levels (21-November-2024)
  

  Hong Kong Productivity Council (HKPC) and the Office of the Privacy Commissioner for Personal Data, Hong Kong (PCPD) jointly released the results of the “Hong Kong Enterprise Cyber Security Readiness Index and AI Security” survey today. The “Hong Kong Enterprise Cyber Security Readiness Index” has increased by 5.8 points to 52.8 points (maximum being 100 points) compared with last year, approaching the level in year 2022. However, it remains at the “Basic” level, indicating that there is still significant room for improvement for enterprises.

• Security Alert (A24-11-17): Vulnerability in Google Chrome (20-November-2024)
  

  Google released a security update to address a vulnerability in Google Chrome.

• High Threat Security Alert (A24-11-16): Multiple Vulnerabilities in Apple Products (20-November-2024)
  

  Apple has released iOS 17.7.2, iOS 18.1.1, iPadOS 17.7.2, iPadOS 18.1.1, macOS Sequoia 15.1.1 and Safari 18.1.1 to fix the vulnerabilities in various Apple devices.

• WSD urges public to be alert to fraudulent SMS message (20-November-2024)
  

  The Water Supplies Department (WSD) today (November 20) alerted the public to a fraudulent SMS message purportedly issued by the department.

• Fraudulent websites and internet banking login screens related to China Construction Bank (Asia) Corporation Limited (20-November-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Construction Bank (Asia) Corporation Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Security Alert (A24-11-15): Multiple Vulnerabilities in Apache Tomcat (19-November-2024)
  

  The Apache Software Foundation released security updates to address the vulnerabilities in the Apache Tomcat.

• High Threat Security Alert (A24-11-14): Multiple Vulnerabilities in Palo Alto Products (19-November-2024)
  

  Palo Alto has published security advisories to address multiple vulnerabilities in PAN-OS.

• Fraudulent website related to China Construction Bank (Asia) Corporation Limited (19-November-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Construction Bank (Asia) Corporation Limited relating to a fraudulent website, which has been reported to the HKMA.

• Fraudulent website related to Chong Hing Bank Limited (19-November-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to a fraudulent website, which has been reported to the HKMA.

• Phishing emails related to DBS Bank (Hong Kong) Limited (19-November-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to phishing emails, which have been reported to the HKMA.

• Security Alert (A24-11-13): Multiple Vulnerabilities in Microsoft Edge (18-November-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• High Threat Security Alert (A24-11-12): Multiple Vulnerabilities in Palo Alto Products (18-November-2024)
  

  Palo Alto has published security advisories to address multiple vulnerabilities in PAN-OS.

• Privacy Commissioner’s Office Reviews the Collection of Personal Data by 10 Online Travel Platforms (18-November-2024)
  

  In the light of the growing popularity of online travel platforms and mobile applications, the Office of the Privacy Commissioner for Personal Data (PCPD) reviewed 10 online travel platforms (including the relevant websites and mobile applications) commonly used by citizens to understand how these platforms collect and use the personal data of their users, and released a report titled “A Study of the Collection of Personal Data by 10 Online Travel Platforms” today. The 10 platforms are (in alphabetical order) Agoda, EGL Tours, Expedia, Goldjoy Holidays, Miramar Travel, Sunflower Travel, Travel Expert, Trip.com, Wing On Travel and WWPKG.

• Phishing messages and fraudulent websites related to Octopus Cards Limited (18-November-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Octopus Cards Limited relating to phishing messages and fraudulent websites.

• Fraudulent websites and internet banking login screens related to Bank of China (Hong Kong) Limited (18-November-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Hong Kong Cybersecurity Attack and Defence Drill 2024 successfully concludes (with photos) (17-November-2024)
  

  The first Hong Kong Cybersecurity Attack and Defence Drill, spearheaded by the Digital Policy Office (DPO) in collaboration with the Cyber Security and Technology Crime Bureau of the Hong Kong Police Force, the Hong Kong Internet Registration Corporation Limited, and the Hong Kong Institute of Information Technology, concluded today (November 17).

• Embracing the e+ Internet Generation Parent Seminar (2): Healthy Internet Use Effective Use of Artificial Intelligence (16-November-2024)
  

  A project officer from the Office for Film, Newspaper and Article will provide advice to parents on helping their children safely surf the Internet and avoid accessing harmful online information. The Vice Principal of Chong Gene Hang College will present the applications of artificial intelligence (AI) in education to parents and offer practical advice on how they can help their children effectively use AI tools to enhance learning while avoiding excessive dependence. 

• Transport Department alerts public to fraudulent websites purported to be from HKeToll (15-November-2024)
  

  The Transport Department (TD) today (November 15) alerted members of the public to fraudulent website addresses that pretend to be the HKeToll (see Annex) and seek to deceive users into making payments and obtain their credit card information.

• Fraudulent websites related to The Hongkong and Shanghai Banking Corporation Limited (15-November-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to fraudulent websites, which have been reported to the HKMA.

• Hong Kong Cybersecurity Attack and Defence Drill 2024 launched today (with photos) (15-November-2024)
  

  The Government launched Hong Kong's first Cybersecurity Attack and Defence Drill today (November 15). The drill, which will span three days for a total of 60 hours.

• 創新科技及工業局局長出席「香港網絡安全攻防演練──以攻築防2024」開幕典禮致辭全文 (with photos) (Chinese only) (15-November-2024)
  

  以下是創新科技及工業局局長孫東教授今日（十一月十五日）在「香港網絡安全攻防演練——以攻築防2024」開幕典禮的致辭全文。(Chinese only)

• A 29-year-old Female Arrested for Suspected Doxxing of Another Woman Because of Relationship Entanglements (15-November-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese female aged 29 in the New Territories. 

• 立法會：創新科技及工業局局長就《行政長官2024年施政報告》致謝議案辯論（第二節）致辭全文(Chinese only) (14-November-2024)
  

  以下是創新科技及工業局局長孫東教授今日（十一月十四日）在立法會會議上就《行政長官2024年施政報告》致謝議案辯論（第二節：鞏固提升國際金融、航運和貿易中心地位；因地制宜發展新質生產力）的致辭全文。(Chinese only)

• Government clarifies statement on nomination of US Secretary of State (14-November-2024)
  

  It has come to the Government's attention that a statement seemingly issued by the Government regarding the nomination of the US Secretary of State was circulated in the social media.

• Security Alert (A24-11-11): Multiple Vulnerabilities in Citrix Products (13-November-2024)
  

  Citrix released security advisories to address multiple vulnerabilities in Citrix products.

• Security Alert (A24-11-10): Multiple Vulnerabilities in Ivanti Products (13-November-2024)
  

  Ivanti has released a security advisory to address multiple vulnerabilities in Ivanti products.

• Security Alert (A24-11-09): Multiple Vulnerabilities in Fortinet Products (13-November-2024)
  

  Fortinet released security advisories to address multiple vulnerabilities in Fortinet systems.

• Security Alert (A24-11-08): Multiple Vulnerabilities in Google Chrome (13-November-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• High Threat Security Alert (A24-11-07): Multiple Vulnerabilities in Microsoft Products (November 2024) (13-November-2024)
  

  Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.

• Fraudulent websites related to China Construction Bank (Asia) Corporation Limited (13-November-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Construction Bank (Asia) Corporation Limited relating to fraudulent websites, which have been reported to the HKMA.

• 立法會：保安局局長就《行政長官2024年施政報告》致謝議案辯論（第一節）致辭全文 (Chinese only) (13-November-2024)
  

  以下是保安局局長鄧炳強今日（十一月十三日）在立法會會議上就《行政長官2024年施政報告》致謝議案辯論（第一節：改革求變　由治及興、「一國兩制」行穩致遠、強化政府治理體系和深化大灣區合作）的致辭全文。(Chinese only)

• LegCo Subcommittee on Issues Relating to the Development of Web3 and Virtual Assets visits Cyberport (with photos) (12-November-2024)
  

  The Legislative Council Subcommittee on Issues Relating to the Development of Web3 and Virtual Assets visited Cyberport today (November 12) to learn about its latest development and way forward in promoting Web3 applications.

• HKCERT Capture the Flag Challenge 2024 (From 13-September-2024 to 10-November-2024)
  

  “HKCERT Capture The Flag 2024,” organised by the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) and the Hong Kong Productivity Council (HKPC), is now in its fifth edition. It is one of the largest cybersecurity competitions in Hong Kong, featuring four categories: Secondary School, Tertiary, Open, and International.

• Presentation by Mr Donald Mak, Deputy Commissioner (Data Governance), at the “HKICPA IT Conference 2024” (with photos) (9-November-2024)
  

  Mr Donald Mak, Deputy Commissioner (Data Governance), spoke at HKICPA IT Conference 2024.

• Security Alert (A24-11-06): Multiple Vulnerabilities in Microsoft Edge (8-November-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Transport Department alerts public to fraudulent websites purported to be from HKeToll (8-November-2024)
  

  The Transport Department (TD) today (November 8) alerted members of the public to the following fraudulent website addresses which pretend to be the HKeToll and seek to deceive users into making payments and obtain their credit card information.

• Opening Speech by Mr Daniel Cheung, JP, Deputy Commissioner (Digital Infrastructure), at the “ICT Conference 2024” (with photos) (7-November-2024)
  

  Mr Daniel Cheung, Deputy Commissioner (Digital Infrastructure), delivered the opening speech at the “ICT Conference 2024”

• Speech by Ir Tony Wong, JP, Commissioner for Digital Policy, at the “Launch Ceremony of the First Batch of the Hong Kong Institute of Information Technology (HKIIT) Certified Information Security Professional (CISP) Training Programme” (with photos) (Chinese only) (7-November-2024)
  

  Only Chinese version is available for this speech / presentation. 

• Security Alert (A24-11-05): Multiple Vulnerabilities in Cisco Products (7-November-2024)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

• Security Alert (A24-11-04): Multiple Vulnerabilities in Synology Products (6-November-2024)
  

  Synology has published security advisories to address multiple vulnerabilities in Synology products

• Security Alert (A24-11-03): Multiple Vulnerabilities in Google Chrome (6-November-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Promoting AI Security – Privacy Commissioner Speaks at the Hong Kong International Computer Conference 2024 (6-November-2024)
  

  The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling attended the Hong Kong International Computer Conference 2024 themed “From Generative AI (GAI) to Artificial General Intelligence (AGI)” on 4 and 5 November 2024 and delivered a keynote speech titled “Safeguarding Personal Data Privacy in the Age of AI: Governance Recommendations”.

• Promoting AI Security – Privacy Commissioner Publishes an Article on A Plus (6-November-2024)
  

  The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, published an article titled “Safeguarding personal data privacy in the AI era with PCPD’s Model Framework” on A Plus, the official quarterly magazine of the Hong Kong Institute of Certified Public Accountants.

• Security Alert (A24-11-02): Multiple Vulnerabilities in Android (5-November-2024)
  

  Google has released Android Security Bulletin November 2024 to fix multiple security vulnerabilities in Android operating system.

• Fraudulent website related to Bank Julius Baer & Co. Ltd. (5-November-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank Julius Baer & Co. Ltd. relating to a fraudulent website, which has been reported to the HKMA.

• Fraudulent social media account related to Bank of Singapore Limited (5-November-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited relating to a fraudulent social media account, which has been reported to the HKMA.

• Fraudulent website and internet banking login screen related to China CITIC Bank International Limited (5-November-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• 保安局局長在立法會保安事務委員會政策簡報會開場發言 (Chinese only) (5-November-2024)
  

  以下是保安局局長鄧炳強今日（十一月五日）在立法會保安事務委員會政策簡報會的開場發言。(Chinese only)

• Hong Kong International Computer Conference 2024 (From 4-November-2024 to 5-November-2024)
  

  The theme of this annual flagship event organised by the Hong Kong Computer Society (HKCS) this year is “From Generative AI (GAI) to Artificial General Intelligence (AGI)”.  It will bring together ICT professionals and experts, government leaders and business executives from local and abroad to share and discuss the latest trends of ICT innovations and developments in enhancing business opportunities and productivity.

• Security Alert (A24-11-01): Multiple Vulnerabilities in Microsoft Edge (1-November-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• S for S meets with critical infrastructure stakeholders (with photos) (1-November-2024)
  

  The Secretary for Security, Mr Tang Ping-keung, today (November 1) hosted a briefing at the Central Government Offices on the consultation report on the proposed legislative framework to enhance protection of the computer systems of critical infrastructures. He briefed the stakeholders on the outcomes of the consultation conducted months earlier and the way forward of the legislative exercise, and responded to the major concerns from the submissions received during the consultation period.

• Security Alert (A24-10-28): Multiple Vulnerabilities in QNAP Products (31-October-2024)
  

  QNAP has published security advisories to address multiple vulnerabilities in QNAP products.

• Transport Department alerts public to fraudulent websites of HKeToll (31-October-2024)
  

  The Transport Department (TD) today (October 31) alerted members of the public to the following fraudulent website addresses, which pretend to be the HKeToll and seek to deceive users into making payments and obtain their credit card information.

• Housing Department urges public to be alert to fraudulent website of Cash Allowance Trial Scheme (31-October-2024)
  

  The Housing Department (HD) today (October 31) alerted members of the public to a fraudulent website (https://cashallowanceget-hk2024[.]xyz), which purports to be the website of the Cash Allowance Trial Scheme.

• Security Alert (A24-10-27): Multiple Vulnerabilities in Firefox (30-October-2024)
  

  Mozilla has published the advisories (MFSA2024-55, MFSA2024-56 and MFSA2024-57) to address multiple vulnerabilities in Firefox browser.

• Security Alert (A24-10-26): Multiple Vulnerabilities in Google Chrome (30-October-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Housing Department urges public to be alert to fraudulent website of Cash Allowance Trial Scheme (30-October-2024)
  

  The Housing Department (HD) today (October 30) alerted members of the public to a fraudulent website (https://cashalwaysget_hk2024[.]site), which purports to be the website of the Cash Allowance Trial Scheme.

• PCPD Publishes 2023-24 Annual Report (30-October-2024)
  

  Our 2023-24 Annual Report, themed “Ensuring Data Security to Promote a Digital Economy”, presents the immense breadth and scale of actions undertaken by the PCPD over the reporting year to safeguard personal data privacy in the ever-evolving digital landscape, with the aim of promoting a digital economy.

• Security Alert (A24-10-25): Multiple Vulnerabilities in Apple iOS and iPadOS (29-October-2024)
  

  Apple has released iOS 17.7.1, iOS 18.1, iPadOS 17.7.1 and iPadOS 18.1 to fix the vulnerabilities in various Apple devices.

• 創新科技及工業局局長出席立法會資訊科技及廣播事務委員會政策簡報會開場發言 (Chinese only) (29-October-2024)
  

  以下是創新科技及工業局局長孫東教授今日（十月二十九日）出席立法會資訊科技及廣播事務委員會政策簡報會就《行政長官2024年施政報告》有關創新科技及工業局政策措施的開場發言。(Chinese only)

• Phishing instant messages related to Livi Bank Limited (29-October-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Livi Bank Limited relating to phishing instant messages, which have been reported to the HKMA.

• Data Scraping on Social Media Raises Concerns The PCPD, together with 15 Privacy Protection Authorities, Issues a Global Joint Statement to Social Media Platforms (29-October-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD), together with 15 privacy or data protection authorities worldwide, today issued a global joint statement (Joint Statement) on data scraping and the protection of privacy to social media platforms.

• HKeToll sends SMS by "#HKeToll" to guard against fraudulent messages (28-October-2024)
  

  The Transport Department (TD) today (October 28) reminded members of the public that the HKeToll now uses "#HKeToll" for issuing SMS messages to local subscribers of mobile services who are HKeToll users for authentication purposes.

• Massive "911 S5" Botnet Affecting Nearly 19 Million IP Addresses Worldwide was Dismantled (28-October-2024)
  

  "911 S5" botnet impacted nearly 19 million IP addresses globally, posing a significant threat to cybersecurity. In May 2024, the FBI, in collaboration with international law enforcement agencies, successfully dismantled the "911 S5" botnet. Although the "911 S5" botnet has been dismantled, its impact remains noteworthy. This article explores its operation and removal methods.

• Embracing the e+ Internet Generation Parent Seminar (1): Establishing Home-School Collaboration Cultivate Healthy Internet Habits (26-October-2024)
  

  An IT coordinator from Ling To Catholic Primary School will introduce to parents how to leverage the advantages of e-learning through home-school collaboration to enhance their children’s learning outcomes, nurture their information literacy, and help them master the skills needed to tackle various challenges in the future. Registered social workers of Hong Kong Playground Association will lead parents to understand the Internet usage patterns of the e-Generation and offer insights on how to prevent their children from becoming addicted to the Internet.

• Security Alert (A24-10-24): Multiple Vulnerabilities in Microsoft Edge (25-October-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Phishing instant messages related to Livi Bank Limited (25-October-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Livi Bank Limited relating to phishing instant messages, which have been reported to the HKMA.

• High Threat Security Alert (A24-10-23): Multiple Vulnerabilities in Cisco Products (24-October-2024)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

• High Threat Security Alert (A24-10-22): Multiple Vulnerabilities in Fortinet Products (24-October-2024)
  

  Fortinet released security advisories to address multiple vulnerabilities in Fortinet systems.

• Promoting AI Security – Privacy Commissioner and PCPD Representative Speak at the Cyber Security Summit Hong Kong 2024 (24-October-2024)
  

  The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, and the Assistant Privacy Commissioner for Personal Data (Complaints and Criminal Investigation), Ms Rebecca HO (Assistant Privacy Commissioner), spoke at the Cyber Security Summit Hong Kong 2024 on 24 October 2024.

