StormEye Security Solution

Cybersecurity Statistics

5%
Of companies’ folders are properly protected, on average
43%
Of breach victims were small business
4.1
billion records of data breaches exposed in the first half of 2019

Why StormEye Cybersecurity?

 

In this ever-changing world, cyber threats are constantly evolving. It is getting smarter and more sophisticated which poses a threat to your enterprises’safety. Cyber risks such as hacking, data leaking, and phishing may happen. StormEye balances the benefit of a rapidly growing digital economy while endeavor to secure cybersecurity. We protect your cyber safety from providing a one-stop service from prevention to solution.

CONTACT US

Cybersecurity Health Assessment

Provide an overview of your enterprise’s cyber health by analysing activities that may indicate threat

Read more

Penetration Test

Evaluate vulnerabilities on workstations and network system and identify potential risks and data leakage

Read more

Security Information and Event Management (SIEM)

Provide real time analysis of security alert generated by applications and network hardware

Read more

Cybersecurity Training

Raise employees cybersecurity awareness by participating in cybersecurity training

Read more

Incident Response

Examine attack and give recommendations on cybersecurity solutions

Read more

How can we help you?

GDPR Finally Comes

What happens if cooperate data has been leaked?

According to the GDPR, a personal data breach occurs when there’s a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data processed. If this happens, the organization holding the personal data must notify the supervisory authority without undue delay. If the personal data breach is likely to result in a high risk to your rights and freedoms and the risk hasn’t been mitigated, then you, as an individual, must also be informed. – ec.europa.eu – GDPR, European Commission

  • Articles 32,  to 34 and Recitals (85) to (88) of the GDPR

Professional Team

Self Develop Solution

Transparent & honest

``NexGen Threat Detection & Prevention System ``

Blog

Stormeye 資安週報 (5/5/2019 ~ 11/5/2019)

以色列Israel Defense Forces (IDF) 發射導彈炸毀黑客建築物以色列政府的軍方部隊 Israel Defense Forces (IDF) 日前發射導彈炸毀有指是哈馬斯黑客份子 (Hamas cyber operatives)基地的建築物,並宣稱成功停止黑客入侵及瓦解該黑客組織。此事有指為世界第一個開打網路戰的第一彈,但同時被質疑軍方消息是否可靠及是否確定黑客份子正處於該建築物而非使用被入侵並用作跳板的受害者電腦。 WordPress 插件 WPGraphQL 發現有嚴重漏洞受影響軟件: WPGraphQL, WordPress plugin受影響版本: 0.2.3WordPress 插件 WPGraphQL 被發現有不需要經過授權能執行管理員指令,可導致黑客全權接管網站,建議馬上更新插件到最新版並檢查網站日誌和可疑行為。 WordPress 正式發佈 5.2 版本 加強安全性及自動更新新版本Wordpress 正式發佈,此版本將加上自動更新功能,為Wordpress網站自動更新到最新版本以防止有任何因為未更新Wordpress而帶來的危機。為保障此自動更新功能的可靠性,Wordpress官方亦加上加密功能去確保更新伺服器回傳的檔案並未有被修改。同時官方亦簡介一下在5.3或5.4版本中會加入插件自動更新功能及Code signing,以確保插件安全。 Biance 幣安 再次被駭 盜走7,000枚比特幣(Bitcoin)相關交易資料: https://www.blockchain.com/btc/tx/e8b406091959700dbffcff30a60b190133721e5c39e89bb5fe23c5a554ab05eaBiance 幣安 宣佈 8May2019 發現一起黑客入侵,黑客疑似在入侵前已獲取了大量使用者的API密鑰及個人資料,同時亦能繞過雙重認證檢查,估計是一起帶針對性的釣魚攻擊。事件中有7,000…

Read more

ECShop 漏洞 2018年9月

ECShop 漏洞 黑客可通過WEB攻擊直接獲得服務器權限 阿里雲應急中心在實測中證實。 ECShop全部版本(包括2.x、3.0.x、3.6.x)均存在遠程代碼執行漏洞。 阿里雲態勢感知數據研究中心監控數據顯示,該漏洞容易使用,可以造成的破壞強,並已經發現入侵跡,需要用戶進行修補。 include/lib_insert.php中,以下兩個Var的定義容許非特定類型輸入。 $arr[id] $arr[num] 導致可以在未登入情況下修改並注入木馬 #定義 #漏洞 #網絡保安#SOC

Read more

最新監察及評估要求

證監早在上年十月已公佈有關網絡保安的指引。當中,除左一般公司都可以應付的危機處理機制、正確建立系統外,Stormeye的網絡監察就可以幫持牌公司:2.5 偵測關鍵系統伺服器及工作站內的惡意應用程式及惡意軟件。3.1(e) 審視內部和外部稽查及網絡保安檢視所識別出的重大發現;批准作出補救行動及監察有關工作直至行動完成為止;3.1(f) 監察及評估最新的網絡保安威脅及攻擊; 證監會及金管局處理與互聯網交易相關的黑客入侵,以下為連結 https://www.sfc.hk/edistributionWeb/gateway/TC/news-and-announcements/news/doc?refNo=17PR133#證監2018年9月3日 SM Lam 

Read more