RSS HKCERT

  • Microsoft Edge Multiple Vulnerabilities July 26, 2024
    Multiple vulnerabilities were identified in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution and sensitive information disclosure on the targeted system. Impact Remote Code Execution Denial of Service Information Disclosure System / Technologies affected Microsoft Edge (Stable) prior to 127.0.2651.74 Solutions Before installation […]
  • ISC BIND Denial of Service Vulnerabilities July 25, 2024
    Multiple vulnerabilities were identified in ISC BIND. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition on the targeted system. Impact Denial of Service System / Technologies affected BIND version 9.11.0 to 9.11.37 BIND version 9.16.0 to 9.16.50 BIND version 9.18.0 to 9.18.27 BIND version 9.19.0 to 9.19.24 BIND Supported […]
  • Malware Attacks Alert - Malicious Malware Activities in the Theme of CrowdStrike Outage Event July 25, 2024
    Solutions HKCERT urges the public to be vigilant against the phishing attacks and recommends that users should:   Apply remediation methods provided by official websites (Such as remediation methods provided by CrowdStrike) Obtain software patch update from trusted source (Such as recovery tool provided by Microsoft) Check website certificates on download page to ensure legitimate source, […]
  • Google Chrome Multiple Vulnerabilities July 24, 2024
    Multiple vulnerabilities were identified in Google Chrome. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution and denial of service condition on the targeted system.   Impact Remote Code Execution Denial of Service System / Technologies affected Google Chrome prior to 127.0.6533.72 (Linux) Google Chrome prior to 127.0.6533.72/73 (Mac) Google Chrome […]
  • Phishing Alert - Phishing Campaigns and Other Malicious Activities in the Theme of CrowdStrike Outage Event July 22, 2024
    Solutions HKCERT urges the public to be vigilant against the phishing attacks and recommends that users should:   Apply remediation methods provided by official websites (Such as remediation methods provided by CrowdStrike) Obtain software patch update from trusted source (Such as recovery tool provided by Microsoft) Should not click any links from untrusted sources, such as […]
  • CrowdStrike Denial of Service Alert July 19, 2024
    On 19 Jul 2024, CrowdStrike Falcon Sensor caused crashes on Windows hosts. Windows hosts running on cloud such as Azure, AWS, etc. are also affected. The symptoms include hosts experiencing a bugcheck\blue screen error.   Threat actors has been observed taking advantage... Impact Denial of Service System / Technologies affected CrowdStrike Falcon Sensor for Windows […]
  • Microsoft Edge Multiple Vulnerabilities July 19, 2024
    Multiple vulnerabilities were identified in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition and remote code execution on the targeted system. Impact Remote Code Execution Denial of Service System / Technologies affected Microsoft Edge (Stable) prior to 126.0.2592.113 Solutions Before installation of the software, please visit […]
  • Apache HTTP Server Multiple Vulnerabilities July 19, 2024
    Multiple vulnerabilities were identified in Apache HTTP Server. A remote attacker could exploit some of these vulnerabilities to trigger security restriction bypass and sensitive information disclosure on the targeted system. Impact Security Restriction Bypass Information Disclosure System / Technologies affected Apache HTTP Server versions 2.4.60 through 2.4.61 Solutions Before installation of the software, please visit […]
  • Cisco Products Multiple Vulnerabilities July 18, 2024
    Multiple vulnerabilities were identified in Cisco products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service, remote code execution, elevation of privilege and data manipulation on the targeted system. Impact Denial of Service Remote Code Execution Elevation of Privilege Data Manipulation System / Technologies affected Cisco AsyncOS for Secure Email […]
  • Oracle Products Multiple Vulnerabilities July 17, 2024
    Multiple vulnerabilities were identified in Oracle Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, sensitive information disclosure, data manipulation and security restriction bypass on the targeted system. Impact Denial of Service Security Restriction Bypass Information Disclosure Data Manipulation System / Technologies affected Oracle MySQL Java SE Oracle Database […]