Knowlegde
HKIRC Cybersec Training Hub
HKIRC Cybersec Training Hub is a free online training platform managed by Hong Kong Internet Registration Corporation Limited (HKIRC), which aims to lower the threshold for organisations to provide cybersecurity training to their employees. For more information, please refer to Chinese version ...
Phishing and Software-as-a-Service (SaaS) Email Protection Solutions
Foreword In recent years, it is not difficult to observe that some organizations responsible for I.T. teams are considering using or even deploying Microsoft's cloud solutions to deploy appropriate combinations to meet the organization's development needs. According to the needs of your organization, you can apply for Microsoft 365 on ...
HKCERT Urges Local IT Users to Patch Apache “Log4j” Vulnerability ASAP
(Hong Kong, 16 December 2021) The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) of the Hong Kong Productivity Council is urging local IT users to patch their systems as soon as possible in light of the discovery of a critical vulnerability in Apache “Log4j” and an upsurge in ...
Most employees reusing personal passwords to protect corporate data
A research conducted by My1Login surveyed 1,000 employees and 1,000 business leaders, found that 85% of employees are reusing passwords across business applications after receiving training. Training only makes a negligible difference to how employees are protecting corporate data. Organizations may have difficulties on educating staff to have a safer ...
Synology: Multiple products impacted by OpenSSL RCE vulnerability
Synology has revealed that some of their product has been affected by recently disclosed remote code execution and denial of service OpenSSL vulnerabilities. Synology is one of the popular NAS devices brands in Hong Kong, especially for SMEs. Organizations who are using Synology devices should disable the remote connections to ...
Phishing and Crypto Attacks Soared in First Half of 2021
Phishing and crypto attacks have a huge rise in H1 2021. Over 20% of increase of phishing attacks has been reported compared to 2020 and over 50% of credential theft phishing attacks targeted O365 inboxes. On the other hand, there are 45% of attacks using phishing sites to target accounts ...
Increase in credential phishing and brute force attacks causing financial and reputational damage
A report released by Abnormal Security examines increasing adverse impact of socially engineered and never-seen-before email attacks to organizations worldwide. More than 70% of advanced threats were credential phishing attacks target wide range of industry, and there is an impressively increase of brute force attacks over these few weeks. Organization ...
Patch Vulnerabilities in Remote Access and Remote Storage Now
The COVID-19 pandemic has seen a surge in the adoption of remote access solutions such as virtual private networks (VPNs), remote storage and cloud-based technologies in remote office scenarios. However, these solutions have also exposed a new attack surface to the Internet. In the past year, critical vulnerabilities were frequently ...
Email fatigue among users opens doors for cybercriminals
Under COVID-19 pandemic, business is moved to remote work. More business data is being shared by email. Sifting the email large amount of email is time-consuming and exhausting. This annoying situation may make users more likely to click on a malicious email without knowing it. To have a better protection from ...
Where does the SME fit into a supply chain attack?
Supply chain attack is one of the serious problems for the business nowadays. Company must have connections to others, like partner companies and vendors, no matter you are a big company or a SME. However SME face more challenging situation compare to the larger company. They usually don’t have security resources as the bigger ...
