Cybersechub.hk

RSS feed of Cybersechub.hk “Cybersechub.hk” is a community-driven cyber security information sharing and collaborative platform that enables online relationships and connections among participating organisations (Members) for sharing cyber security information, such as cyber threats and vulnerabilities.

  • [Cybersec Wednesday] 釣魚欺詐網站? 分身術? 我們如何分辨?我們又該怎麼做?
    on March 30, 2022 at 9:57 am

    在這段疫情嚴峻期間,我們可能多了呆在家中,對於網絡的需求會比以前更大。我們會從網上留意疫情情況,我們會在網上挑選日常用品,我們甚至會藉著網絡「在家工作」及使用「網上銀行」 。網絡騙案也隨之普及起來。剛剛看到一份報章,有一個偽冒執法機構的釣魚欺詐網站,聲稱收件人曾經瀏覽一些網站,違反了相關的香港法例,要求該市民提供其信用卡資料以繳付罰款,否則便會被拘捕,其電子裝置的資料亦會被刪除。這類型的釣魚欺詐網站一般有以下特徵:手法簡單 – 他們會根據真正的網址作簡單改動,或者編寫一個跟真正網站有很高仿真度偽冒網站用作欺詐目的。特殊身份 – 他們會自稱是某些身份來引起瀏覽者的注意,例如:知名人士,千萬富翁,甚至是當地的執法者。對瀏覽者威逼利誘 – 這大致可分為兩類:回報和後果。前者是當瀏覽者跟隨網站的指示, 他將會得到可觀的報酬,如巨額獎金;後者則威嚇要他解決一些自身問題,例如是無中生有的法律責任。最終目的 – 網站會要求瀏覽者提供一些個人識別信息,如:信用卡資料、網上銀行密碼或是大額保証金。可疑?不可疑? 我們又怎樣分別可疑網站?顯示位址與導向位址相異 – 在釣魚郵件中,經常會看到顯示位址與導向位址不一樣的情形,誘使瀏覽者不為意便點擊下去,連接至釣魚網站。網址混淆技術 – 除了網址加工,或者是仿真網,他們會透過自訂的三級、四級域名,來制造出無限的釣魚欺詐網站。網站轉址問題 – 透過導向的網址直接連往導向的網址而非入口網站本身。縮址URL – 為了避免網址太長不利於記憶,縮址服務應運而生。但是透過提供縮址服務的網站將原本的網址縮短,讓騙徒可以有效地遮蔽原本可以從網址中看到的連結目的地。或許一般市民未有相關的資訊科技的知識去破解這是否一個釣魚網站,但其實也是可以冷靜去思考不同的細節,例如:瀏覽色情網站是否違法?(不知道的話,至少也去求證一下)該電郵只有英文版 (一般情況下,應該會有中英文對照)繳交罰款方法 (一般情況下,不會只有信用卡)網站中的Decree No. (去尋找一下這個法令到底是甚麼,大多寫是找不到的)Section 175 (其實也沒有寫明是那一條法例的Section 175)因為瀏覽色情網站而鎖電腦 (也太不合邏輯)在這麼多疑點的情況下,相信誰也想到應該先親自求證,不要胡亂交付罰款。而巿民也可使用守網者網站(https://cyberdefender.hk)內的「網絡釣魚詐騙搜尋器」查證,辨識網站的真偽。其實我們遇到可疑網站的資訊,最直接的方法,當然是聯絡相關機構,以確認資訊的真實性,我們才考慮下一步的行動。這不是更安全嗎?最後,再次提醒大家, 釣魚欺詐的危險,主要不是來自科技的發達,而是來自我們的心態。我們若是持有正確的態度,遇到可疑的網站,我們要停下來,想一想,才繼續走下去,我們就能避過釣魚欺詐的風險。網絡安全在很多方面還需要注意,如有任何疑問歡迎加入我們的 Cybersec Infohub 計劃,讓行業裏的網絡安全專家為您解決,如果您懷疑自己或公司的電腦被駭或有可疑的行為,亦請盡快聯絡網絡安全專家求助。關於 Cybersec Wednesday每逢星期三,HKIRC網絡安全團隊都會挑選一個網絡安全主題,以文章、貼士或最佳實踐的形式與大家分享。 請留意每週三的更新,定時掌握最新鮮的網絡安全資訊。 關連閱讀:<<[Cybersec Wednesday] 提防釣魚電郵 (Phishing Email) 資訊合集<<[Cybersec Wednesday] 網絡釣魚工具包新趨勢 釣魚網站威力大增其他文章:<<[Cybersec Wednesday]我使用安全產品被收購了?<<[Cybersec Wednesday] 開源系統Kubernetes為中小企帶來的潛在價值<<[Cybersec Wednesday] 源代碼的重要性?<<[Cybersec Wednesday] 新時代舊攻擊<<[Cybersec Wednesday] 資訊走進「多重宇宙」的準備<<[Cybersec Wednesday] 區塊鏈界「魷魚遊戲」,只有一人能存活嗎?