• Cyber Security Summit 2024 (From 23-October-2024 to 24-October-2024)
  

  Over the course of two days, attendees can expect captivating keynote speeches, thought-provoking panel discussions, and interactive workshops. Our theme for this year’s summit is “Cyber Security Fortification – The AI Paradox,” with a subtheme focusing on “Emerging Technologies, Legislation, Regulations, Privacy, and Compliance.”

• Security Alert (A24-10-21): Multiple Vulnerabilities in Google Chrome (23-October-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• DPO's response to media enquiries on government staff's use of personal webmail, public cloud storage and web-version of instant messaging services (23-October-2024)
  

  In response to media enquiries on government staff's use of personal webmail, public cloud storage and web-version of instant messaging services, a spokesman for the Digital Policy Office (DPO) said today (October 23):In face of increasingly severe cyber threats, the DPO reminded all bureaux and departments (B/Ds) through the Government's IT Security Guidelines (the Guidelines) updated in April this year that their staff's use of personal webmail, public cloud storage and instant messaging services on desktop computers connected to the government internal network will bring potential information security risks, hence the risks must be well managed.

• Fraudulent websites, internet banking login screens and phishing emails related to Dah Sing Bank, Limited (23-October-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Dah Sing Bank, Limited relating to fraudulent websites, internet banking login screens and phishing emails, which have been reported to the HKMA.

• Speech by Ir Tony Wong, JP, Commissioner for Digital Policy, at the “Cyber Security Summit Hong Kong 2024” (with photos) (23-October-2024)
  

  Good morning. I am delighted to be here today for the Cyber Security Summit 2024. Firstly, I would like to extend my heartfelt appreciation to the Hong Kong Productivity Council for orchestrating the Summit again this year, which brings together renowned cybersecurity experts from both local, national and international backgrounds, offering a unique opportunity to foster learning, collaboration, and networking in the cybersecurity field.

• HKPC Cyber Security Co-organises “Cyber Security Summit Hong Kong 2024” With Ten Other Leading Information Security Organisations Shed Light on Cyber Security Defence and Artificial Intelligence (AI) Solutions (23-October-2024)
  

  Jointly organised by the Hong Kong Productivity Council Cyber Security (HKPC Cyber Security), and other ten leading local information security organisations, the “Cyber Security Summit Hong Kong 2024” (the Summit) takes place at the Hong Kong Convention and Exhibition Centre on 23 and 24 October. Themed “Cyber Security Fortification: The AI Paradox”, this year’s Summit explores the latest trends in information security, with the focus on digital transformation, legislation, privacy, compliance management, and more.

• Fraudulent websites and phishing instant messages related to Bank Julius Baer & Co. Ltd. (22-October-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank Julius Baer & Co. Ltd. relating to fraudulent websites and phishing instant messages, which have been reported to the HKMA.

• Reporting to Legislative Council – Secretary for Constitutional and Mainland Affairs and Privacy Commissioner Attend Meeting of the Legislative Council Panel on Constitutional Affairs (22-October-2024)
  

  The Secretary for Constitutional and Mainland Affairs (SCMA), Mr Erick TSANG Kwok-wai, GBS, IDSM, JP, attended the Policy Briefing meeting of the Legislative Council (LegCo) Panel on Constitutional Affairs on 21 October 2024 to brief Panel members on the Chief Executive’s 2024 Policy Address. The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, also attended the meeting to answer questions raised by members on the protection of personal data privacy and the work of her Office (PCPD).

• Privacy Commissioner’s Office Publishes Investigation Findings on the Data Breach Incident of South China Athletic Association and Launches “Data Security” Package for Schools, NGOs and SMEs (22-October-2024)
  

  On completion of its investigation into the data breach incident of the South China Athletic Association (SCAA), the Office of the Privacy Commissioner for Personal Data (PCPD) published its findings today. The investigation arose from a data breach notification submitted by the SCAA to the PCPD on 18 March 2024, reporting that its servers had been attacked by ransomware and maliciously encrypted (the Incident).

• Fraudulent website related to DBS Bank (Hong Kong) Limited (21-October-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to a fraudulent website, which has been reported to the HKMA.

• TD to send HKeToll SMS by "#HKeToll" from October 28 (21-October-2024)
  

  The Transport Department (TD) announced today (October 21) that the HKeToll has participated in the SMS Sender Registration Scheme under the Office of the Communications Authority to help the public verify SMS messages issued by the HKeToll.

• 創新科技及工業局局長在《行政長官2024年施政報告》相關措施記者會開場發言 (Chinese only) (with photos/videos) (19-October-2024)
  

  以下是創新科技及工業局局長孫東教授今日（十月十九日）在《行政長官2024年施政報告》相關措施記者會闡述創新科技及工業局政策範疇措施的開場發言。(Chinese only)

• Security Alert (A24-10-20): Multiple Vulnerabilities in Microsoft Edge (18-October-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Public urged to stay alert to emails purported to be issued by Chief Executive of Hospital Authority (18-October-2024)
  

  ​The Hospital Authority (HA) spokesperson today (October 18) urged members of the public to stay alert against fraudulent acts to collect personal information on behalf of HA staff.

• Security Alert (A24-10-19): Multiple Vulnerabilities in Google Chrome (16-October-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Security Alert (A24-10-18): Multiple Vulnerabilities in Oracle Java and Oracle Products (October 2024) (16-October-2024)
  

  Oracle has released the Critical Patch Update (CPU) Advisory with collections of patches for multiple vulnerabilities found in Java SE and various Oracle products.

• Fraudulent mobile application related to Bank of Singapore Limited (16-October-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited relating to a fraudulent mobile application (App), which has been reported to the HKMA.

• Privacy Commissioner’s Office Welcomes the Chief Executive’s 2024 Policy Address (16-October-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) welcomes the array of policy initiatives on protecting cybersecurity and promoting data flow set out in the Chief Executive’s Policy Address.

• Security Alert (A24-10-17): Vulnerability in Firefox (15-October-2024)
  

  Mozilla has published an advisory (MFSA2024-53) to address a vulnerability in Firefox browser.

• Fraudulent website related to DBS Bank (Hong Kong) Limited (15-October-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to a fraudulent website, which has been reported to the HKMA.

• Transport Department alerts public to fraudulent websites of HKeToll (15-October-2024)
  

  The Transport Department (TD) today (October 15) alerted members of the public to fraudulent websites addresses, "https://hketoll[.]shop/hk" and "https://hketollo[.]cc/hk", which pretend to be the HKeToll and seek to deceive users into making payments and obtain their credit card information.

• Privacy Commissioner’s Office Welcomes LinkedIn’s pause of Using Hong Kong Users’ Personal Data for training Generative Artificial Intelligence (AI) Models (15-October-2024)
  

  On 3 October 2024, the Office of the Privacy Commissioner for Personal Data (PCPD) expressed concern regarding the employment-oriented social media platform LinkedIn’s default opt-in setting for using Hong Kong users’ personal data and content on the platform to train its generative AI models for content creation, and wrote to LinkedIn to enquire into the matter.

• Security Alert (A24-10-16): Multiple Vulnerabilities in SonicWall Products (14-October-2024)
  

  SonicWall released security advisories to address multiple vulnerabilities in SonicWall systems.

• Security Alert (A24-10-15): Multiple Vulnerabilities in Microsoft Edge (14-October-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• High Threat Security Alert (A24-10-14): Multiple Vulnerabilities in GitLab (14-October-2024)
  

  GitLab has released 17.2.9, 17.3.5 and 17.4.2 to address multiple vulnerabilities in various versions of GitLab.

• Administration’s paper on Work related to safeguarding and promoting information security (14-October-2024)
  

  This paper briefs Members on the latest situation of information security in Hong Kong and the Government’s work related to safeguarding and promoting information security.

• Background brief prepared by the Legislative Council Secretariat on Work related to safeguarding and promoting information security Background brief prepared by the Legislative Council Secretariat (14-October-2024)
  

  This paper provides background information on the Administration’s measures in safeguarding and promoting information security. It also gives a brief account of the views and concerns expressed by Members during discussions on related subjects at the meetings of the Panel on Information Technology and Broadcasting (“the Panel”) and the Subcommittee on Matters Relating to the Development of Smart City in recent years.

• Promoting Anti-fraud Messages in Education Sector – Privacy Commissioner Gives Keynote Speech at the “Launch Ceremony of Anti-deception Alliance (Education) 2024” (12-October-2024)
  

  The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, attended the “Launch Ceremony of Anti-deception Alliance (Education) 2024” as the Guest of Honour and gave a keynote speech on 12 October. The event was co-organised by the Hong Kong Police Force, Hong Kong University of Science and Technology and Institute of Global Metagovernors.

• Security Alert (A24-10-13): Multiple Vulnerabilities in Juniper Networks Products (10-October-2024)
  

  Juniper Networks has published security advisories to address multiple vulnerabilities in Junos OS, Junos OS Evolved and Junos Space.

• Security Alert (A24-10-12): Vulnerability in Ivanti Products (10-October-2024)
  

  Ivanti has released a security advisory to address a vulnerability in Ivanti products.

• Security Alert (A24-10-11): Multiple Vulnerabilities in Apple iOS and iPadOS (10-October-2024)
  

  Apple has released iOS 18.0.1 and iPadOS 18.0.1 to fix the vulnerabilities in various Apple devices.

• High Threat Security Alert (A24-10-10): Multiple Vulnerabilities in Palo Alto Networks Expedition (10-October-2024)
  

  Palo Alto Networks has published a security advisory to address multiple vulnerabilities in Expedition.

• High Threat Security Alert (A24-10-09): Vulnerability in Firefox (10-October-2024)
  

  Mozilla has published an advisory (MFSA2024-51) to address a vulnerability in Firefox browser.

• Security Alert (A24-10-08): Multiple Vulnerabilities in Google Chrome (9-October-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• High Threat Security Alert (A24-10-07): Multiple Vulnerabilities in Microsoft Products (October 2024) (9-October-2024)
  

  Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.

• InfoSec Tours - Cybersecurity and Information Literacy (Chinese version only) (9-October-2024)
  

  InfoSec Tours - Cybersecurity and Information Literacy (Chinese version only)

• Security Alert (A24-10-06): Multiple Vulnerabilities in Android (8-October-2024)
  

  Google has released Android Security Bulletin October 2024 to fix multiple security vulnerabilities in Android operating system.

• Security Alert (A24-10-05): Multiple Vulnerabilities in Microsoft Edge (7-October-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• SWD urges public to be alert to fraudulent website (7-October-2024)
  

  The Social Welfare Department (SWD) today (October 7) alerted members of the public to a fraudulent website, which purports to be the website of the SWD (subsidy-swd-gov-hk[.]web[.]app).

• Promoting AI Security – Privacy Commissioner Publishes an Article on OneTrust DataGuidance  (7-October-2024)
  

  The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, published an article on OneTrust DataGuidance titled “Hong Kong, China: PCPD’s Model Framework Helps Organisations Using AI Ensure Compliance”.

• Transfer of Customers’ Personal Data by Physical Privacy Commissioner’s Office Proactively Contacted perFIT to Provide Assistance (7-October-2024)
  

  To commencing a compliance check into Physical earlier, the PCPD has proactively reached out to the new investor today to understand their arrangements for the transfer of customers’ personal data and to request relevant documents, in order to provide appropriate assistance to the new investor to ensure that the relevant requirements under the Personal Data (Privacy) Ordinance (PDPO) are complied with.

• Security Alert (A24-10-04): Multiple Vulnerabilities in Cisco Products (3-October-2024)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

• Security Alert (A24-10-03): Multiple Vulnerabilities in Google Chrome (3-October-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Phishing instant messages related to Fubon Bank (Hong Kong) Limited (3-October-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Fubon Bank (Hong Kong) Limited relating to phishing instant messages, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Bank of China (Hong Kong) Limited (3-October-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Privacy Commissioner’s Office Reminds Users of LinkedIn to beware of the Use of Their Personal Data for Training of generative Artificial Intelligence (AI) Models (3-October-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) noted that employment-oriented social media platform LinkedIn has recently updated its privacy policy to allow LinkedIn to use the personal data and content created by its users on LinkedIn to train its generative AI models for content creation, with the relevant setting for consent to such use enabled by default.

• Security Alert (A24-10-02): Multiple Vulnerabilities in Firefox (2-October-2024)
  

  Mozilla has published the advisories (MFSA2024-46, MFSA2024-47 and MFSA2024-48) to address multiple vulnerabilities in Firefox browser.

• High Threat Security Alert (A24-10-01): Vulnerability in Juniper Networks Junos OS and Junos OS Evolved (2-October-2024)
  

  Juniper Networks has published security advisory to address a vulnerability in Junos OS and Junos OS Evolved.

• Enhancing Data Security – Privacy Commissioner’s Office Collaborates with HKIRC to Launch Promotional Videos  (2-October-2024)
  

  To assist organisations in raising employees’ awareness of cyber security and personal data protection, the Office of the Privacy Commissioner for Personal Data (PCPD) and the Hong Kong Internet Registration Corporation Limited (HKIRC) have jointly launched a series of promotional videos to provide relevant guidance and tips to organisations in a lively manner.

• Security Alert (A24-09-23): Multiple Vulnerabilities in Microsoft Edge (30-September-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Enhancing Cybersecurity – PCPD Representative Attends “Bug Hunting Campaign 2024” Awards Gala (30-September-2024)
  

  Mr Brad KWOK, Chief Personal Data Officer (Compliance and Enquiries) of the Office of the Privacy Commissioner for Personal Data (PCPD), attended the “Bug Hunting Campaign 2024” Awards Gala on 26 September to present awards and share the latest trends of data breach incidents.

• “Together, We Create a Safe Cyberworld” Tram Promotion Campaign and Quiz Game (From 2-September-2024 to 29-September-2024)
  

  The Digital Policy Office, the Hong Kong Police Force, and the Hong Kong Computer Emergency Response Team Coordination Centre jointly organized the "Together, We Create a Safe Cyberworld" tram promotion campaign. The three trams will feature the winning design from the "Together, We Create a Safe Cyberworld" tram body design contest and will be displayed across Hong Kong Island to convey cybersecurity messages. The aims are to arouse public awareness of cybersecurity, so as to prevent them from falling into online traps, and strengthen city-wide defence against cyberattacks.

• Fraudulent website related to Bank of China (Hong Kong) Limited (27-September-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to a fraudulent website, which has been reported to the HKMA.

• IoT Security Guideline for Digital Signage (27-September-2024)
  

  Due to network connectivity, digital signage is vulnerable to a series of cybersecurity challenges, which might affect the normal operation of signage, and endanger the network and data security connected to them. To address these challenges, this guideline aims to provide best practices and security measures for digital signage users, operators, advertisers and technology providers, in order to enhance the safety and privacy of the public, also ensure the long-term sustainable development of digital signage technology.

• Security Alert (A24-09-22): Multiple Vulnerabilities in Google Chrome (26-September-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Security Alert (A24-09-21): Multiple Vulnerabilities in Cisco Products (26-September-2024)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

• Transport Department alerts public to fraudulent SMS messages purportedly from HKeToll (26-September-2024)
  

  The Transport Department (TD) today (September 26) alerted members of the public to fraudulent SMS messages purportedly issued by the HKeToll.

• Two Men Arrested for Suspected Doxxing Arising from Monetary Disputes (26-September-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 37 (the first arrested person) and a Chinese male aged 47 in Kowloon and the New Territories respectively.

• Phishing emails related to The Hongkong and Shanghai Banking Corporation Limited (25-September-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to phishing emails, which have been reported to the HKMA.

• Fraudulent website and social media page related to Dah Sing Bank, Limited (24-September-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Dah Sing Bank, Limited relating to a fraudulent website and a social media page, which have been reported to the HKMA.

• Transport Department alerts public to fraudulent SMS message purportedly from HKeToll (24-September-2024)
  

  The Transport Department (TD) today (September 24) alerted members of the public to a fraudulent SMS message purportedly issued by the HKeToll. 

• UGC alerts public to fraudulent websites (23-September-2024)
  

   The University Grants Committee (UGC) today (September 23) urged members of the public to remain vigilant against fraudulent websites, which were found to purport to be the website of the UGC.

• Fraudulent website and internet banking login screen related to China CITIC Bank International Limited (23-September-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited relating to a fraudulent website and an internet banking login screen, which has been reported to the HKMA.

• Promoting AI Security – PCPD Representatives Speak to Industry Practitioners (23-September-2024)
  

  Representatives from the Office of the Privacy Commissioner for Personal Data (PCPD) attended two events on 20 September and shared with various industry practitioners the key features of the “Artificial Intelligence: Model Personal Data Protection Framework” (the Model Framework) published by the PCPD in June 2024.

• Counter Cyber and Physical Terrorism Joint Exercise 2024 successfully concludes (21-September-2024)
  

  The Cyber Security and Technology Crime Bureau (CSTCB) of the Hong Kong Police Force held the Counter Cyber and Physical Terrorism Joint Exercise 2024 codenamed BATTLEAIR in collaboration with the INTERPOL and the Macao Judiciary Police today (September 21) to enhance participants’ capabilities in responding to cyber attacks and physical counter terrorism.

• HKCS Cyber Security Annual Forum 2024: Core Practice of Data Governance in Cyber Security and AI (20-September-2024)
  

  The purpose of this forum is to provide industry practitioner in Hong Kong with latest trend and update on Data Governance and their impact on Cybersecurity in the backdrop of increasing adoption of AI tools.

