HKCERT “Hong Kong Security Watch Report” 2022 Q2 is Now Available

Local Phishing Websites Up 524% Quarter-by-Quarter

(Hong Kong, 15 August 2022) The latest quarterly report of the Hong Kong Security Watch Report compiled by the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) under the Hong Kong Productivity Council has just been released. This report not only provides data on Hong Kong’s networked systems that were found to have suffered or participated in various types of cyber attacks in the past quarter, but will also review major security incidents that have occurred during the period and explore hot security topics with easy-to-implement security advice with an aim to improve public’s information security posture and enhance their security resilience capabilities.

Major highlights of the latest issue include:

The number of unique URL involved in phishing events in 2022 Q2 rose by 524% compared to Q1. As most of the URLs are similar, it is believed that hackers may have used automated tools to generate and register a large number of domains and set up phishing websites in a short period of time;
In recent years, some in the cyber security sector have suggested that only “Zero Trust” can ensure security for everyone. What is “Zero Trust”? How can we implement it?
Often before launching cyber attacks, hackers will do some reconnaissance and research to collect intelligence. So what are the common methods they apply for such purpose? And
Recently, a new version of QBot malware is using a security vulnerability found in Microsoft Support Diagnostic Tool to try to deliver its malware through a large-scale phishing email attack. In this regard, HKCERT conducted an analysis of the whole attack chain and the operation behind it.

For the full report, please click the below link:

https://www.hkcert.org/watch-report/hong-kong-security-watch-report-q2-2022

For information security related incidents, for example, ransomware, phishing, denial of service attack, etc., please report to HKCERT through its online Incident Report Form at https://www.hkcert.org/incident-reporting. For other enquiries, please contact HKCERT by email: hkcert@hkcert.org or call its 24-hour hotline: 8105 6060.

Comments are closed.