News

by Colin Yeung (OCIO)

ransomware
​ What is ransomware? [1] [2] Ransomware is a form of malicious software (malware) designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. By encrypting these files and demanding a ransom payment for the decryption key, cybercriminals place individuals ...

by Deep Batra

sophos logo 3
Anti-virus software is vital to help keep both University computers and your own personal computer secure. With this in mind, the Computing Services Centre (CSC) has performed rigorous due-diligence work to ensure the right product is chosen to address the upcoming challenges users face in the ...

by Joe Chow

zoom
Many departments organize public meetings and webinars (online seminar) using Zoom but they are not aware of any security measures for preventing intruders from disturbing their events. Like face-to-face seminars, it is possible to have guests (mostly uninvited guests) who may interrupt the meetings ...

by JUCC ISTF

phishing
/* The following article is extracted from the "Information Security Newsletter" published by the JUCC IS Task Force. */ Phishing refers to the malicious attack method by attackers who imitate legitimate companies in sending emails in order to entice people to share their passwords, credit card or ...

by JUCC ISTF

Top 10 Password Manager in 2011
/* The following article is extracted from the "Information Security Newsletter" published by the JUCC IS Task Force. */ Authentication is the process of identifying the authenticity of a user. It can be accomplished by means of a combination of login ID (identification) and password (authentication ...

by Cyril Ha

High Level Network Diagram with Admin Firewall added
Background​ Information System Security has been a key concern over the past many years as more and more business processes rely on Information Technology to operate. Alike many other organizations, the usual first line of defense would be Internet protection with security devices such as a ...

by JUCC ISTF

Eavesdropping and manipulation
/* The following article is extracted from the "Information Security Newsletter" published by the JUCC IS Task Force. */ More and more transactions are performed online. Thus, a secured connection has to be ensured between the server and the client. However, connection mainly requires just a server ...

by Yuki Tam (OCIO)

Multifactor Authentication
Over the past few decades, systems and their data were protected by usernames (IDs) and passwords. However, this is not considered as safe anymore. An attacker can impersonate a user easily when a password or the password database is stolen. Even if the passwords are safely kept, an attacker can ...

by Tony Chan

​ Since the first release of Windows 10 in July 2015, Microsoft has been providing feature updates for the operating system twice a year. Each version of Windows 10 was serviced with quality updates up to 18 months after its release. Users are strongly advised to upgrade their devices to the latest ...

by JUCC ISTF

/* The following article is extracted from the "Information Security Newsletter" published by the JUCC IS Task Force. */ In universities, some data have to be shared with students, staff, guests whereas others have to remain protected. At the same time, the number of data leak and unauthorized ...