• Security Alert (A24-09-20): Multiple Vulnerabilities in Microsoft Edge (20-September-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Fraudulent mobile application related to Bank of Singapore Limited (20-September-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited relating to a fraudulent mobile application (App), which has been reported to the HKMA.

• Security Alert (A24-09-19): Multiple Vulnerabilities in Google Chrome (19-September-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Security Alert (A24-09-18): Multiple Vulnerabilities in Apple iOS and iPadOS (19-September-2024)
  

  Apple has released iOS 17.7, iOS 18, iPadOS 17.7 and iPadOS 18 to fix the vulnerabilities in various Apple devices.

• High Threat Security Alert (A24-09-17): Vulnerability in GitLab (19-September-2024)
  

  GitLab has released 16.11.10, 17.0.8, 17.1.8, 17.2.7 and 17.3.3 to address a security restriction bypass vulnerability in various versions of GitLab.

• High Threat Security Alert (A24-09-16): Multiple Vulnerabilities in VMware Products (19-September-2024)
  

  VMware has published a security advisory to address multiple vulnerabilities in VMware products.

• Fraudulent website and social media account related to Public Finance Limited (19-September-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Public Finance Limited relating to a fraudulent website and a social media account, which has been reported to the HKMA.

• Privacy Commissioner Urges Job Seekers to Stay Vigilant about “Blind” Recruitment Advertisements Online Doxxing Messages Dropped by 90% on Third Anniversary of Anti-Doxxing Law (19-September-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) held a media briefing today to elaborate on the PCPD’s concern on the placing of “blind” recruitment advertisements (Blind Ads) on online recruitment platforms, as well as to report on its enforcement work in the past three years since the commencement of the provisions criminalising doxxing acts under the Personal Data (Privacy) Ordinance (PDPO).

• Fraudulent social media account and phishing instant messages related to Shanghai Commercial Bank Limited (17-September-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Shanghai Commercial Bank Limited relating to a fraudulent social media account and phishing instant messages, which have been reported to the HKMA.

• Building National Cybersecurity – Privacy Commissioner Attends 2024 China Cybersecurity Week Hong Kong Sub-forum (17-September-2024)
  

  On 13 September, the Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, attended 2024 China Cybersecurity Week Hong Kong Sub-forum (Sub-forum), which was jointly organised by the Digital Policy Office, the Cyber Security and Technology Crime Bureau of the Hong Kong Police Force, and Hong Kong Internet Registration Corporation Limited. At the Sub-forum, the Privacy Commissioner exchanged views with the cybersecurity sector from both the Mainland and Hong Kong to learn about the latest cybersecurity technologies and trends.

• C&WDO receives report of loss of hirer data by facility management services contractor of Sai Ying Pun Community Complex (16-September-2024)
  

  The Central and Western District Office (C&WDO) received a report of the loss of hirer data by a facility management services contractor today (September 16).

• 網絡安全雲競答 (Chinese Only) (From 5-September-2024 to 15-September-2024)
  

  網絡安全雲競答正式上線啦！ (Chinese Only)

• 2024 Cybersecurity Week Fun Day (From 7-September-2024 to 15-September-2024)
  

  In order to raise public awareness of cybersecurity and to strengthen the city's ability to defend against cyber attacks, the "Together, We Create a Safe Cyberworld" Cybersecurity Week Fun Day, organised by the Digital Policy Office (DPO), Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT), and co-organised by the Hong Kong Police Force (HKPF), is scheduled to be held on 7-15 September 2024 at D-Park, Tsuen Wan, Hong Kong. 

• Security Alert (A24-09-15): Multiple Vulnerabilities in Microsoft Edge (13-September-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• High Threat Security Alert (A24-09-14): Multiple Vulnerabilities in GitLab (13-September-2024)
  

  GitLab has released 17.1.7, 17.2.5 and 17.3.2 to address multiple vulnerabilities in various versions of GitLab.

• Digital Policy Office holds Cybersecurity Technology Forum (with photos) (13-September-2024)
  

  The Digital Policy Office (DPO) held its 20th Technology Forum at the Hong Kong Productivity Council (HKPC) today (September 13). The forum, with the theme "Adopting Innovative Technologies to Cope with Cybersecurity Threats", was held in hybrid mode and attracted about 900 colleagues from nearly 100 government departments and public organisations.

• 創新科技及工業局局長出席「2024國家網絡安全宣傳周--香港分論壇」致辭全文 (Chinese only) (with photos) (13-September-2024)
  

  以下是創新科技及工業局局長孫東教授今日（九月十三日）在「2024國家網絡安全宣傳周—香港分論壇」的致辭全文。 (Chinese only) (with photos)

• Speech by Mr Kingsley Wong, BBS, Assistant Commissioner (Project Governance and Cybersecurity), at the “2024 China Cybersecurity Week Hong Kong Sub-forum” (with photos) (Chinese only) (13-September-2024)
  

  Only Chinese version is available for this speech / presentation.

• Opening Remarks by Ir Tony Wong, JP, Commissioner for Digital Policy, at the “Cybersecurity Technology Forum - Adopting Innovative Technologies to Cope with Cybersecurity Threats” (with photos) (Chinese only) (13-September-2024)
  

  Only Chinese version is available for this speech / presentation.

• Building National Cybersecurity – Privacy Commissioner Delivers Keynote Speech at 2024 China Cybersecurity Week Macao Sub-forum (13-September-2024)
  

  The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling attended the 2024 China Cybersecurity Week Macao Sub-forum (Sub-forum) on Personal Data Protection on 12 September and delivered a keynote speech. 

• Security Alert (A24-09-13): Multiple Vulnerabilities in Cisco Products (12-September-2024)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

• Phishing emails related to The Hongkong and Shanghai Banking Corporation Limited (12-September-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to phishing emails, which have been reported to the HKMA.

• Security Alert (A24-09-12): Multiple Vulnerabilities in Fortinet Products (11-September-2024)
  

  Fortinet released security advisories to address multiple vulnerabilities in Fortinet systems.

• High Threat Security Alert (A24-09-11): Multiple Vulnerabilities in Adobe Reader/Acrobat (11-September-2024)
  

  Patches are released for Adobe Reader and Acrobat to address multiple vulnerabilities.

• Security Alert (A24-09-10): Multiple Vulnerabilities in Google Chrome (11-September-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• High Threat Security Alert (A24-09-09): Multiple Vulnerabilities in Ivanti Products (11-September-2024)
  

  Ivanti has released security advisories to address multiple vulnerabilities in Ivanti products.

• High Threat Security Alert (A24-09-08): Multiple Vulnerabilities in Microsoft Products (September 2024) (11-September-2024)
  

  Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.

• Phishing instant messages related to The Hongkong and Shanghai Banking Corporation Limited (11-September-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to phishing instant messages, which have been reported to the HKMA.

• Phishing emails related to ZA Bank Limited (10-September-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by ZA Bank Limited relating to phishing emails, which have been reported to the HKMA.

• Privacy Commissioner’s Office Publishes “Personal Data (Privacy) Law in Hong Kong – A Practical Guide on Compliance (Third Edition)”to Echo with 2024 China Cybersecurity Week (10-September-2024)
  

  In support of 2024 China Cybersecurity Week, the Office of the Privacy Commissioner for Personal Data (PCPD) has collaborated with the City University of Hong Kong Press in publishing the third edition of “Personal Data (Privacy) Law in Hong Kong – A Practical Guide on Compliance”.

• Security Alert (A24-09-07): Multiple Vulnerabilities in QNAP Products (9-September-2024)
  

  QNAP has published security advisories to address multiple vulnerabilities in QNAP products.

• Commissioner for Digital Policy attends Cybersecurity Technology Summit (with photos) (9-September-2024)
  

  The Commissioner for Digital Policy, Mr Tony Wong, and a delegation from Hong Kong's cybersecurity industry today (September 9) continued to attend the main venue events of 2024 China Cybersecurity Week in Nansha, Guangzhou.

• 創新科技及工業局局長出席2024年國家網絡安全宣傳周開幕式致辭全文 (Chinese only) (with photos) (8-September-2024)
  

  以下是創新科技及工業局局長孫東教授今日（九月八日）在2024年國家網絡安全宣傳周開幕式的致辭全文。 (Chinese only)

• SITI attends opening ceremony of 2024 China Cybersecurity Week (with photos) (8-September-2024)
  

  The Secretary for Innovation, Technology and Industry, Professor Sun Dong, attended the opening ceremony of 2024 China Cybersecurity Week this morning (September 8) in the main venue in Nansha, Guangzhou, and witnessed the signing of the memorandum of understanding (MoU) on cybersecurity collaboration among the Digital Policy Office of the Hong Kong Special Administrative Region (SAR) Government, the Cyberspace Administration of Guangdong Province (CAGP), and the Comissão para a Cibersegurança of the Macao SAR Government.

• 2024 Cybersecurity Week Fun Day An Innovative Approach to Promoting Cybersecurity (7-September-2024)
  

  In response to the China Cybersecurity Awareness Week and to enhance public understanding of cybersecurity, the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT), the Digital Policy Office (DPO), and the Hong Kong Police Force (HKPF) officially launched the "2024 Cybersecurity Awareness Campaign" today.

• 創新科技及工業局局長出席「2024網絡安全宣傳周同樂日」啓動禮致辭全文 (Chinese only) (with photos) (7-September-2024)
  

  以下是創新科技及工業局局長孫東教授今日（九月七日）在「2024網絡安全宣傳周同樂日」啓動禮的致辭全文。 (Chinese only)

• "2024 Cybersecurity Awareness Campaign" launched (with photos) (7-September-2024)
  

  ​In support of the China Cybersecurity Week, the "2024 Cybersecurity Awareness Campaign" organised by the Digital Policy Office (DPO) was officially launched today (September 7).

• Build a Secure Cyberspace 2024 - “Together, We Create a Safe Cyberworld” Seminar and Tram Body Design Contest Award Ceremony (7-September-2024)
  

  The Digital Policy Office (DPO), the Hong Kong Police Force (HKPF) and the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) are co-organising the "Together, We Create a Safe Cyberworld" Seminar and Award Presentation Ceremony. In the seminar, cybersecurity experts will discuss how to prevent from falling into online traps in order to strengthen the public's ability to protect themselves. During the ceremony, awards will be presented to the winners of the Tram Body Design Contest, recognising their active participation in promoting cybersecurity and their outstanding designs.

• SITI to attend opening ceremony of 2024 China Cybersecurity Week in Guangzhou (6-September-2024)
  

  The Secretary for Innovation, Technology and Industry, Professor Sun Dong, will depart for Nansha, Guangzhou, tomorrow (September 7) to attend the opening ceremony of 2024 China Cybersecurity Week and deliver an opening speech.

• Security Alert (A24-09-06): Vulnerability in OpenSSL (5-September-2024)
  

  OpenSSL has released 3.0.15, 3.1.7, 3.2.3 and 3.3.2 to fix the vulnerability in various versions of OpenSSL.

• Security Alert (A24-09-05): Multiple Vulnerabilities in Firefox (5-September-2024)
  

  Mozilla has published the advisories (MFSA2024-39, MFSA2024-40 and MFSA2024-41) to address multiple vulnerabilities in Firefox browser.

• Security Alert (A24-09-04): Multiple Vulnerabilities in Cisco Products (5-September-2024)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

• Phishing messages related to WeChat Pay Hong Kong Limited (5-September-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by WeChat Pay Hong Kong Limited relating to phishing messages.

• Fraudulent social media page related to Bank of Singapore Limited (5-September-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited relating to a fraudulent social media page, which has been reported to the HKMA.

• Security Alert (A24-09-03): Multiple Vulnerabilities in Android (4-September-2024)
  

  Google has released Android Security Bulletin September 2024 to fix multiple security vulnerabilities in Android operating system.

• Security Alert (A24-09-02): Multiple Vulnerabilities in Google Chrome (4-September-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• High Threat Security Alert (A24-09-01): Vulnerability in VMware Fusion (4-September-2024)
  

  VMware has published a security advisory to address a vulnerability in VMware Fusion.

• WSD urges public to be alert to fraudulent SMS message (2-September-2024)
  

  The Water Supplies Department (WSD) today (September 2) alerted the public to a fraudulent SMS message purportedly issued by the department.

• 創新科技及工業局局長出席2024網絡安全宣傳周──電車宣傳啟動禮致辭全文 (Chinese only) (with photos) (2-September-2024)
  

  以下是創新科技及工業局局長孫東教授今日（九月二日）在2024網絡安全宣傳周──電車宣傳啟動禮的致辭全文。 (Chinese only)

• A 50-year-old Female Arrested for Suspected Doxxing Arising from Monetary Disputes (2-September-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese female aged 50 in the New Territories.

• “Together, We Create a Safe Cyberworld” Tram Promotion Officially Launches HKCERT Urges the Public to Beware of Cyber Attacks and Promotes Cybersecurity (2-September-2024)
  

  The Tram Promotion - "Together, We Create a Safe Cyberworld" ("The Promotion") has been jointly launched by the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT), the Digital Policy Office (DPO), and the Hong Kong Police Force at the Whitty Street Tram Depot. The Promotion, in responding to China Cybersecurity Week, aims to raise public awareness and adaptability regarding cybersecurity.

• Dataverse Short Video Competition (From 25-May-2024 to 31-August-2024)
  

  Please see Chinese version.

• Cyber Security Staff Awareness Recognition Scheme (From 8-April-2024 to 31-August-2024)
  

  Promote “Human Firewall” concept among the industry by raising cyber security staff awareness on top of technical protection as a second level defense line.

• Fraudulent websites related to DBS Bank (Hong Kong) Limited (30-August-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to fraudulent websites, which have been reported to the HKMA.

• Phishing emails related to Tai Sang Bank Limited (30-August-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Tai Sang Bank Limited relating to phishing emails, which have been reported to the HKMA.

• Beware of counterfeit mobile apps purporting to be made by Guangdong-Hong Kong-Macao Greater Bay Area Development Office (30-August-2024)
  

  The Guangdong-Hong Kong-Macao Greater Bay Area Development Office of the Constitutional and Mainland Affairs Bureau today (August 30) again appealed to members of the public for heightened vigilance against counterfeit mobile apps purporting to be made by the Office.

• Bug Hunting Campaign 2024 (From 24-June-2024 to 30-August-2024)
  

  Many data leaks are caused by unpatched system vulnerabilities or human errors in system configuration. As the protection of personal data is closely related to network security, Cyber Security and Technology Crime Bureau (CSTCB) of the Hong Kong Police Force partners with Cyberbay and Office of the Privacy Commissioner for Personal Data to co-organise the BugHunting Campaign to facilitate protecting your business, and to supercharge your cybersecurity posture via Bug Bounty service.

• Mastering Multinational Cyber Defense: Lesson Learned and Challenge from Global Red Teaming Initiatives (29-August-2024)
  

  This comprehensive seminar will share invaluable lesson learned from a large-scale, multinational Red Teaming initiative, equipping attendees with a proven playbook for mastering global cyber defence.

• Security Alert (A24-08-15): Multiple Vulnerabilities in Cisco Products (29-August-2024)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

• Security Alert (A24-08-14): Multiple Vulnerabilities in Google Chrome (29-August-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Transport Department alerts public to fraudulent SMS message of HKeToll (29-August-2024)
  

  The Transport Department (TD) today (August 29) alerted members of the public to a fraudulent SMS message purportedly issued by the HKeToll.

• APCERT Cyber Drill 2024 “APT Group Attack Response: Where is Wally?” (29-August-2024)
  

  The Asia Pacific Computer Emergency Response Team (APCERT) today has successfully completed its annual drill to test the response capabilities of leading Computer Security Incident Response Teams (CSIRT) among Asia Pacific economies.

• Fraudulent mobile application related to Bank of Singapore Limited (28-August-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited relating to a fraudulent mobile application (App), which has been reported to the HKMA.

• Unauthorised websites and mobile applications related to Livi Bank Limited (28-August-2024)
  

   The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Livi Bank Limited relating to unauthorised websites and mobile applications (Apps), which have been reported to the HKMA.

• Promoting AI Security –  PCPD Representative Speaks to the Financial Sector (28-August-2024)
  

  Acting Senior Legal Counsel (Global Affairs & Research) of the Office of the Privacy Commissioner for Personal Data (PCPD), Ms Joyce LIU, spoke on 27 August at a webinar jointly organised by Hong Kong Investment Funds Association and Private Wealth Management Association on the PCPD’s recent guidance titled “Artificial Intelligence: Model Personal Data Protection Framework”(Model Framework). 

• HKMC Alerts Public of Impersonation Scam (27-August-2024)
  

  The Hong Kong Mortgage Corporation Limited (HKMC) has recently received public inquiries about someone calling citizens and claiming to offer personal loans under the 100% Personal Loan Guarantee Scheme (PLGS) or small and medium-sized enterprise (SME) loans under the SME Financing Guarantee Scheme (SFGS).

• HKCERT 2024「全城攜守 網安在手」網絡安全宣傳周 電車車身設計比賽得獎電車9月2日啟航 同樂日聯乘「DDED」首推「網安小C虎」宣揚網絡安全 (Chinese only) (27-August-2024)
  

  2024年正值網絡強國戰略目標提出十周年的重要節點，為響應國家網絡安全宣傳周及提高公眾對網絡安全的認識，加強全城防禦網絡攻擊的能力，香港網絡安全事故協調中心(HKCERT) 聯同數字政策辦公室、香港警務處及將於9月舉行「全城攜守 網安在手」電車宣傳活動及「2024網絡安全宣傳周同樂日」兩項重點活動，以嶄新方式教育市民網絡安全知識。 (Chinese only)

• Fraudulent websites and social media accounts related to Airstar Bank Limited (26-August-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Airstar Bank Limited relating to fraudulent websites and social media accounts, which have been reported to the HKMA.

