Cybersechub.hk

RSS feed of Cybersechub.hk “Cybersechub.hk” is a community-driven cyber security information sharing and collaborative platform that enables online relationships and connections among participating organisations (Members) for sharing cyber security information, such as cyber threats and vulnerabilities.

  • Cyber Security Daily News 11/05/2021
    on May 11, 2021 at 8:05 am

    Cyber Security Daily News Industry News-疫情為非接觸式認證系統 帶來新機遇受到疫情的影響,人們對個人衛生的意識持續提高,有市場研究機構預測非接觸式的生物識別技術,包括利用手掌靜脈、虹膜、指紋、面部或語音等特徵來辨認個人身份的方法將會越來越盛行。當中手掌靜脈識別技術更有機會在未來在各行各業獲得廣泛採用。 (資料來源:香港經濟日報)Learn More -Is it still a good idea to require users to change their passwords?Microsoft has reportedly reversed a decades-long policy to require users to change their passwords on regular basis, which in fact does more harm than good in terms of enforcing a strong password policy. Since users tend to choose weak password or one similar with previous password when password change is frequently required, compromised password will lead to easier cyber-attack. There are still security advantages to requiring users to change their passwords periodically if it does not inadvertently weaken an organization’s security. (Source: Hacker News)Learn More -US and Australia warn of escalating Avaddon ransomware attacksThe Federal Bureau of Investigation (FBI) and the Australian Cyber Security Centers (ASCS) have issued a fresh warning of mounting Avaddon ransomware campaign against a broad array of sectors worldwide, including manufacturing, healthcare, finance, energy, and airlines, just to name a few. Apart from threatening the victim with double extortion, the ransomware gang also blackmails the victim with DDoS attacks. (Source: Bleeping Computer)Learn MoreSoftware Updates-Qualcomm Chip Bug Opens Android Fans to EavesdroppingCheck Point Research has discovered a bug, in a 5G modem chip (tracked as CVE-2020-11292 ) designed by Qualcomm and used in almost 40% of smart phones worldwide running the Android operating system. The vulnerability would allow attackers to inject malicious codes into a phone’s modem by SMS, execute custom codes remotely, open user’s call histories and text messages, as well as eavesdrop on the victim’s phone calls. Qualcomm has already issued a fix to users. (Source: Threat Post)Learn More

  • Cyber Security Daily News 10/05/2021
    on May 10, 2021 at 6:03 am

    Cyber Security Daily News Industry News-New Study: Consumers Will Now Drop A Merchant Over A Single Data BreachA joint study conducted by PYMNT and Nudata in May 2021 showed that U.S. consumers are becoming increasingly concerned and unforgiving towards online merchants who are caught in a payment fraud or leakage of customer data. Some 65% of the respondent answered that they will ditch the retailer even if there is just one such instance. (Source: PYMNTS)Learn More -Here’s the Breakdown of Cybersecurity Stats Only Law Firms Usually SeeA law firm specialized in data and privacy protection, BakerHostetler is revealing some interesting information typically restricted to discussions in the board room. 98% of the victims who paid the ransomware actors actually got their data back and 99% of these victims employed a third-party specialist to handle the negotiation. (Source: SC Magazine)Learn More Software Updates-WhatsApp最後通牒 用戶不接受新政策有何後果?距離WhatsApp的修訂用戶私隱政策的生效日期5月15日只剩下數天時間,有報導就為用戶總結了不接受新政策的後果。首先,WhatsApp並不會刪除用戶的帳號,但會偶然彈出提示視窗,用戶最初還是可以收到通話和訊息通知,但就無法閱讀和發送訊息,數星期後,提示視窗會變成持續顯示,而WhatsApp亦會停止為該用戶接收及發送通話與訊息。決定不接受新條款的用戶可以選擇退出WhatsApp並刪除所有數據。 (資料來源:香港經濟日報)Learn MoreCybersecurity Incidents-Major U.S. Pipeline Crippled in Ransomware AttackA major U.S. pipeline company supplying some 45% of the liquid fuels consumed in the East Coast was forced to shutdown its pipeline activities after it was reportedly being hit by ransomware. It is still not clear whether the company shutdown the pipelines to curb the spread of the ransomware in its IT systems or the malware actually crippled the operational technology (OT) systems supporting the pipeline operations. (Source: Threat Post)Learn More