<<[Cybersec Wednesday] 你能抵「礦」誘惑?<<[Cybersec Wednesday] 你的錢包是「冷」還是「熱」?<<[Cybersec Wednesday] 「借助NFT熱潮,黑客故技重施」<<[Cybersec Wednesday] 攻擊者的進化,不進行勒索但進行「挖礦」<<[Cybersec Wednesday] 您接受Cookie 嗎?<<[Cybersec Wednesday] 2022年網絡安全的八大趨勢<<[Cybersec Wednesday] 2022年網絡威脅趨勢整合<<[Cybersec Wednesday] 2021 網絡安全回顧<<[Cybersec Wednesday] People, Processes and Technology – How to improve our cyber resilience and our cyber incident management capability?<<[Cybersec Wednesday] 電動車網絡會是新的戰場?<<[Cybersec Wednesday] 你的手機安全嗎?<<[Cybersec Wednesday] 建立「網絡衛生」習慣的重要性<<[Cybersec Wednesday] 2021 年提升安全意識(二)<<[Cybersec Wednesday] 2021年提升安全意識(一)<<[Cybersec Wednesday] 當防毒軟件遇上不斷進化的攻擊<<[Cybersec Wednesday] 網絡安全 唯快不破<<[Cybersec Wednesday] 中小企業網站安全: 漏洞掃瞄<<[Cybersec Wednesday] 安全漏洞之CVE 和 CVSS<<[Cybersec Wednesday] 如何評估軟件供應商及外判商的產品安全<<[Cybersec Wednesday]「不怕遺失的密碼簿」<<[Cybersec Wednesday]「零點擊攻擊」<<[Cybersec Wednesday] 如何選擇合適的託管安全服務供應商<<[Cybersec Wednesday] 數碼私隱的真實價值:就是消費者出賣自己?<<[Cybersec Wednesday] 社交媒體及即時通訊軟件的實用保安貼士<<[Cybersec Wednesday] 通過「審查」,就能完全信任?<<[Cybersec Wednesday] 後疫情時代的網絡發展趨勢 – 零信任安全架構<<[Cybersec Wednesday] 如何保護你的雲基礎設施<<[Cybersec Wednesday] 勒索軟件進入網絡的七個途徑<<[Cybersec Wednesday] 發現電腦被勒索軟件加密了,第一時間該怎麼辦?<<[Cybersec Wednesday] 「邪惡的雙胞胎」網絡攻擊<<[Cybersec Wednesday] 10 個路由器的加固安全設定 (適合家用及中小型企業)<<[Cybersec Wednesday] 人工智慧對網絡信心的影響<<[Cybersec Wednesday] 如何保護你的網上商店<<[Cybersec Wednesday] e-Commerce支付卡產業資料安全標準 (二)<<[Cybersec Wednesday] e-Commerce支付卡產業資料安全標準 (一)<<[Cybersec Wednesday] 透過OSI model 去了解攻擊手法<<[Cybersec Wednesday]「DDoS」(分散式拒絕服務攻擊)<<[Cybersec Wednesday] 如何保護你的網絡存儲設備 (NAS)<<[Cybersec Wednesday] 中間人攻擊<<[Cybersec Wednesday] 資料是如何從網站外洩出去<<[Cybersec Wednesday] 加強網站應用保安的三大指令<<[Cybersec Wednesday] 當你的個人資料外洩時會發生什麼事?<<[Cybersec Wednesday] 如何判斷裝置已否被黑客入侵<<[Cybersec Wednesday] Six MUST KNOW Steps for Incident Handling – Recommended for SMEs<<[Cybersec Wednesday]「人為錯誤」如何破解看似完美的網絡保安方案<<[Cybersec Wednesday] 網上平台的安全保護<<[Cybersec Wednesday] 中小企的網絡保安小貼士<<[Cybersec Wednesday] 針對學校的資訊保安風險評估<<[Cybersec Wednesday] 本地備份與雲端備份,哪個方案適合您的學校?<<中小學對抗網絡風險 由系統強化做起