• Phishing instant messages related to Bank of China (Hong Kong) Limited (26-August-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to phishing instant messages, which have been reported to the HKMA.

• A 45-year-old Man Arrested for Suspected Doxxing of His Former Supervisor (26-August-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 45 in the New Territories. 

• High Threat Security Alert (A24-08-13): Vulnerability in SonicWall Products (23-August-2024)
  

  SonicWall released a security advisory to address a vulnerability in SonicWall systems.

• High Threat Security Alert (A24-08-12): Multiple Vulnerabilities in Microsoft Edge (23-August-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Fraudulent website and phishing emails related to Public Bank (Hong Kong) Limited (23-August-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Public Bank (Hong Kong) Limited relating to a fraudulent website and phishing emails, which have been reported to the HKMA.

• Fraudulent websites and phishing instant messages related to Industrial and Commercial Bank of China (Asia) Limited (23-August-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Industrial and Commercial Bank of China (Asia) Limited relating to fraudulent websites and phishing instant messages, which have been reported to the HKMA.

• Fraudulent mobile application related to Bank of Singapore Limited (23-August-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited relating to a fraudulent mobile application (App), which has been reported to the HKMA.

• Fraudulent websites and phishing instant messages related to Mox Bank Limited (23-August-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Mox Bank Limited relating to fraudulent websites and phishing instant messages, which have been reported to the HKMA. 

• CSA HKM Knowledge Sharing Event – August 2024 (22-August-2024)
  

  From this session, cybersecurity leaders and defenders will gain insights into the adversary’s playbook, learning about novel vectors such as AI-driven attacks and evolutions in ransomware. The session is designed to empower cybersecurity professionals with knowledge to anticipate and meet the challenge of these advanced threats.

• High Threat Security Alert (A24-08-11): Multiple Vulnerabilities in Google Chrome (22-August-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Security Alert (A24-08-10): Multiple Vulnerabilities in Cisco Products (22-August-2024)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

• Phishing instant messages related to The Hongkong and Shanghai Banking Corporation Limited (22-August-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to phishing instant messages, which have been reported to the HKMA. 

• Fraudulent websites and phishing instant messages related to Hang Seng Bank, Limited (22-August-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited relating to fraudulent websites and phishing instant messages, which have been reported to the HKMA.

• Privacy Commissioner’s Office Issues New Versions of “Code of Practice on the Identity Card Number and other Personal Identifiers: Compliance Guide for Data Users” and Information Leaflet titled “Your Identity Card Number and Your Privacy” (22-August-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) today issued a new version of the “Code of Practice on the Identity Card Number and other Personal Identifiers: Compliance Guide for Data Users” (the Compliance Guide) to assist organisations in complying with the requirements under the “Code of Practice on the Identity Card Number and other Personal Identifiers” issued by the PCPD as regards the collection, accuracy, retention, use and security of ID Card numbers, copies of the ID Card and other personal identifiers.

• Fraudulent websites and phishing instant messages related to Bank of China (Hong Kong) Limited (21-August-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to fraudulent websites and phishing instant messages, which have been reported to the HKMA.

• CFS alerts public to fake social media accounts and website (21-August-2024)
  

  The Centre for Food Safety (CFS) of the Food and Environmental Hygiene Department today (August 21) alerted the public to fake social media accounts and a website of the CFS, which are also suspected of fraudulently using the CFS's logo in the social media accounts' profile picture and on the website.

• Next-Level Phishing: The Evolving Threat Landscape (21-August-2024)
  

  Phishing have become a common means of cybercrimes, but as technology advances, the methods used by criminals continue to evolve. This article issued by HKCERT explores the techniques of next-level phishing and preventive measures.

• Fraudulent website related to Bank Julius Baer & Co. Ltd. (20-August-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank Julius Baer & Co. Ltd. relating to a fraudulent website, which has been reported to the HKMA.

• Fraudulent social media account and phishing instant messages related to Bank of Singapore Limited (20-August-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited relating to a fraudulent social media account and phishing instant messages, which have been reported to the HKMA.

• Fraudulent websites and phishing instant messages related to The Hongkong and Shanghai Banking Corporation Limited (20-August-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to fraudulent websites and phishing instant messages, which have been reported to the HKMA.

• Fraudulent website and phishing emails related to Dah Sing Bank, Limited (19-August-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Dah Sing Bank, Limited relating to a fraudulent website and phishing emails, which have been reported to the HKMA.

• Police Anti-Deception Coordination Centre launches Anti-Scam Month campaign (with photos) (19-August-2024)
  

  To mark the opening of the "Anti-Scam Month" campaign, Police Anti-Deception Coordination Centre (ADCC) of the Commercial Crime Bureau (CCB) today (August 19) launched a new series of anti-scam promotional videos to be broadcast on various platforms.

• A 48-year-old Male Arrested for Suspected Doxxing Acts (16-August-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 48 in the New Territories.

• Phishing emails related to Dah Sing Bank, Limited (16-August-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Dah Sing Bank, Limited relating to phishing emails, which have been reported to the HKMA.

• Fraudulent website related to Bank Julius Baer & Co. Ltd. (16-August-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank Julius Baer & Co. Ltd. relating to a fraudulent website, which has been reported to the HKMA.

• Security Alert (A24-08-09): Multiple Vulnerabilities in Fortinet Products (16-August-2024)
  

  Fortinet released security advisories to address multiple vulnerabilities in Fortinet systems.

• Phishing instant messages related to Bank of China (Hong Kong) Limited (15-August-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to phishing instant messages, which have been reported to the HKMA.

• Fraudulent social media account related to Livi Bank Limited (15-August-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Livi Bank Limited relating to a fraudulent social media account, which has been reported to the HKMA.

• Promoting AI Security – Privacy Commissioner Publishes an Article titled “Artificial Intelligence: The Model Personal Data Protection Framework” on Hong Kong Lawyer (15-August-2024)
  

  The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, published an article titled “Artificial Intelligence: The Model Personal Data Protection Framework” on Hong Kong Lawyer.

• The 2^nd Hong Kong Cybersecurity Skills Competition (From 15-July-2024 to 14-August-2024)
  

  With an aim to attract talents from the related fields across different regions, 3 different competition zones will be introduced in the 2nd Hong Kong Cybersecurity Skills Competition: Hong Kong (China), Guangzhou (China), and Australia. The finalists from these 3 zones will gather at HKCT for the final round of competition. They will compete against each other and vie for the championship and various awards.

• Security Alert (A24-08-08): Multiple Vulnerabilities in Adobe Reader/Acrobat (14-August-2024)
  

  Patches are released for Adobe Reader and Acrobat to address multiple vulnerabilities.

• High Threat Security Alert (A24-08-07): Multiple Vulnerabilities in Microsoft Products (August 2024) (14-August-2024)
  

  Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.

• Alert issued on fake HKPF websites (14-August-2024)
  

  The Hong Kong Police Force (HKPF) alerted members of the public today (August 14) that there were four fraudulent websites purportedly to be the HKPF website.

• Fraudulent websites related to Bank Julius Baer & Co. Ltd. (13-August-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank Julius Baer & Co. Ltd. relating to fraudulent websites, which have been reported to the HKMA.

• Phishing emails related to Tai Sang Bank Limited (13-August-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Tai Sang Bank Limited relating to phishing emails, which have been reported to the HKMA.

• WSD urges public to be alert to fraudulent SMS message (12-August-2024)
  

  The Water Supplies Department (WSD) today (August 12) alerted the public to a fraudulent SMS message purportedly issued by the department.

• Fraudulent website and social media page related to DBS Bank (Hong Kong) Limited (12-August-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to a fraudulent website and a social media page, which have been reported to the HKMA.

• Government announces appointments to Committee of the Artificial Intelligence Subsidy Scheme (12-August-2024)
  

  The Government announced today (August 12) the appointments to the Committee of the Artificial Intelligence Subsidy Scheme.

• A 25-year-old Male Arrested for Suspected Doxxing Arising from Relationship Entanglements (12-August-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 25 in Kowloon.

• Security Alert (A24-08-06): Multiple Vulnerabilities in Microsoft Edge (9-August-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Fraudulent mobile application related to Bank of Singapore Limited (9-August-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited relating to a fraudulent application (App), which has been reported to the HKMA.

• Ransomware's New Front: Uncovering the Latest Threats Facing Hong Kong (9-August-2024)
  

  Ransomware remains a significant threat in the cybersecurity landscape, continuously evolving with new tactics and techniques. HKCERT explored the current attack vectors of ransomware incidents and the latest developments in ransomware and offered practical recommendations based on findings, focusing on the Asia-Pacific region, especially in Hong Kong.

• High Threat Security Alert (A24-08-05): Multiple Vulnerabilities in Cisco Products (8-August-2024)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

• High Threat Security Alert (A24-08-04): Multiple Vulnerabilities in Microsoft Windows (8-August-2024)
  

  Microsoft has released out-of-band security advisories to address the vulnerabilities in Microsoft Windows and Server.

• Privacy Commissioner Publishes Investigation Findings on the Data Breach Incidents of (1) The Council of the Hong Kong Laureate Forum Limited and (2) The Hong Kong Ballet Limited (8-August-2024)
  

  On completion of its investigation into the data breach incidents of The Council of the Hong Kong Laureate Forum Limited (the Council) and The Hong Kong Ballet Limited (HKB), the Office of the Privacy Commissioner for Personal Data (PCPD) published its findings today.

• Security Alert (A24-08-03): Multiple Vulnerabilities in Firefox (7-August-2024)
  

  Mozilla has published the advisories (MFSA2024-33, MFSA2024-34 and MFSA2024-35) to address multiple vulnerabilities in Firefox browser.

• Security Alert (A24-08-02): Multiple Vulnerabilities in Google Chrome (7-August-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Security Alert (A24-08-01): Multiple Vulnerabilities in Android (7-August-2024)
  

  Google has released Android Security Bulletin August 2024 to address multiple vulnerabilities in Android operating system.

• Phishing messages and fraudulent websites related to Octopus Cards Limited (7-August-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Octopus Cards Limited relating to phishing messages and fraudulent websites.

• Promoting AI Security – Privacy Commissioner Publishes an Article entitled “The Era of AI: A Model Framework for Personal Data Protection for Directors” (7-August-2024)
  

  The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, published an article entitled “The Era of AI: A Model Framework for Personal Data Protection for Directors” on The 21st Century Director, the monthly magazine of The Hong Kong Institute of Directors.

• Fraudulent website and phishing instant messages related to The Hongkong and Shanghai Banking Corporation Limited (6-August-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to a fraudulent website and phishing instant messages, which have been reported to the HKMA.

• Data Security Transition to and Cybersecurity Challenge 2024 (From 19-July-2024 to 6-August-2024)
  

  The cybersecurity competition is a very important event. The "SHIELDtag" aims to raise public awareness of cybersecurity and to promote the development of cybersecurity technology in Hong Kong. Participants will showcase their skills and knowledge in the competition by solving a series of cybersecurity issues to achieve victory.

• Cyber Attack and Defence Elite Training cum Tournament successfully concludes (with photos) (2-August-2024)
  

  The three-day Cyber Attack and Defence Elite Training cum Tournament (CADET2), co-organised by the Cyber Security and Technology Crime Bureau (CSTCB) of the Hong Kong Police Force, the Digital Policy Office (DPO) and the Hong Kong Internet Registration Corporation Limited (HKIRC), successfully concluded today (August 2).

• Security Alert (A24-07-26): Multiple Vulnerabilities in Microsoft Edge (2-August-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Fraudulent websites and internet banking login screens related to Dah Sing Bank, Limited (2-August-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Dah Sing Bank, Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Promoting AI Safety – Privacy Commissioner’s Office Organises a Seminar  (1-August-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) organised a seminar on “AI and Privacy Protection: Balancing Innovation and Safety” in hybrid mode on 30 July, which attracted nearly 1,000 participants.

• Expansion of Suspicious Account Alert for internet banking and physical branches transactions (1-August-2024)
  

  The Hong Kong Monetary Authority (HKMA), in collaboration with the Hong Kong Police Force (the Police) and the Hong Kong Association of Banks (HKAB), announces today (August 1) that 32 banks and 10 stored value facility (SVF) operators (see Annex for the list of participating institutions) will, starting from August 4, 2024, extend the coverage of the Suspicious Account Alert for internet banking and physical branches transactions, for providing enhanced protection to customers against rising fraud risks. 

• Privacy Commissioner’s Office Offers Six Tips to Prevent Fraud (1-August-2024)
  

  The PCPD appeals to members of the public and organisations to beware of various forms of fraudulent tricks, particularly those involving AI deepfake technology, and offers six essential tips to safeguard personal data privacy.

• Security Alert (A24-07-25): Multiple Vulnerabilities in Google Chrome (31-July-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Fraudulent website and social media page related to Public Finance Limited (31-July-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Public Finance Limited relating to a fraudulent website and a social media page, which have been reported to the HKMA.

• Opening Remarks by Ir Tony Wong, JP, Commissioner for Digital Policy, at the "Technology Forum - Empower Public Service Development Through National Self-developed Diversified Technologies" (with photos) (Chinese only) (30-July-2024)
  

  Only Chinese version is available for this speech / presentation.

• Security Alert (A24-07-24): Multiple Vulnerabilities in Apple iOS and iPadOS (30-July-2024)
  

  Apple has released iOS 16.7.9, iOS 17.6, iPadOS 16.7.9 and iPadOS 17.6 to fix the vulnerabilities in various Apple devices.

• Digital Policy Office holds Technology Forum (with photos) (30-July-2024)
  

  The Digital Policy Office (DPO) held its 19th Technology Forum at the Hong Kong Science Park today (July 30). The Commissioner for Digital Policy, Mr Tony Wong, introduced at the forum the main tasks and future development directions of the DPO.

• Phishing fraud and counterfeit UnionPay International websites (29-July-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by UnionPay International on phishing fraud and counterfeit UnionPay International websites, which have been reported to the HKMA.

• Fraudulent website and phishing emails related to Bank Julius Baer & Co. Ltd. (29-July-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank Julius Baer & Co. Ltd. relating to a fraudulent website and phishing emails, which have been reported to the HKMA.

• CSA HKM Knowledge Sharing Event – July 2024 – Discussion Forum (26-July-2024)
  

  How should "WE" make the CyberSecurity Framework to enhance the Critical Infrastructure protection?

• Security Alert (A24-07-23): Multiple Vulnerabilities in Microsoft Edge (26-July-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Promoting AI Security – Privacy Commissioner Publishes an Article entitled “City’s AI data guidelines can help firms embrace the future” (25-July-2024)
  

  The Privacy Commissioner pointed out that while organisations in various industries have been exploring ways to integrate artificial intelligence (AI) into their operations to enhance efficiency and diversify business portfolios, they are concerned about difficulties in compliance in the absence of guidance. 

• Digital Policy Office established today (25-July-2024)
  

  The Digital Policy Office (DPO) under the Innovation, Technology and Industry Bureau (ITIB) was officially established today (July 25). The DPO will take the lead in promoting data-driven, people-centric and outcome-based digital policies within the Government and across various sectors for enhancing the Government's efficiency and services, with a view to bringing greater benefits to citizens and business sectors through digital government and smart city development.

• Beware of Juice Jacking when Charging Mobile Phones at Public Charging Stations (24-July-2024)
  

  In today's world, many shopping malls, coffee shops, and even public facilities offer complimentary charging stations as part of their enhanced customer services. These stations provide a convenient way for patrons to quickly recharge their mobile phones. However, users of such services may not realise that their phones could be subject to cyber attacks.

• Security Alert (A24-07-22): Multiple Vulnerabilities in Google Chrome (24-July-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Suspicious websites and internet banking login screens related to Mox Bank Limited (24-July-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Mox Bank Limited relating to suspicious websites and internet banking login screens, which have been reported to the HKMA.

• Phishing instant messages related to Fubon Bank (Hong Kong) Limited (24-July-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Fubon Bank (Hong Kong) Limited relating to phishing instant messages, which have been reported to the HKMA.

• Fraudulent websites related to Bank Julius Baer & Co. Ltd. (22-July-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank Julius Baer & Co. Ltd. relating to fraudulent websites, which have been reported to the HKMA.

• A 40-year-old Male Arrested for Suspected Doxxing Arising from Relationship Entanglements (22-July-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 40 in the New Territories.

• 網絡攻防精英培訓暨攻防大賽 (Chinese Only) (From 20-July-2024 to 21-July-2024)
  

  近日接連發生的網絡攻擊事故，令大小機構的網絡安全問題備受全城關注。為了有效預防同類事件繼續發生，並提高網絡安全的預警和應對能力，香港互聯網註冊管理有限公司（HKIRC）聯同網絡安全及科技罪案調查科（CSTCB）及政府電腦保安事故協調中心（GovCERT.HK）攜手合辦第三季網絡安全旗艦活動。(Chinese Only)

• Security Alert (A24-07-21): Multiple Vulnerabilities in Microsoft Edge (19-July-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• High Threat Security Alert (A24-07-20): Multiple Vulnerabilities in Ivanti Products (19-July-2024)
  

  Ivanti has released security advisories to address multiple vulnerabilities in Ivanti products.