  • Cyber Security Daily News 07/05/2021
    on May 7, 2021 at 6:33 am

    Cyber Security Daily News Industry News-InternetNZ has disclosed a vulnerability that can be weaponized against authoritative DNS serversA new vulnerability against authoritative DNS servers has been disclosed by InternetNZ. The vulnerability, called TsuNAME, was noticed in February 2020 in the .nz registry, the vulnerability could be exploited to carry out Denial-of-Service (DoS) attacks across the world. Public DNS including Google and Cisco are among the main affected parties but they are now fixed. (Source: Circle ID)Learn More -New hires speak out about cybersecurity job expectationsAccording to a new research from (ISC)2, there are often unrealistic expectations among employers when filling cybersecurity jobs. Companies not even know what skills they are looking for, or the most important skills that are required for their particular needs. The study interviewed 1,024 respondents, many of them said they felt like they were on their own doing during first years. Based on these respondents’ experienced, the (ISC)2 study offers an outline of 10 strategies, most notably, the need to foster mentorship within the organization. (Source: Security Boulevard)Learn More Software Updates-微軟內建防毒軟件現詭異漏洞 產生逾千萬小檔案塞爆儲存空間微軟Windows系統內建的防毒軟件Windows Defender出現奇怪漏洞,產生逾千萬個小檔案,每個檔案大小約為0.6-2KB之間,佔據用家電腦的大量儲存空間。據Bleeping Computer報道,微軟暫未解釋原因,但已推出最新的版本讓用戶更新。用戶也可以自行檢查Windows Defender資料夾內,是否有這些異常檔案。 (資料來源:香港經濟日報)Learn MoreCybersecurity Incidents-A student pirating software led to a full-blown Ryuk ransomware attackA student was attempting to pirate an expensive data visualization software that led to a Ryuk ransomware attack at a European biomolecular research institute. The institute lost a week’s worth research data and a week-long network outage as servers rebuilt and data restored are required. After performing forensics, student was found downloading trojan-infected data visualization software from a warez site. (Source: Bleeping Computer)Learn More

  • Cyber Security Daily News 06/05/2021
    on May 6, 2021 at 6:45 am

    Cyber Security Daily News Industry News-醫管局日收逾10萬網絡攻擊醫院管理局表示,過去5年內部電郵系統收到的網絡電郵攻擊,由約2,000萬宗,急增逾一倍至超過5,000萬宗,平均每日收到10萬多宗攻擊。局方將增加網絡安全策略,包括加強保護數據、增強網上保安洞察力、建立有效的風險管理及意識及確保重要資訊網絡基礎設施的穩定性和標準性。(資料來源:東方日報)Learn More-Attackers Seek New Strategies to Improve Macros’ EffectivenessAccording to the findings from Sophos, Microsoft documents have embedded with malicious macros, it has resurged as a vector to infected systems. The use of malicious macros to infect Windows grew significantly, more than a third of malicious attachments in the second half of 2020, and in last September it accounts for almost 80% of malicious attachments. (Source: Dark Reading)Learn More -Unpatched and unprotected: more than 80,000 PHP servers are vulnerable to cyberattacksA recent investigation conducted by CyberNews on the numbers of vulnerable PHP web servers in the wild has ended in eye-opening results. Over 80,000 servers still running on outdated version of PHP. The two most common known vulnerabilities, shared by all the servers we discovered, are CVE-2015-4000 and CVE-2015-0204. Many developers are unwilling to update their PHP versions due to the risks of break features and lead to code instability. However, a single web server running an unpatched version of PHP can impact its users seriously, therefore using the most recent version of PHP is highly highly recommended. (Source: Cyber News)Learn More Software Updates-Cisco bugs allow creating admin accounts, executing commands as rootCisco has fixed three critical-severity software security flaws in SD-WAN vManage and HyperFlex HX that could enable unauthenticated remote attackers to execute commands as root, create rogue admin accounts, access sensitive information, or perform command injection attacks. The company also issued security updates to address high and medium severity vulnerabilities in other software products. (Source: Bleeping Computer)Learn More

  • Cyber Security Daily News 05/05/2021
    on May 5, 2021 at 8:52 am

    Cyber Security Daily News Industry News-網上盜取信用卡資料購買電話 港澳聯手打擊信用卡騙案最近有不少網上欺詐案發生,疑犯透過不同途徑盜取事主資料,包括從電腦系統洩漏事件中流出的信用卡資料等,再在網上購買名貴衣物、電子產品、禮品卡等,不少事主損失慘重。早前港澳聯手打擊此類盜用騙案,作出拘捕行動。(資料來源: unwire.hk)Learn More -針對RDP等漏洞入侵 勒索軟件攻擊索款又升根據網絡安全公司 Coveware 的季度勒索軟件報告,今年首三個月的平均勒索款額比去年最後三個月的為高,平均勒索款額為 220,298 美元。在入侵手法方面,幾乎一半都涉及遠端桌面通訊協定(Remote Desktop Protocol, RDP)及軟件漏洞。軟件漏洞更常被利用作滲透網絡,其中以 VPN 應用程式為多。 (資料來源:Wepro180)Learn More  -More Companies Adopting DevOps & Agile for SecurityAccording to a recent survey, more than two-third of the software development methodologies were adopting DevOps and agile for security. Besides, the overall security outlook among developers increased significantly over the past year with 72% of the respondents calling their organisation’s security either “good” or “strong”, increased 59% from the previous year. Almost 4,300 respondents with software-and DevOps-related disciplines completed the survey in Feb and Mar 2021. (Source: Dark Reading)Learn MoreSoftware Updates-Hundreds of Millions of Dell Users at Risk from Kernel-Privilege BugsResearchers recently discovered that there are five high-severity security flaws in Dell’s firmware update driver, these flaws are affecting potentially hundreds of millions of Dell desktops, laptops, notebooks and tablets. These bugs have gone undisclosed for 12 years, and are jointly tracked as CVE-2021-21551, and they carry a CVSS vulnerability-severity rating of 8.8 out of 10. In response to the bugs, Dell has issued patches, available in Dell Security Advisory DSA-2021-088. (Source: Threat Post)Learn More

Share This Information.

Leave a Reply

Your email address will not be published. Required fields are marked *