  • Sophos Firewall Remote Code Execution Vulnerability
    on March 30, 2022 at 7:36 am

    A vulnerability has been identified in Sophos Firewall. A remote user can exploit this vulnerability to trigger remote code execution on the targeted system. [Updated on 2022-03-30] CVE-2022-1040 is being exploited in the wild and the risk level is changed from medium risk to extremely high risk correspondingly.For details, please refer to:https://www.hkcert.org/security-bulletin/sophos-firewall-remote-code-execution-vulnerability_20220328

  • Trend Micro Research – A Floating Battleground: Navigating the Landscape of Cloud-Based Cryptocurrency
    on March 30, 2022 at 6:40 am

    Trend Micro has published a new research report “A Floating Battleground: Navigating the Landscape of Cloud-Based Cryptocurrency” which provides information on notable groups engaged in cloud-based cryptocurrency-mining attacks and show how their activities are just symptoms of wider security concerns. This research provides a unique glimpse into the activities of groups such as Outlaw, TeamTNT, Kinsing, 8220, and Kek Security, all of which are at the forefront of today’s cloud hacking wave.READ THE REPORT: https://www.trendmicro.com/vinfo/hk/security/news/cybercrime-and-digital-threats/probing-the-activities-of-cloud-based-cryptocurrency-mining-groups

  • Cyber Security Daily News 30/03/2022
    on March 30, 2022 at 6:32 am

    Cyber Security Daily News Industry News-網絡安全|香港律師會籲提防偽冒電郵香港律師會近期發現有人利用與該會域名相似的電郵帳戶「[email protected]」發放可能內含惡意檔案或連結的電郵,懷疑有人想冒用律師會名義作案。香港律師會會長提醒不要開啓任何可疑電郵或點擊內附檔案和連結,會方已向警方報案。 (Source: am730)Learn More -Officials confirm attempted cyberattack on Bradley International Airport websiteIt is officially confirmed an identified attempt of “distributed denial of service” to crash the website of Bradley International Airport. The website works normal now and no data breach occurred. No other impacted airport operation is reported in this case. (Source: news12)Learn More -25% Of Workers Lost Their Jobs In The Past 12 Months After Making Cybersecurity Mistakes: ReportA new study released by email security company Tessian found that one in four employees lost their job in the last 12 months after making a mistake that compromised their company’s security. In the research, it states that people are having higher possibilities to fall in advanced phishing scams. (Source: Forbes)Learn More

  • 【Google Chrome and Microsoft Edge users must update the browsers】
    on March 30, 2022 at 4:46 am

    Google and Microsoft have released emergency updates to fix a zero-day vulnerability (CVE-2022-1096) of Chromium engine used in their respective browser products Chrome and Edge. The vulnerability is now being exploited in the wild. In light of the large market share of Chromium based browser and most users have yet to update the browsers to the latest version, Google did not provide much detailed technical information in order to reduce the risk of further attacks by other hackers. Google only revealed that the vulnerability was related to Type Confusion in V8 JavaScript Engine. Type confusion vulnerability is usually exploited to cause logical errors in application memory, which allows hackers to run malicious code inside the application. HKCERT is urging users to update the relevant browsers to the latest version. For Google Chrome users, they should update to version 99.0.4844.84 or later, whereas for Microsoft Edge users, they should update to version 99.0.1150.55 or later. More information:https://www.hkcert.org/security-bulletin/microsoft-edge-remote-code-execution-vulnerability_20220328https://www.hkcert.org/security-bulletin/google-chrome-remote-code-execution-vulnerability_20220328 #HKCERT #Google Chrome #Microsoft Edge #ZeroDay #CVE20221096

Cybersechub.hk
Share This Information.

Leave a Reply

Your email address will not be published.