• Home Affairs Department urges public to be aware of fraudulent Facebook page "Bloomy The Tree" (19-July-2024)
  

  A spokesman for the Home Affairs Department (HAD) today (July 19) alerted members of the public to a fraudulent Facebook page purported to be the "社企友建樹 Bloomy The Tree" Facebook page. 

• Fraudulent websites and social media accounts related to The Hongkong and Shanghai Banking Corporation Limited (19-July-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to fraudulent websites and social media accounts, which have been reported to the HKMA.

• Security Alert (A24-07-19): Multiple Vulnerabilities in SonicWall Products (18-July-2024)
  

  SonicWall released security advisories to address multiple vulnerabilities in SonicWall systems.

• Security Alert (A24-07-18): Multiple Vulnerabilities in Oracle Java and Oracle Products (July 2024) (18-July-2024)
  

  Oracle has released the Critical Patch Update (CPU) Advisory with collections of patches for multiple vulnerabilities found in Java SE and various Oracle products.

• Security Alert (A24-07-17): Multiple Vulnerabilities in Apache HTTP Server (18-July-2024)
  

  The Apache Software Foundation released a security update to address multiple vulnerabilities in the HTTP Server and its modules.

• High Threat Security Alert (A24-07-16): Multiple Vulnerabilities in Cisco Products (18-July-2024)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

• Security Alert (A24-07-15): Multiple Vulnerabilities in Google Chrome (17-July-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• DH alerts public to fraudulent EatSmart Restaurant Star + website and social media page (17-July-2024)
  

  The Department of Health (DH) today (July 17) alerted members of the public to a suspected fraudulent website and Facebook page of the DH's "EatSmart Restaurant Star +" Campaign, and urged the public to avoid providing any personal information through hyperlinks from unknown sources at suspicious websites.

• Security Alert (A24-07-14): Multiple Vulnerabilities in Juniper Networks Junos OS and Junos OS Evolved (16-July-2024)
  

  Juniper Networks has published security advisories to address multiple vulnerabilities in Junos OS and Junos OS Evolved.

• High Threat Security Alert (A24-07-13): Vulnerability in Cisco Products (16-July-2024)
  

  Cisco released security advisories to address a remote code execution vulnerability (CVE-2024-6387) in Cisco devices and software.

• Alert issued on fake HKPF Website of Online Booking System (16-July-2024)
  

  The Hong Kong Police Force (HKPF) alerted members of the public today (July 16) that there was a fraudulent website purportedly to be the Online Booking System developed by the HKPF.

• Welcome Remarks by Mr Daniel Cheung, JP, Assistant Government Chief Information Officer (Cyber Security and Digital Identity), at the “2nd Hong Kong Cybersecurity Quiz Competition for Primary School Students” (with photos) (Chinese only) (15-July-2024)
  

  Only Chinese version is available for this speech

• Response of the Privacy Commissioner's Office to the Consumer Council's Study Report on Home Removal Companies (15-July-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) noted that the Consumer Council published a study report on the services of home removal companies, in which 10 companies were reported to have failed to establish a privacy policy, and one company was reported to state that the longest retention period for photos and videos used for quotation was 10 years.

• High Threat Security Alert (A24-07-12): Multiple Vulnerabilities in Palo Alto Products (12-July-2024)
  

  Palo Alto has published security advisories to address multiple vulnerabilities in PAN-OS, Expedition and Cortex XDR Agent.

• High Threat Security Alert (A24-07-11): Vulnerability in RADIUS protocol (12-July-2024)
  

  A critical privilege escalation vulnerability (CVE-2024-3596) was found in RADIUS network authentication protocol.

• Transport Department alerts public to fraudulent SMS message of HKeToll (12-July-2024)
  

  The Transport Department (TD) today (July 12) alerted members of the public to fraudulent SMS messages purportedly issued by the HKeToll.

• A 21-year-old Male Arrested for Suspected Doxxing Arising from Relationship Entanglements (12-July-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 21 in Kowloon.

• Security Alert (A24-07-10): Multiple Vulnerabilities in Juniper Networks Junos OS and Junos OS Evolved (11-July-2024)
  

  Juniper Networks has published security advisories to address multiple vulnerabilities in Junos OS and Junos OS Evolved.

• High Threat Security Alert (A24-07-09): Multiple Vulnerabilities in GitLab (11-July-2024)
  

  GitLab has released 16.11.6, 17.0.4 and 17.1.2 to address multiple vulnerabilities in various versions of GitLab.

• CyberSecurity Tips for Travelling (11-July-2024)
  

  It's the summertime travel season.  While you are on holiday, remember that hackers don't take time off. HKCERT has prepared the following travel tips to help you enjoy your trip and keep your network safe.

• Security Alert (A24-07-08): Multiple Vulnerabilities in Fortinet Products (10-July-2024)
  

  Fortinet released security advisories to address multiple vulnerabilities in Fortinet systems.

• Security Alert (A24-07-07): Multiple Vulnerabilities in Citrix Products (10-July-2024)
  

  Citrix released security advisories to address multiple vulnerabilities in Citrix products.

• Security Alert (A24-07-06): Multiple Vulnerabilities in Firefox (10-July-2024)
  

  Mozilla has published the advisories (MFSA2024-29 and MFSA2024-30) to address multiple vulnerabilities in Firefox browser.

• High Threat Security Alert (A24-07-05): Multiple Vulnerabilities in Microsoft Products (July 2024) (10-July-2024)
  

  Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.

• Transport Department alerts public to fraudulent SMS message of HKeToll (10-July-2024)
  

  The Transport Department (TD) today (July 10) alerted members of the public to fraudulent SMS message purportedly issued by the HKeToll.

• Enhancing Data Security – Privacy Commissioner’s Office Reruns the Seminar on “Lessons from Data Breach Cases and Recommended Data Security Measures” (10-July-2024)
  

  Owing to the overwhelming response of the seminar held earlier, the Office of the Privacy Commissioner for Personal Data re-organised the seminar on “Lessons from Data Breach Cases and Recommended Data Security Measures” in hybrid mode on 9 July, which attracted over 620 participants.

• Weaponisation of AI: The New Frontier in Cybersecurity (10-July-2024)
  

  The advent of artificial intelligence (AI) ushers in an era of unprecedented technological advancements, assisting various industries for further development. However, alongside these benefits, the misuse of artificial intelligence has also facilitated hackers and been "weaponised" by them to carry out cyber attacks, become a significant concern, particularly in the field of cybersecurity. 

• Fraudulent website and phishing emails related to China CITIC Bank International Limited (8-July-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited relating to a fraudulent website and phishing emails, which have been reported to the HKMA.

• A 38-year-old Female Arrested for Suspected Doxxing Arising from Relationship and Monetary Disputes (5-July-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese female aged 38 in the New Territories. 

• Security Alert (A24-07-04): Vulnerability in Apache Tomcat (4-July-2024)
  

  The Apache Software Foundation released security updates to address a vulnerability in the Apache Tomcat.

• Fraudulent website related to Bank Julius Baer & Co. Ltd. (4-July-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank Julius Baer & Co. Ltd. relating to a fraudulent website, which has been reported to the HKMA.

• Fraudulent website and internet banking login screen related to DBS Bank (Hong Kong) Limited (4-July-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Security Alert (A24-07-03): Multiple Vulnerabilities in Android (3-July-2024)
  

  Google has released Android Security Bulletin July 2024 to address multiple vulnerabilities in Android operating system.

• High Threat Security Alert (A24-07-02): Vulnerability in OpenSSH (2-July-2024)
  

  OpenSSH has released a new version to address a vulnerability in various versions of OpenSSH.

• Security Alert (A24-07-01): Multiple Vulnerabilities in Apache HTTP Server (2-July-2024)
  

  The Apache Software Foundation released a security update to address multiple vulnerabilities in the HTTP Server and its modules.

• Fraudulent social media account and phishing instant messages related to Royal Bank of Canada (2-July-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Royal Bank of Canada relating to a fraudulent social media account and phishing instant messages, which have been reported to the HKMA.

• 保安局局長在立法會保安事務委員會會議就加強保護關鍵基礎設施電腦系統安全──建議立法框架開場發言 (Chinese only) (2-July-2024)
  

  以下是保安局局長鄧炳強今日（七月二日）出席立法會保安事務委員會會議就加強保護關鍵基礎設施電腦系統安全──建議立法框架的開場發言。 (Chinese only)

• OFNAA encourages young people to stay away from online objectionable materials through "Healthy Student Video Contest 2024" (with photos) (29-June-2024)
  

  The Office for Film, Newspaper and Article Administration (OFNAA) earlier organised the "Healthy Student Video Contest 2024" under the theme "Healthy Media, Infinite Creativity" to enhance youngsters' understanding of the Control of Obscene and Indecent Articles Ordinance (Cap. 390) (COIAO) through video production activities, and to encourage them to stay away from objectionable materials on the Internet.

• High Threat Security Alert (A24-06-15): Multiple Vulnerabilities in VMware Products (28-June-2024)
  

  VMware has published security advisories to address multiple vulnerabilities in VMware products.

• Security Alert (A24-06-14): Multiple Vulnerabilities in Microsoft Edge (28-June-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Hong Kong Talent Engage themed seminar raises incoming talent's awareness of anti-corruption and anti-deception (with photos) (27-June-2024)
  

  Hong Kong Talent Engage (HKTE) hosted a themed seminar this afternoon (June 27) to brief incoming talent on corruption prevention and anti-deception practices to raise their awareness of the relevant crimes.

• Speech by Mr Kingsley Wong, Deputy Government Chief Information Officer, at the “HKCNSA Symposium 2024” (with photos) (Chinese Only) (26-June-2024)
  

  Only Chinese version is available for this speech / presentation.

• Phishing instant messages related to China Construction Bank (Asia) Corporation Limited (26-June-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Construction Bank (Asia) Corporation Limited relating to phishing instant messages, which have been reported to the HKMA.

• LCQ9: Combating frauds involving deepfake (26-June-2024)
  

  Following is a question by Dr the Hon Tan Yueheng and a written reply by the Secretary for Security, Mr Tang Ping-keung, in the Legislative Council today (June 26).

• Enhancing Cybersecurity - Privacy Commissioner Gives Keynote Speech at HKCNSA Symposium 2024 (26-June-2024)
  

  The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, delivered a keynote speech at the inaugural HKCNSA Symposium 2024 organised by the Hong Kong China Network Security Association on 26 June.

• Security Alert (A24-06-13): Multiple Vulnerabilities in Google Chrom (25-June-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Phishing emails related to Bank of China (Hong Kong) Limited (25-June-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to phishing emails, which have been reported to the HKMA.

• Phishing instant messages related to Ant Bank (Hong Kong) Limited (25-June-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Ant Bank (Hong Kong) Limited relating to phishing instant messages, which have been reported to the HKMA.

• HKCERT Rebrands for a New Paradigm of Cyber Security with AI-Driven Cyber Threat Alerts Strengthens International Collaboration for Cyber Attacks (25-June-2024)
  

  The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) today unveiled its new Chinese name and the launch of its cutting-edge technologies in the fight against cyber attacks.

• Enhancing Cybersecurity – PCPD Participates in the “Bug Hunting Campaign 2024” as a Strategic Partner (24-June-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) participates in the “Bug ​​Hunting Campaign 2024” (Campaign) as a Strategic Partner.

• Security Alert (A24-06-12): Multiple Vulnerabilities in SonicWall Products (21-June-2024)
  

  SonicWall released security advisories to address multiple vulnerabilities in SonicWall systems.

• Security Alert (A24-06-11): Multiple Vulnerabilities in Microsoft Edge (21-June-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Security Alert (A24-06-10): Multiple Vulnerabilities in Google Chrome (19-June-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• High Threat Security Alert (A24-06-09): Multiple Vulnerabilities in VMware Products (19-June-2024)
  

  VMware has published a security advisory to address multiple vulnerabilities in VMware products.

• A 54-year-old Male Arrested for Suspected Doxxing Arising from Monetary Disputes (18-June-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 54 in the New Territories.

• Security Alert (A24-06-08): Multiple Vulnerabilities in Fortinet Products (14-June-2024)
  

  Fortinet released security advisories to address multiple vulnerabilities in Fortinet systems.

• Security Alert (A24-06-07): Multiple Vulnerabilities in Microsoft Edge (14-June-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Fraudulent website related to Ant Bank (Hong Kong) Limited (14-June-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Ant Bank (Hong Kong) Limited relating to a fraudulent website, which has been reported to the HKMA.

• A 31-year-old Female Arrested for Suspected Doxxing Arising from Personal Disputes (13-June-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese female aged 31 in Kowloon.

• Security Alert (A24-06-06): Multiple Vulnerabilities in Firefox (12-June-2024)
  

  Mozilla has published the advisories (MFSA2024-25 and MFSA2024-26) to address multiple vulnerabilities in Firefox browser.

• Security Alert (A24-06-05): Multiple Vulnerabilities in Google Chrome (12-June-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• High Threat Security Alert (A24-06-04): Multiple Vulnerabilities in Microsoft Products (June 2024) (12-June-2024)
  

  Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.

• Fraudulent websites related to Mizuho Bank, Ltd. (12-June-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Mizuho Bank, Ltd. relating to fraudulent websites, which have been reported to the HKMA.

• High Threat Security Alert (A24-06-03): Multiple Vulnerabilities in PHP (11-June-2024)
  

  PHP has released security advisories to address multiple vulnerabilities in PHP.

• Privacy Commissioner’s Office Publishes “Artificial Intelligence: Model Personal Data Protection Framework” (11-June-2024)
  

  As AI technology rapidly develops, the application of AI has become increasingly prevalent. To address the challenges posed by AI to personal data privacy and to support the “Global AI Governance Initiative” of the Motherland, the Office of the Privacy Commissioner for Personal Data (PCPD) today issued the “Artificial Intelligence: Model Personal Data Protection Framework”.

• OFCA and IMDA sign MOU to strengthen collaboration in tackling scam and spam communications (with photo) (11-June-2024)
  

  The Office of the Communications Authority (OFCA) of Hong Kong and the Infocomm Media Development Authority (IMDA) of Singapore signed a Memorandum of Understanding (MOU) in Singapore today (June 11) to further strengthen co-operation in combating scam calls and messages as well as managing spam communications.

• ‘e-Generation Joyful Internet Surfing’ Parent Seminar (5): Know more about Myopia Management under e-Learning & Recognising Online Pitfalls (8-June-2024)
  

  The Education Bureau (EDB), Hong Kong Education City, and Committee on Home-School Co-operation will co-organise a seminar on ‘e-Generation Joyful Internet Surfing’ Parent Seminar (5): Know more about Myopia Management under e-Learning & Probe into Online Pitfalls‘. 

• Fraudulent website purporting to be HKMA's official website, platform claimed to be regulated by HKMA and bogus documents and emails (7-June-2024)
  

  The Hong Kong Monetary Authority (HKMA) would like to alert members of the public to a fraudulent website purporting to be HKMA's official website, a platform claimed to be regulated by HKMA, and bogus documents and emails.

• Fraudulent website and internet banking login screen related to China CITIC Bank International Limited (7-June-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Phishing instant messages related to China Construction Bank (Asia) Corporation Limited (7-June-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Construction Bank (Asia) Corporation Limited relating to phishing instant messages, which have been reported to the HKMA.

• CSA HKM Knowledge Sharing Event – June 2024 (6-June-2024)
  

  Pull up your SOC – thoughts on logging strategy in a heterogeneous network environment

• Security Alert (A24-06-02): Multiple Vulnerabilities in Android (5-June-2024)
  

  Google has released Android Security Bulletin June 2024 to address multiple vulnerabilities in Android operating system.

• Security Alert (A24-06-01): Multiple Vulnerabilities in Microsoft Edge (4-June-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• “Together, We Create a Safe Cyberworld” Tram Body Design Contest (From 8-February-2024 to 31-May-2024)
  

  The Tram Body Design Contest - “Together, We Create a Safe Cyberworld” (“the Contest”) is jointly organised by the Digital Policy Office, the Hong Kong Police Force and the Hong Kong Computer Emergency Response Team Coordination Centre. The Contest aims to arouse the public awareness of cybersecurity, so as to prevent them from falling into online traps, and strengthen city-wide defence against cyberattacks.

• DH alerts public to fraudulent advertisements on government medical insurance (31-May-2024)
  

  The Department of Health (DH) today (May 31) alerted members of the public to fraudulent advertisements published on social media and online platforms about free medical insurance provided by the Hong Kong Government.

• Fraudulent social media account related to Airstar Bank Limited (31-May-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Airstar Bank Limited relating to a fraudulent social media account, which has been reported to the HKMA.

• Security Alert (A24-05-24): Multiple Vulnerabilities in Google Chrome (31-May-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Speech by Mr Michael Chan, Chief Systems Manager (Cyber Security), at the “PolyU x NuttyShell Cybersecurity CTF 2024 Prize Presentation Ceremony” (with photos) (29-May-2024)
  

  Mr Michael Chan, Chief Systems Manager (Cyber Security), presented trophy and award certificates to Tertiary Category Champion team at the “PolyU x NuttyShell Cybersecurity CTF 2024 Prize Presentation Ceremony”.

• Hong Kong Customs clarifies no public auction ever arranged through external parties after noticing suspicious social media pages and websites (29-May-2024)
  

  Hong Kong Customs made a clarification today (May 29) that it has never arranged any public auctions for confiscated items through any social media pages or websites.

• LCQ18: Cybersecurity of government departments and other public organisations (29-May-2024)
  

  Following is a question by the Hon Chan Hak-kan and a written reply by the Secretary for Innovation, Technology and Industry, Professor Sun Dong, in the Legislative Council today (May 29).

• Bogus emails, advertisement and phone calls purportedly associated with HKMA (29-May-2024)
  

  The Hong Kong Monetary Authority (HKMA) has recently received public enquiries regarding emails, advertisement and phone calls claiming to be associated with the HKMA. 

• LCQ6: Protection of personal data privacy (29-May-2024)
  

  Following is a question by the Hon Elizabeth Quat and a reply by the Secretary for Innovation, Technology and Industry, Professor Sun Dong, in the Legislative Council today (May 29).

• Public urged to stay alert to WhatsApp messages purported to be sent by Student Finance Office (28-May-2024)
  

  A spokesman for the Working Family and Student Financial Assistance Agency (WFSFAA) today (May 28) urged members of the public to stay alert to fraudulent WhatsApp messages purported to be sent by the Student Finance Office.

• Phishing instant messages related to Industrial and Commercial Bank of China (Asia) Limited (28-May-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Industrial and Commercial Bank of China (Asia) Limited relating to phishing instant messages, which have been reported to the HKMA.

• High Threat Security Alert (A24-05-23): Multiple Vulnerabilities in Microsoft Edge (27-May-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Home Affairs Department clarifies alleged data leakage on internet (25-May-2024)
  

  A spokesman for the Home Affairs Department (HAD) today (May 25) said that the Department had noticed someone from an online platform claimed data of the members of the public obtained from the HAD's system were put on sale.

• Fraudulent website and phishing emails related to Tai Sang Bank Limited (24-May-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Tai Sang Bank Limited relating to a fraudulent website and phishing emails, which have been reported to the HKMA.

• Fraudulent website related to Bank Julius Baer & Co. Ltd. (24-May-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank Julius Baer & Co. Ltd. relating to a fraudulent website, which has been reported to the HKMA.

• Bogus calls related to WeChat Pay Hong Kong Limited (24-May-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by WeChat Pay Hong Kong Limited relating to bogus calls. 

• High Threat Security Alert (A24-05-22): Vulnerability in Google Chrome (24-May-2024)
  

  Google released a security update to address a vulnerability in Google Chrome.

• High Threat Security Alert (A24-05-21): Multiple Vulnerabilities in Git (24-May-2024)
  

  Git has released security advisories to address multiple vulnerabilities in Git products.

• High Threat Security Alert (A24-05-20): Multiple Vulnerabilities in Ivanti Products (24-May-2024)
  

  Ivanti has released security advisories to address multiple vulnerabilities in Ivanti products.

• Security Alert (A24-05-19): Multiple Vulnerabilities in Cisco Products (23-May-2024)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

• Public urged to stay alert to WhatsApp messages purported to be sent by District Officers (23-May-2024)
  

  A spokesman for the Home Affairs Department (HAD) today (May 23) appealed to members of the public to stay alert to fraudulent WhatsApp messages purported to be sent by the District Officers (DOs).

• Security Alert (A24-05-18): Multiple Vulnerabilities in QNAP Products (22-May-2024)
  

  QNAP has published security advisories to address multiple vulnerabilities in QNAP products.

• Security Alert (A24-05-17): Multiple Vulnerabilities in Google Chrome (22-May-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Fraudulent website related to Bank Julius Baer & Co. Ltd. (22-May-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank Julius Baer & Co. Ltd. relating to a fraudulent website, which has been reported to the HKMA.

• Phishing emails related to Bank of China (Hong Kong) Limited (22-May-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to phishing emails, which have been reported to the HKMA.

• Privacy Commissioner’s Office Finds that the Operation of the Worldcoin Project in Hong Kong Contravenes the Personal Data (Privacy) Ordinance (22-May-2024)
  

  On completion of its investigation into the Worldcoin project, the Office of the Privacy Commissioner for Personal Data (PCPD) publishes its findings today. 

• Phishing emails related to Tai Sang Bank Limited (21-May-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Tai Sang Bank Limited relating to phishing emails, which have been reported to the HKMA.

• Suspicious website related to Tai Yau Bank, Limited (21-May-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Tai Yau Bank, Limited relating to a suspicious website, which has been reported to the HKMA.

• Public urged to stay alert to WhatsApp messages purported to be sent by SCED (20-May-2024)
  

  A spokesman for the Commerce and Economic Development Bureau (CEDB) today (May 20) appealed to members of the public to stay alert to fraudulent WhatsApp messages purported to be sent by the Secretary for Commerce and Economic Development (SCED).

• Fraudulent social media posts related to Hang Seng Bank, Limited (20-May-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited relating to fraudulent social media posts, which have been reported to the HKMA.

• Security Alert (A24-05-16): Multiple Vulnerabilities in Fortinet Products (17-May-2024)
  

  Fortinet released security advisories to address multiple vulnerabilities in Fortinet systems.

• High Threat Security Alert (A24-05-15): Multiple Vulnerabilities in Microsoft Edge (17-May-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Security Alert (A24-05-14): Multiple Vulnerabilities in Cisco Products (16-May-2024)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

• Security Alert (A24-05-13): Multiple Vulnerabilities in Firefox (16-May-2024)
  

  Mozilla has published the advisories (MFSA2024-21 and MFSA2024-22) to address multiple vulnerabilities in Firefox browser.

• Security Alert (A24-05-12): Multiple Vulnerabilities in Adobe Reader/Acrobat (16-May-2024)
  

  Patches are released for Adobe Reader and Acrobat to address multiple vulnerabilities.

• High Threat Security Alert (A24-05-11): Vulnerability in Microsoft Edge (16-May-2024)
  

  Microsoft released a security update to address a vulnerability in Microsoft Edge.

• High Threat Security Alert (A24-05-10): Multiple Vulnerabilities in Google Chrome (16-May-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• High Threat Security Alert (A24-05-09): Multiple Vulnerabilities in Microsoft Products (May 2024) (16-May-2024)
  

  Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.

• High Threat Security Alert (A24-05-08): Vulnerability in Google Chrome (14-May-2024)
  

  Google released a security update to address the vulnerability in Google Chrome.

• High Threat Security Alert (A24-05-07): Multiple Vulnerabilities in Apple iOS and iPadOS (14-May-2024)
  

  Apple has released iOS 16.7.8, iOS 17.5, iPadOS 16.7.8 and iPadOS 17.5 to fix the vulnerabilities in various Apple devices.

• Fraudulent website and social media page related to DBS Bank (Hong Kong) Limited (14-May-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to a fraudulent website and a social media page, which have been reported to the HKMA.

• Privacy Commissioner’s Office Urges Users of Cloud Platforms to Ensure Data Security (14-May-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) noticed from the data breach notifications recently received from different organisations, including the Electrical and Mechanical Services Department, the Fire Services Department and the Urban Renewal Authority, that in all three incidents, the personal data was stored on the online platform ArcGIS Online (the Platform). 

• High Threat Security Alert (A24-05-06): Multiple Vulnerabilities in Microsoft Edge (13-May-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Build a Secure Cyberspace 2024 - “Together, We Create a Safe Cyberworld” Webinar (10-May-2024)
  

  To help the public identify online traps and prevent fraud, the Office of the Government Chief Information Officer (OGCIO), the Hong Kong Police Force (HKPF) and the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) co-organised the “Together, We Create a Safe Cyberworld” Webinar, in which information security experts will share insights on the hidden threats in cyberworld and the cybersecurity measures that can be adopted.

• High Threat Security Alert (A24-05-05): Vulnerability in Google Chrome (10-May-2024)
  

  Google released a security update to address the vulnerability in Google Chrome.

• HKMA alerts public to frauds purportedly associated with Wealth Management Connect Scheme (10-May-2024)
  

  The Hong Kong Monetary Authority (HKMA) has received public enquiries recently on suspected frauds associated with the Cross-boundary Wealth Management Connect Scheme (Scheme).

• Fraudulent website and internet banking login screen related to Fubon Bank (Hong Kong) Limited (10-May-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Fubon Bank (Hong Kong) Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• A 40-year-old Male Arrested for Suspected Doxxing Arising from Monetary Disputes (10-May-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 40 in the New Territories.

• Enhancing Data Security – PCPD's Representative Speaks at the Webinar Entitled “Together, We Create a Safe Cyberworld” (10-May-2024)
  

  Mr Tamson TAM, Personal Data Officer (Information Technology), Office of the Privacy Commissioner for Personal Data (PCPD), spoke at the Build a Secure Cyberspace 2024 “Together, We Create a Safe Cyberworld” Webinar on 10 May. Mr. Tam shared some tips with the participants on enhancing cyber security for organisations and on how to prevent and handle data breach incidents.

• Fraudulent website and internet banking login screen related to China CITIC Bank International Limited (9-May-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Security Alert (A24-05-04): Multiple Vulnerabilities in Google Chrome (8-May-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Security Alert (A24-05-03): Multiple Vulnerabilities in Android (7-May-2024)
  

  Google has released Android Security Bulletin May 2024 to address multiple vulnerabilities in Android operating system.

• Fraudulent website and social media page related to DBS Bank (Hong Kong) Limited (7-May-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to a fraudulent website and a social media page, which have been reported to the HKMA.

• FSD follows up on IT system security incident (6-May-2024)
  

  A spokesman for the Fire Services Department (FSD) said today (May 6) that the department discovered a potential personal data leakage incident on one of the IT system on May 3, while there is no evidence that relevant data have been released.

• Security Alert (A24-05-02): Multiple Vulnerabilities in Microsoft Edge (3-May-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Companies Registry's e-services maintained after earlier incident of personal data leakage (3-May-2024)
  

  The Companies Registry (CR) said today (May 3) that urgent maintenance of its e-Services Portal to block any risk of further leakage of personal data had been completed.

• Phishing emails related to Bank of China (Hong Kong) Limited (3-May-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to phishing emails, which have been reported to the HKMA.

• Judiciary alerts public to phishing email (3-May-2024)
  

  The Judiciary today (May 3) called on the public again to stay vigilant to a phishing email sent from the email account "Hong Kong High Court - noreply[@]judiciary[.]hk ". The email falsely claims that it was issued by the High Court of the Hong Kong Special Administrative Region, and is suspected of containing a malicious link. 

• Fraudulent website and internet banking login screen related to Fubon Bank (Hong Kong) Limited (3-May-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Fubon Bank (Hong Kong) Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Privacy Commissioner’s Office Publishes Findings on the Data Breach Incident of Consumer Council (2-May-2024)
  

  On completion of its investigation into a data breach incident of the Consumer Council (the Council), the Office of the Privacy Commissioner for Personal Data (PCPD) published its findings today.

• Security Alert (A24-05-01): Multiple Vulnerabilities in Google Chrome (2-May-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• EMSD follows up on system security incident of online server platform (2-May-2024)
  

  A spokesman for the Electrical and Mechanical Services Department (EMSD) said today (May 2) that the department is following up on a system security incident of an online server platform, which involved data collected by the EMSD in "restriction-testing declaration" (RTD) operations conducted between March and July of 2022 in combating COVID-19.

• Judiciary alerts public to phishing email (2-May-2024)
  

  The Judiciary today (May 2) called on the public to stay vigilant to a phishing email sent from the email account "noreply-hk-judiciary-comm-autonotifservice-f4904c-89ae0[@]dagnote[.]com". The email falsely claims that it was issued by the High Court of the Hong Kong Special Administrative Region, and is suspected of containing a malicious link.

• Inland Revenue Department alerts public to fraudulent emails (2-May-2024)
  

  The Inland Revenue Department today (May 2) alerted members of the public to fraudulent emails purportedly issued by the department, which invite recipients to claim tax refunds. 

• HKMA alerts public to entities claiming to assist in recovery of fraud losses (2-May-2024)
  

  The Hong Kong Monetary Authority (HKMA) has received public enquiries regarding the following entities and their offers or claims to assist in the recovery of losses from financial fraud.

• Fraudulent website related to Dah Sing Bank, Limited (2-May-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Dah Sing Bank, Limited relating to a fraudulent website, which has been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Fubon Bank (Hong Kong) Limited (30-April-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Fubon Bank (Hong Kong) Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website related to Nanyang Commercial Bank, Limited (30-April-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Nanyang Commercial Bank, Limited relating to a fraudulent website, which has been reported to the HKMA.

• Security Alert (A24-04-20): Multiple Vulnerabilities in QNAP Products (29-April-2024)
  

  QNAP has published security advisories to address multiple vulnerabilities in QNAP products.

• Security Alert (A24-04-19): Multiple Vulnerabilities in Microsoft Edge (29-April-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• HKCERT Annual Report 2023 (26-April-2024)
  

  HKCERT Annual Report 2023

• High Threat Security Alert (A24-04-18): Multiple Vulnerabilities in Cisco Products (25-April-2024)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco products.

• Security Alert (A24-04-17): Multiple Vulnerabilities in Google Chrome (25-April-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• 8th Inter-departmental Cyber Security Drill held to enhance cyber defence capability of government departments (with photos) (25-April-2024)
  

  The Government Computer Emergency Response Team Hong Kong (GovCERT.HK) under the Office of the Government Chief Information Officer (OGCIO) and the Cyber Security and Technology Crime Bureau (CSTCB) of the Hong Kong Police Force co-organised the 8th Inter-departmental Cyber Security Drill today (April 25). The Drill aimed to strengthen the preparedness and the overall incident response capability of government departments to cyberattacks.

• OFCA calls for participation in SMS Sender Registration Scheme by all sectors to help combat SMS scams (25-April-2024)
  

  The Office of the Communications Authority (OFCA) today (April 25) announced the latest implementation status of the SMS Sender Registration Scheme (the Scheme), and encouraged more industries to actively participate in the Scheme.

• A 65-year-old Man Arrested for Suspected Doxxing of His Former Colleague (25-April-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 65 in the New Territories. The arrested person was suspected to have disclosed the personal data of a data subject without his consent, in contravention of section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO).

• Fraudulent website and mobile application related to Chong Hing Bank Limited (23-April-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Chong Hing Bank Limited relating to a fraudulent website and a mobile application (App), which have been reported to the HKMA.

• DH alerts public to bogus phone call and email (22-April-2024)
  

  The Department of Health (DH) today (April 22) called on healthcare and clinic staff members as well as the public to stay vigilant against a bogus phone call and email that falsely claimed to be made by staff members of the DH.

• Phishing emails related to Hang Seng Bank, Limited (22-April-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited relating to phishing emails, which have been reported to the HKMA.

• Security Alert (A24-04-16): Multiple Vulnerabilities in Microsoft Edge (19-April-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Fraudulent website related to Bank Julius Baer & Co. Ltd. (19-April-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank Julius Baer & Co. Ltd. relating to a fraudulent website, which has been reported to the HKMA.

• Security Alert (A24-04-15): Multiple Vulnerabilities in Cisco Products (18-April-2024)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco products.

• HKMA alerts public to bogus messages and documents (18-April-2024)
  

  The Hong Kong Monetary Authority (HKMA) has received enquiries from members of the public regarding messages received on the instant messaging application WhatsApp or documents purportedly issued in the name of the HKMA.

• Security Alert (A24-04-14): Multiple Vulnerabilities in Firefox (17-April-2024)
  

  Mozilla has published the advisories (MFSA2024-18 and MFSA2024-19) to address multiple vulnerabilities in Firefox browser.

• Security Alert (A24-04-13): Multiple Vulnerabilities in Google Chrome (17-April-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• High Threat Security Alert (A24-04-12): Multiple Vulnerabilities in Oracle Java and Oracle Products (April 2024) (17-April-2024)
  

  Oracle has released the Critical Patch Update (CPU) Advisory with collections of patches for multiple vulnerabilities found in Java SE and various Oracle products.

• Security Alert (A24-04-11): Multiple Vulnerabilities in Microsoft Edge (15-April-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• High Threat Security Alert (A24-04-10): Multiple Vulnerabilities in Palo Alto Products (15-April-2024)
  

  Palo Alto has published security advisories to address multiple vulnerabilities in PAN-OS and Prisma Access.

• Phishing messages and fraudulent websites related to UnionPay App (12-April-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by UnionPay International on UnionPay App-related phishing messages and fraudulent websites, which have been reported to the HKMA.

• Fraudulent website and internet banking login screen related to Airstar Bank Limited (12-April-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Airstar Bank Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• A 22-year-old Female Arrested for Suspected Doxxing Offence Relating to Emotional Entanglements (12-April-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese female aged 22 in the New Territories. 

• Security Alert (A24-04-09): Multiple Vulnerabilities in Google Chrome (11-April-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Security Alert (A24-04-08): Multiple Vulnerabilities in Fortinet Products (10-April-2024)
  

  Fortinet released security advisories to address multiple vulnerabilities in Fortinet systems.

• High Threat Security Alert (A24-04-07): Multiple Vulnerabilities in Microsoft Products (April 2024) (10-April-2024)
  

  Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.

• SWD urges public to be alert to fraudulent job advertisement (10-April-2024)
  

  The Social Welfare Department (SWD) today (April 10) alerted members of the public to a fraudulent job advertisement published on a social media platform.

• LCQ9: Prevention of telephone fraud (10-April-2024)
  

  Following is a question by the Hon Sunny Tan and a written reply by the Secretary for Commerce and Economic Development, Mr Algernon Yau, in the Legislative Council today (April 10).

• Anti-Scam Consumer Protection Charter 2.0 (with photos) (10-April-2024)
  

  Following the launch of the Anti-Scam Consumer Protection Charter last year, the Hong Kong Monetary Authority (HKMA) announced today (April 10), in collaboration with the Hong Kong Association of Banks (HKAB), the launch of the Anti-Scam Consumer Protection Charter 2.0 (the Charter 2.0). 

• Fraudulent website and internet banking login screen related to Dah Sing Bank, Limited (9-April-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Dah Sing Bank, Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Security Alert (A24-04-06): Multiple Vulnerabilities in Cisco Product (5-April-2024)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco products.

• Security Alert (A24-04-05): Multiple Vulnerabilities in Microsoft Edge (5-April-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Security Alert (A24-04-04): Multiple Vulnerabilities in Ivanti Products (5-April-2024)
  

  Ivanti has released a security advisory to address multiple vulnerabilities in Ivanti products.

• Security Alert (A24-04-03): Multiple Vulnerabilities in Apache HTTP Server (5-April-2024)
  

  The Apache Software Foundation released a security update to address multiple vulnerabilities in the HTTP Server and its modules.

• Security Alert (A24-04-02): Multiple Vulnerabilities in Google Chrome (3-April-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Phishing emails related to Bank of China (Hong Kong) Limited (3-April-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to phishing emails, which have been reported to the HKMA.

• Security Alert (A24-04-01): Multiple Vulnerabilities in Android (2-April-2024)
  

  Google has released Android Security Bulletin April 2024 to address multiple vulnerabilities in Android operating system.

• High Threat Security Alert (A24-03-24): Vulnerability in XZ Utils (2-April-2024)
  

  A malicious backdoor is found embedded in versions 5.6.0 and 5.6.1 of XZ Utils.

• Privacy Commissioner’s Office Publishes an Investigation Report on the Data Breach Incident of Cyberport (2-April-2024)
  

  On completion of its investigation into a data breach incident of the Hong Kong Cyberport Management Company Limited (Cyberport), the Office of the Privacy Commissioner for Personal Data (PCPD) published an investigation report today.

• Security Alert (A24-03-23): Multiple Vulnerabilities in Cisco Products (28-March-2024)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco products.

• Security Alert (A24-03-22): Multiple Vulnerabilities in Microsoft Edge (28-March-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Phishing messages and fraudulent websites related to Octopus Cards Limited (28-March-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Octopus Cards Limited relating to phishing messages and fraudulent websites.

• Security Alert (A24-03-21): Multiple Vulnerabilities in Google Chrome (27-March-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Education Bureau alerts public to fraudulent WhatsApp message (27-March-2024)
  

  The Education Bureau (EDB) today (March 27) called on the public to stay vigilant against a fraudulent WhatsApp message that falsely claims to be issued by school personnel.

• Fraudulent website related to Bank of Singapore Limited (27-March-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited relating to a fraudulent website, which has been reported to the HKMA.

• Security Alert (A24-03-20): Vulnerability in Apple iOS and iPadOS (26-March-2024)
  

  Apple has released iOS 16.7.7, iOS 17.4.1, iPadOS 16.7.7 and iPadOS 17.4.1 to fix the vulnerability in various Apple devices.

• Fraudulent website related to Bank of Singapore Limited (26-March-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited relating to a fraudulent website, which has been reported to the HKMA.

• A 32-year-old Male Arrested for Suspected Doxxing Acts (26-March-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 32 on Hong Kong Island. The arrested person was suspected to have disclosed the personal data of a data subject without her consent, in contravention of section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO).

• Security Alert (A24-03-19): Multiple Vulnerabilities in Firefox (25-March-2024)
  

  Mozilla has published the advisories (MFSA2024-15 and MFSA2024-16) to address multiple vulnerabilities in Firefox browser.

• Security Alert (A24-03-18): Multiple Vulnerabilities in Microsoft Edge (25-March-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Privacy Commissioner’s Office Issues Two Leaflets on the Smart Use of Smartphones and Social Media to Protect Personal Data Privacy (25-March-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) today published two leaflets entitled (1) “Protect Your Personal Data - Smart Use of Smartphones” and (2) “Protect Your Personal Data - Be Smart on Social Media” respectively to provide tips for users on the smart use of smartphones and social media to help them protect their privacy.

• Fraudulent website and internet banking login screen related to Bank of China (Hong Kong) Limited (22-March-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Hong Kong Police Force holds multi-disciplinary seminar on Child Sexual Abuse in the Cyber World (with photos) (21-March-2024)
  

  The Hong Kong Police Force (HKPF) held a multi-disciplinary seminar on Child Sexual Abuse in the Cyber World today (March 21). Experts and representatives from relevant sectors jointly explored how to more effectively protect children from online sexual threats from multiple perspectives.

• Public urged to stay alert to emails purported to be issued by SCED office (21-March-2024)
  

  A spokesman for the Commerce and Economic Development Bureau (CEDB) today (March 21) appealed to members of the public to stay alert to fraudulent emails purported to be issued by the office of the Secretary for Commerce and Economic Development (SCED).

• Public should beware of scam video about investment plan purported to be recommended by CE (21-March-2024)
  

  A Government spokesman today (March 21) again advised members of the public to stay vigilant about forged video clips created by artificial intelligence circulating online about an investment plan purported to be recommended by the Chief Executive.

• Fraudulent websites and internet banking login screens related to Bank of China (Hong Kong) Limited (21-March-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• A 30-year-old Male Arrested for Suspected Doxxing of Former Friend (21-March-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 30 in Kowloon. The arrested person was suspected to have disclosed the personal data of a data subject without her consent, in contravention of section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO).

• Security Alert (A24-03-17): Multiple Vulnerabilities in Firefox (20-March-2024)
  

  Mozilla has published the advisories (MFSA2024-12 and MFSA2024-13) to address multiple vulnerabilities in Firefox browser.

• Security Alert (A24-03-16): Multiple Vulnerabilities in Google Chrome (20-March-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Enhancing Data Security – Privacy Commissioner’s Office and Hong Kong Internet Registration Corporation Limited Jointly Organise a Seminar on Cybersecurity and Data Breach Handling (20-March-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) and Hong Kong Internet Registration Corporation Limited (HKIRC) co-organised a seminar on “Responding to Cyber Security Threats and Data Breaches” in hybrid mode on 19 March, which attracted over 880 participants.

• Defacement Attacks: Understanding and Prevention (20-March-2024)
  

  Defacement attacks occur when malicious actors infiltrate a website online or a digital advertising panel device hardware, and replace its content with their own messages.

• Fraudulent websites and internet banking login screens related to Bank of China (Hong Kong) Limited (19-March-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent website related to Bank Julius Baer & Co. Ltd. (19-March-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank Julius Baer & Co. Ltd. relating to a fraudulent website, which has been reported to the HKMA.

• Eighty citizens and seven organisations commended for helping Police fight crime (with photos) (17-March-2024)
  

  The “Good Citizen Award (GCA) Presentation Ceremony 2023”, organised by the Hong Kong Police Force, was held today (March 17) at the Hong Kong Convention and Exhibition Centre. Eighty citizens were commended for assisting the Force in fighting crime and upholding the rule of law. 

• HKIB Cybersecurity Solutions Day 2024 (15-March-2024)
  

  Ensuring Vigilance: AI-Powered Cybersecurity for a Changing Landscape

• Security Alert (A24-03-15): Multiple Vulnerabilities in Microsoft Edge (15-March-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Fraudulent website and internet banking login screen related to Bank of China (Hong Kong) Limited (15-March-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Security Alert (A24-03-14): Multiple Vulnerabilities in Cisco IOS XR Software (14-March-2024)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco IOS XR Software.

• Security Alert (A24-03-13): Multiple Vulnerabilities in Apache Tomcat (14-March-2024)
  

  The Apache Software Foundation released security updates to address multiple vulnerabilities in the Apache Tomcat.

• Security Alert (A24-03-12): Multiple Vulnerabilities in SonicWall Products (13-March-2024)
  

  SonicWall released security advisories to address multiple vulnerabilities in SonicWall products.

• Security Alert (A24-03-11): Vulnerability in Google Chrome (13-March-2024)
  

  Google released a security update to address a vulnerability in Google Chrome.

• High Threat Security Alert (A24-03-10): Multiple Vulnerabilities in Fortinet Products (13-March-2024)
  

  Fortinet released security advisories to address multiple vulnerabilities in Fortinet systems.

• High Threat Security Alert (A24-03-09): Multiple Vulnerabilities in Microsoft Products (March 2024) (13-March-2024)
  

  Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.

• Fraudulent websites and internet banking login screens related to Bank of China (Hong Kong) Limited (13-March-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Security Alert (A24-03-08): Multiple Vulnerabilities in QNAP Products (11-March-2024)
  

  QNAP has published security advisories to address multiple vulnerabilities in QNAP products.

• Deepfake: Where Images Don't Always Speak Truth (11-March-2024)
  

  "Deepfake" is the combination of "Deep learning" and "Fake".

• Phishing Alert - Phishing Campaigns Targeting Users in Various Platforms on the Rise (8-March-2024)
  

  There is threat intelligence indicating an increasing trend of phishing attacks targeting users on various platforms.

• Security Alert (A24-03-07): Multiple Vulnerabilities in Microsoft Edge (8-March-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Fraudulent social media page and phishing emails related to China CITIC Bank International Limited (8-March-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited relating to a fraudulent social media page and phishing emails, which have been reported to the HKMA.

• How To Protect Your Data in Quantum Age (7-March-2024)
  

  A quantum computer represents a groundbreaking paradigm shift in computing, leveraging the intricate principles of quantum mechanics to execute certain computations exponentially faster than their classical counterparts.

• Security Alert (A24-03-06): Multiple Vulnerabilities in Cisco Products (7-March-2024)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco products.

• Fraudulent website and internet banking login screen related to Bank of China (Hong Kong) Limited (7-March-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of China (Hong Kong) Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Fraudulent website related to Bank of Singapore Limited (7-March-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited relating to a fraudulent website, which has been reported to the HKMA.

• Security Alert (A24-03-05): Multiple Vulnerabilities in Google Chrome (6-March-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• High Threat Security Alert (A24-03-04): Multiple Vulnerabilities in VMware Products (6-March-2024)
  

  VMware has published a security advisory to address multiple vulnerabilities in VMware products.

• High Threat Security Alert (A24-03-03): Multiple Vulnerabilities in Apple iOS and iPadOS (6-March-2024)
  

  Apple has released iOS 16.7.6, iOS 17.4, iPadOS 16.7.6 and iPadOS 17.4 to fix the vulnerabilities in various Apple devices.

• Inland Revenue Department alerts public to fraudulent emails (6-March-2024)
  

  The Inland Revenue Department today (March 6) alerted members of the public to fraudulent emails purportedly issued by the department, which invite recipients to claim tax refunds.

• Suspicious websites related to Mox Bank Limited (6-March-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Mox Bank Limited relating to suspicious websites, which have been reported to the HKMA.

• Fraudulent websites and mobile applications related to CMB Wing Lung Bank Limited (6-March-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by CMB Wing Lung Bank Limited relating to fraudulent websites and mobile applications (apps), which have been reported to the HKMA.

• Security Alert (A24-03-02): Multiple Vulnerabilities in Android (5-March-2024)
  

  Google has released Android Security Bulletin March 2024 to address multiple vulnerabilities in Android operating system.

• Fraudulent website and phishing emails related to Public Bank (Hong Kong) Limited (5-March-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Public Bank (Hong Kong) Limited relating to a fraudulent website and phishing emails, which have been reported to the HKMA.

• Fraudulent website and phishing instant messages related to Fubon Bank (Hong Kong) Limited (4-March-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Fubon Bank (Hong Kong) Limited relating to a fraudulent website and phishing instant messages, which have been reported to the HKMA.

• Security Alert (A24-03-01): Multiple Vulnerabilities in Microsoft Edge (1-March-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Inland Revenue Department alerts public to fraudulent emails (1-March-2024)
  

  The Inland Revenue Department today (March 1) alerted members of the public to fraudulent emails purportedly issued by the department, which invite recipients to claim tax refunds. 

• Cyber Security Professional Awards 2023 (29-February-2024)
  

  The Cyber Security Professional Awards is co-organised by the Hong Kong Police Force, the Government Computer Emergency Response Team Hong Kong (GovCERT.HK) and the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT).

• Security Alert (A24-02-18): Multiple Vulnerabilities in Cisco Products (29-February-2024)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco products.

• Security Alert (A24-02-17): Multiple Vulnerabilities in Google Chrome (29-February-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Cyber Security Professionals Awards 2023 (with photos) (29-February-2024)
  

  The Cyber Security Professional Awards (CSPA) 2023 presentation ceremony was successfully concluded today (February 29), with a total of 52 winners and organisations commended for their outstanding achievements in the cyber security field.

• "Report on the Survey on Information Technology Usage and Penetration in the Business Sector for 2023" published (29-February-2024)
  

  The Census and Statistics Department (C&SD) released today (February 29) the "Report on the Survey on Information Technology Usage and Penetration in the Business Sector for 2023".

• A 64-year-old Male Arrested for Suspected Doxxing Arising from Monetary Disputes (29-February-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) today arrested a Chinese male aged 64 in Kowloon. The arrested person was suspected to have disclosed the personal data of a data subject without her consent, in contravention of section 64(3A) of the Personal Data (Privacy) Ordinance (PDPO).

• Security Alert (A24-02-16): Vulnerability in VMware Products (28-February-2024)
  

  VMware has published a security advisory to address a vulnerability in VMware products.

• 保安局局長在立法會保安事務委員會就為持續擴展數碼警政而推出的主要資訊科技項目開場發言 (Chinese only) (27-February-2024)
  

  以下是保安局局長鄧炳強今日（二月二十七日）出席立法會保安事務委員會就為持續擴展數碼警政而推出的主要資訊科技項目的開場發言。 (Chinese only)

• Security Alert (A24-02-15): Multiple Vulnerabilities in Microsoft Edge (26-February-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Fraudulent websites related to CMB Wing Lung Bank Limited (26-February-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by CMB Wing Lung Bank Limited relating to fraudulent websites, which have been reported to the HKMA.

• Hong Kong Customs urges public to be alert to fraudulent Customs WeChat account (23-February-2024)
  

  Hong Kong Customs today (February 23) appealed to members of the public to stay alert to a fraudulent Hong Kong Customs' WeChat official account to avoid being scammed.

• Phishing emails and fraudulent websites related to Alipay Financial Services (HK) Limited (23-February-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Alipay Financial Services (HK) Limited relating to phishing emails and fraudulent websites.

• Security Alert (A24-02-14): Multiple Vulnerabilities in Firefox (21-February-2024)
  

  Mozilla has published the advisories (MFSA2024-05 and MFSA2024-06) to address multiple vulnerabilities in Firefox browser.

• Security Alert (A24-02-13): Multiple Vulnerabilities in Google Chrome (21-February-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Fraudulent website related to Bank Julius Baer & Co. Ltd. (21-February-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank Julius Baer & Co. Ltd. relating to a fraudulent website, which has been reported to the HKMA.

• SMS Sender Registration Scheme open to all sectors to further combat SMS fraud (21-February-2024)
  

  The Office of the Communications Authority (OFCA) today (February 21) announced that the SMS Sender Registration Scheme is now open for application by all sectors to further help members of the public verify the identities of SMS senders, with a view to combating SMS fraud.

• Implications of the Development or Use of Artificial Intelligence on Personal Data Privacy. The Privacy Commissioner’s Office has Completed Compliance Checks on 28 Organisations. (21-February-2024)
  

  With the development and use of Artificial Intelligence (AI) becoming increasingly common in Hong Kong, organisations may collect, use or process personal data when they develop or use AI systems, thereby posing risks to personal data privacy.

• Resource Centre - Leaflet on "The Do's and Don'ts of Using Instant Messaging" (20-February-2024)
  

  Leaflet on "Information Security Guide - The Do's and Don'ts of Using Instant Messaging" is now available at the Resource Centre

• High Threat Security Alert (A24-02-12): Multiple Vulnerabilities in Zoom Products (15-February-2024)
  

  Zoom has published a security advisory to address multiple vulnerabilities in Zoom products.

• A 27-year-old Female Convicted and Sentenced for Doxxing a Pet Seller (15-February-2024)
  

  The West Kowloon Magistrates’ Court today convicted a 27-year old female, Miss CHAN Tung-ching (defendant), of one charge of a doxxing offence upon her guilty plea. The Court on the same day sentenced the defendant to two weeks’ imprisonment, suspended for 3 years, and a fine of HK$500.

• Security Alert (A24-02-11): Multiple Vulnerabilities in Adobe Reader/Acrobat (14-February-2024)
  

  Patches are released for Adobe Reader and Acrobat to address multiple vulnerabilities.

• Security Alert (A24-02-10): Multiple Vulnerabilities in QNAP Products (14-February-2024)
  

  QNAP has published a security advisory to address multiple vulnerabilities in QNAP products.

• High Threat Security Alert (A24-02-09): Multiple Vulnerabilities in Microsoft Products (February 2024) (14-February-2024)
  

  Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.

• Reaching Out to the Community – Privacy Commissioner Interviewed by the Media to Explain PCPD’s Work on Data Security (9-February-2024)
  

  The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, was interviewed by Metro Radio’s “Roadmap to Knowledge Economy” on 9 February to give an account of her Office’s follow-up work on the data breach incident relating to the Faculty of Education of the University of Hong Kong. The Privacy Commissioner also explained the work of the Office of the Privacy Commissioner for Personal Data (PCPD) on data security.

• Fraudulent websites and internet banking login screens related to DBS Bank (Hong Kong) Limited (9-February-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Phishing emails related to China Minsheng Banking Corp., Ltd. (9-February-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China Minsheng Banking Corp., Ltd. relating to phishing emails, which have been reported to the HKMA.

• High Threat Security Alert (A24-02-08): Vulnerability in Ivanti Products (9-February-2024)
  

  Ivanti has published a security advisory to address a vulnerability in Ivanti systems.

• High Threat Security Alert (A24-02-07): Multiple Vulnerabilities in Fortinet Products (9-February-2024)
  

  Fortinet released security advisories to address multiple vulnerabilities in Fortinet systems.

• Security Alert (A24-02-06): Multiple Vulnerabilities in Microsoft Edge (9-February-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Security Alert (A24-02-05): Multiple Vulnerabilities in Cisco Products (8-February-2024)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco devices and software.

• CSA HKM Knowledge Sharing Event – February 2024 (7-February-2024)
  

  CSA Knowledge Sharing Event provides an excellent opportunity for cybersecurity professionals to discuss the latest trends and developments in IT and in the process build a close-knitted cybersecurity community in Hong Kong and Macau.

• Response of the Privacy Commissioner’s Office on the HKU Faculty of Education’s Data Breach Incident (7-February-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) received a data breach notification from the Faculty of Education of the University of Hong Kong (HKU) yesterday (7 February), reporting that about 7,400 data subjects had been affected by the data breach incident. 

• OGCIO launches multipronged measures to assist departments in strengthening IT project governance (7-February-2024)
  

  All bureaux and departments (B/Ds) of the Hong Kong Special Administrative Region Government are committed to promoting the digital transformation of government services and actively making use of information technology (IT) to provide more convenient e-government services for people and business. 

• Security Alert (A24-02-04): Multiple Vulnerabilities in Google Chrome (7-February-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Security Alert (A24-02-03): Multiple Vulnerabilities in Android (7-February-2024)
  

  Google has released Android Security Bulletin February 2024 to fix multiple vulnerabilities in Android operating system.

• Suspicious website related to Mox Bank Limited (6-February-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Mox Bank Limited relating to a suspicious website, which has been reported to the HKMA.

• Fraudulent website and phishing emails related to Public Bank (Hong Kong) Limited (6-February-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Public Bank (Hong Kong) Limited relating to a fraudulent website and phishing emails, which have been reported to the HKMA.

• Fraudulent social media accounts and phishing instant messages related to Airstar Bank Limited (5-February-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Airstar Bank Limited relating to fraudulent social media accounts and phishing instant messages, which have been reported to the HKMA.

• Phishing emails related to DBS Bank (Hong Kong) Limited (5-February-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to phishing emails, which have been reported to the HKMA.

• Security Alert (A24-02-02): Multiple Vulnerabilities in QNAP Products (5-February-2024)
  

  QNAP has published security advisories to address multiple vulnerabilities in QNAP products.

• ‘e-Generation Joyful Internet Surfing’ Parent Seminar (3): Protecting Personal Data Privacy Online & Effective Use of Library e-Resources (2-February-2024)
  

  The Education Bureau, Hong Kong Education City, and Committee on Home-School Co-operation will co-organise a seminar on ‘e-Generation Joyful Internet Surfing’ Parent Seminar (3): Protecting Personal Data Privacy Online & Effective Use of Library e-Resources.

• Security Alert (A24-02-01): Multiple Vulnerabilities in Microsoft Edge (2-February-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• HKCERT Releases Annual Information Security Outlook and Forecast Next Level Phishing Attacks Difficult to Distinguish Hackers Exploit AI for Crimes Could Become a New Normal (1-February-2024)
  

  The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) held a briefing today, and summarised the information security situation in Hong Kong in 2023 as well as released a security outlook for 2024.

• Privacy Commissioner Urges the Public to Stay Vigilant about the Worldcoin Project and Not to Disclose Biometric Data Arbitrarily (31-January-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) executed court warrants this afternoon and entered six premises of the Worldcoin project located at Yau Ma Tei, Kwun Tong, Wan Chai, Cyperport, Central and Causeway Bay to carry out investigations.

• Security Alert (A24-01-29): Multiple Vulnerabilities in Linux Operating Systems (31-January-2024)
  

  Multiple vulnerabilities are found in all versions of the Linux GNU C Library (glibc) from version 1.04 to the latest release version 2.38.

• Security Alert (A24-01-28): Multiple Vulnerabilities in Google Chrome (31-January-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• High Threat Security Alert (A24-01-27): Multiple Vulnerabilities in GitLab (31-January-2024)
  

  GitLab has released 16.5.8, 16.6.6, 16.7.4 and 16.8.1 to address multiple vulnerabilities in various versions of GitLab.

• Judiciary alerts public to fraudulent summonses (30-January-2024)
  

  The Judiciary today (January 30) urged the public to stay alert to fraudulent summonses purportedly issued by the Judiciary.

• Security Alert (A24-01-26): Multiple Vulnerabilities in Juniper Networks Junos OS and Junos OS Evolved (30-January-2024)
  

  Juniper Networks has published security advisories to address multiple vulnerabilities in Junos OS and Junos OS Evolved.

• Privacy Commissioner’s Office Reports on its Work in 2023 and Publishes a Report on “Privacy Concerns on Electronic Food Ordering at Restaurants” (29-January-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) today reported on its work in 2023 and released a report on “Privacy Concerns on Electronic Food Ordering at Restaurants”. 

• Fraudulent website and internet banking login screen related to DBS Bank (Hong Kong) Limited (29-January-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Security Alert (A24-01-25): Multiple Vulnerabilities in Synology DiskStation Manager (29-January-2024)
  

  Synology has published security advisories to address multiple vulnerabilities in various versions of DiskStation Manager (DSM).

• Security Alert (A24-01-24): Multiple Vulnerabilities in Microsoft Edge (29-January-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Fraudulent website and phishing emails related to China CITIC Bank International Limited (26-January-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited relating to a fraudulent website and phishing emails, which have been reported to the HKMA.

• Fraudulent website and social media page related to DBS Bank (Hong Kong) Limited (26-January-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to a fraudulent website and a social media page, which have been reported to the HKMA.

• A 31-year-old Male Arrested for Suspected Doxxing of a Taxi Driver (26-January-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) last night arrested a Chinese male aged 31 in the New Territories.

• Promoting Responsible Sharenting – Privacy Commissioner Publishes an Article entitled “Think Twice Before Sharing Your Children’s Lives Online” (25-January-2024)
  

  The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, published an article entitled “Think Twice Before Sharing Your Children’s Lives Online”.

• Security Alert (A24-01-23): Multiple Vulnerabilities in Cisco Products (25-January-2024)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco products.

• Global Data Breach Involving Various Social Media and Online Platforms Privacy Commissioner’s Office Reminds Platform Users to Stay Vigilant (24-January-2024)
  

  The Office of the Privacy Commissioner for Personal Data (PCPD) noted reports of overseas media that researchers of cybersecurity information websites uncovered global data breach incidents affecting various online platforms.

• LCQ20: Combating online and phone fraud (24-January-2024)
  

  Following is a question by the Hon Chan Kin-por and a written reply by the Secretary for Security, Mr Tang Ping-keung, in the Legislative Council today (January 24).

• LCQ18: Development and application of artificial intelligence (24-January-2024)
  

  Following is a question by the Hon Elizabeth Quat and a written reply by the Secretary for Innovation, Technology and Industry, Professor Sun Dong, in the Legislative Council today (January 24).

• Public should beware of scam video about investment plan purported to be recommended by CE (24-January-2024)
  

  A Government spokesman today (January 24) advised members of the public to stay vigilant about forged TV programme clips created by artificial intelligence circulating online about an investment plan purported to be recommended by the Chief Executive.

• Security Alert (A24-01-22): Multiple Vulnerabilities in Firefox (24-January-2024)
  

  Mozilla has published the advisories (MFSA2024-01 and MFSA2024-02) to address multiple vulnerabilities in Firefox browser.

• Security Alert (A24-01-21): Multiple Vulnerabilities in Google Chrome (24-January-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Resource Centre - Leaflet on "Misinformation and Disinformation" (23-January-2024)
  

  Leaflet on "Information Security Guide - Misinformation and Disinformation" is now available at the Resource Centre

• SWD urges public to be alert to fraudulent job advertisements (23-January-2024)
  

  The Social Welfare Department (SWD) today (January 23) alerted members of the public to fraudulent job advertisements published on a social media platform.

• High Threat Security Alert (A24-01-20): Multiple Vulnerabilities in Apple iOS and iPadOS (23-January-2024)
  

  Apple has released iOS 15.8.1, iOS 16.7.5, iOS 17.3, iPadOS 15.8.1, iPadOS 16.7.5 and iPadOS 17.3 to fix the vulnerabilities in various Apple devices.

• High Threat Security Alert (A24-01-19): Vulnerability in Ivanti Endpoint Manager Mobile (MobileIron Core) (22-January-2024)
  

  Ivanti has published a security advisory to address a vulnerability in Ivanti Endpoint Manager Mobile.

• Transport Department alerts public to fraudulent SMS messages of HKeToll (21-January-2024)
  

  The Transport Department (TD) today (January 21) alerted members of the public to fraudulent SMS messages purportedly issued by the HKeToll.

• Police hold CyberDefenders' Carnival 2024 (with photos) (20-January-2024)
  

  The Cyber Security and Technology Crime Bureau (CSTCB) of the Hong Kong Police Force held the "CyberDefenders’ Carnival 2024" at HarbourChill, Wan Chai today (January 20) to educate the public about cyber threats and digital security through entertaining performances and interactive game booths, attracting 8,000 participants.

• HKMA alerts public to an online video purported to be interview with HKMA Chief Executive (18-January-2024)
  

  The Hong Kong Monetary Authority (HKMA) today (January 18) urged members of the public to remain vigilant against an online video purported to be a media interview with the Chief Executive of the HKMA, Mr Eddie Yue, on an investment item.

• Security Alert (A24-01-18): Vulnerability in Drupal (18-January-2024)
  

  Drupal published a security advisory to address a vulnerability in the Drupal products.

• High Threat Security Alert (A24-01-17): Multiple Vulnerabilities in Microsoft Edge (18-January-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• LCQ3: Ensuring the normal operation of government electronic systems (17-January-2024)
  

  Following is a question by the Hon Yung Hoi-yan and a reply by the Secretary for Innovation, Technology and Industry, Professor Sun Dong, in the Legislative Council today (January 17).

• Phishing instant messages related to The Hongkong and Shanghai Banking Corporation Limited (17-January-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by The Hongkong and Shanghai Banking Corporation Limited relating to phishing instant messages, which have been reported to the HKMA.

• Security Alert (A24-01-16): Multiple Vulnerabilities in Oracle Java and Oracle Products (January 2024) (17-January-2024)
  

  Oracle released a Critical Patch Update (CPU) Advisory with collections of patches to address multiple vulnerabilities in Java SE and various Oracle products.

• High Threat Security Alert (A24-01-15): Vulnerability in VMware Aria Automation (17-January-2024)
  

  VMware published a security advisory to address a vulnerability in VMware Aria Automation.

• High Threat Security Alert (A24-01-14): Multiple Vulnerabilities in Citrix Product (17-January-2024)
  

  Citrix published security advisories to address multiple vulnerabilities in Citrix products.

• High Threat Security Alert (A24-01-13): Multiple Vulnerabilities in Google Chrome (17-January-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Reaching Out to the Community – PCPD Representative attends the Press Conference on the Release of “Survey on ‘Sharenting’ and Protecting Children’s Digital Privacy” (16-January-2024)
  

  The Assistant Privacy Commissioner for Personal Data (Complaints and Criminal Investigation) (Acting) of the Office of the Privacy Commissioner for Personal Data (PCPD), Ms Hermina NG, attended the press conference on the release of “Survey on ‘Sharenting’ and Protecting Children’s Digital Privacy” held by the Chinese YMCA of Hong Kong on 14 January. Ms NG shared with participants what parents should watch out before they publish any post regarding their children’s daily lives online, so as to safeguard children privacy.

• High Threat Security Alert (A24-01-12): Multiple Vulnerabilities in GitLab (16-January-2024)
  

  GitLab has released 16.5.6, 16.6.4 and 16.7.2 to address multiple vulnerabilities in various versions of GitLab.

• High Threat Security Alert (A24-01-11): Multiple Vulnerabilities in Juniper Networks Junos OS and Junos OS Evolved (16-January-2024)
  

  Juniper Networks has published security advisories to address multiple vulnerabilities in Junos OS and Junos OS Evolved.

• FSO alerts public to deceptive content purported to be interviews with FS (15-January-2024)
  

  The Financial Secretary's Office (FSO) today (January 15) appealed to members of the public for heightened vigilance against online deceptive advertisements purported to be interviews with the Financial Secretary (FS).

• A 42-year-old Male Convicted and Sentenced for Doxxing another person because of Monetary Dispute (12-January-2024)
  

  The Shatin Magistrates’ Court today convicted a 42-year old male, Mr WONG Ho-loon (defendant), of two charges of a doxxing offence upon his guilty plea.

• Fraudulent website, internet banking login screen and phishing instant messages related to Fubon Bank (Hong Kong) Limited (12-January-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Fubon Bank (Hong Kong) Limited relating to a fraudulent website, an internet banking login screen and phishing instant messages, which have been reported to the HKMA. 

• Security Alert (A24-01-10): Multiple Vulnerabilities in Microsoft Edge (12-January-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Security Alert (A24-01-09): Multiple Vulnerabilities in Cisco Products (11-January-2024)
  

  Cisco released security advisories to address multiple vulnerabilities in Cisco products.

• High Threat Security Alert (A24-01-08): Multiple Vulnerabilities in Ivanti Products (11-January-2024)
  

  Ivanti released a security advisory to address multiple vulnerabilities in Ivanti products.

• Security Alert (A24-01-07): Vulnerability in Fortinet Products (10-January-2024)
  

  Fortinet released a security advisory to address a vulnerability in Fortinet products.

• Security Alert (A24-01-06): Vulnerability in Google Chrome (10-January-2024)
  

  Google released a security update to address a vulnerability in Google Chrome.

• Security Alert (A24-01-05): Multiple Vulnerabilities in Microsoft Products (January 2024) (10-January-2024)
  

  Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components.

• Promoting Ethical and Responsible Use of AI – Privacy Commissioner Publishes an Article in Banking Today (9-January-2024)
  

  The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, published an article entitled “AI and Ethics: Ensuring the Responsible Use of Generative AI in Banking” in Banking Today, a bi-monthly journal of the Hong Kong Institute of Bankers, where she outlined the potential benefits of generative AI on the banking industry, analysed the technology’s associated privacy and ethical risks, and introduced the evolving regulatory landscape of AI.

• Fraudulent mobile application related to Hang Seng Bank, Limited (9-January-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited relating to a fraudulent mobile application (app), which has been reported to the HKMA.

• Government cautions public on online video about investment plan purported to be recommended by CE (9-January-2024)
  

  A Government spokesman today (January 9) cautioned the public not to believe in a forged video created by artificial intelligence circulating online about an investment plan with high returns purported to be recommended by the Chief Executive.

• Phishing messages and fraudulent websites related to Alipay Financial Services (HK) Limited (9-January-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Alipay Financial Services (HK) Limited relating to phishing messages and fraudulent websites.

• Fraudulent website and internet banking login screen related to China CITIC Bank International Limited (8-January-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Security Alert (A24-01-04): Multiple Vulnerabilities in QNAP Products (8-January-2024)
  

  QNAP has published security advisories to address multiple vulnerabilities in QNAP products.

• Security Alert (A24-01-03): Multiple Vulnerabilities in Microsoft Edge (8-January-2024)
  

  Microsoft released a security update to address multiple vulnerabilities in Microsoft Edge.

• Fraudulent website, internet banking login screen and social media account related to Hang Seng Bank, Limited (5-January-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Hang Seng Bank, Limited relating to a fraudulent website, an internet banking login screen and a social media account, which have been reported to the HKMA.

• Phishing email and fraudulent website related to Alipay Financial Services (HK) Limited (5-January-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Alipay Financial Services (HK) Limited relating to a phishing email and a fraudulent website.

• Fraudulent website and internet banking login screen related to DBS Bank (Hong Kong) Limited (5-January-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by DBS Bank (Hong Kong) Limited relating to a fraudulent website and an internet banking login screen, which have been reported to the HKMA.

• Security Alert (A24-01-02): Multiple Vulnerabilities in Google Chrome (4-January-2024)
  

  Google released a security update to address multiple vulnerabilities in Google Chrome.

• Security Alert (A24-01-01): Multiple Vulnerabilities in Android (4-January-2024)
  

  Google has released Android Security Bulletin January 2024 to fix multiple security vulnerabilities in Android operating system.

• Fraudulent websites and internet banking login screens related to China CITIC Bank International Limited (3-January-2024)
  

   The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by China CITIC Bank International Limited relating to fraudulent websites and internet banking login screens, which have been reported to the HKMA.

• Fraudulent website related to Bank Julius Baer & Co. Ltd. (2-January-2024)
  

  The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank Julius Baer & Co. Ltd. relating to a fraudulent website, which has been reported to the HKMA.

• Anti-Deception Coordination Centre to enhance scam intervention through SMS communications (with photo) (1-January-2024)
  

  The Anti-Deception Coordination Centre (ADCC) of the Hong Kong Police Force will expand its scheme of “Upstream Scam Intervention” starting tomorrow (January 2) to include sending SMS messages to potential scam victims as a means to provide timely alerts and advice.

• Alliance
• About Us
• Site Map
• Important Notices
• Privacy Policy
• Contact Us

Copyright © 2025 Digital Policy Office. All rights reserved.
Last update / review: Jun 2025