InfoSec NEWS FEEDS

ngCERT Advisory 19-years-old WinRAR vulnerability leads to over 100 malware exploits

  • Advisory

Windows BlueKeep Vulnerability

  • Vulnerability

National Cybersecurity Capacity Review for Nigeria

  • Event

Most Commonly Used Passwords in Nigeria

  • Article

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

  • Feed

Contact us

+2349055554499
Send us a message
incident@cert.gov.ng, PGP Key ID:bff035583da678b1
Visit us
Report
Incidents, Vulnerabilities, Phishing or Maliciousware

WELCOME TO NIGERIA COMPUTER EMERGENCY RESPONSE TEAM (ngCERT)

The Nigeria Computer Emergency Response Team has the mission to achieve a safe, secure and resilient cyberspace in Nigeria that provides opportunities for national prosperity. ngCERT is
established to prepare, protect, and secure the Nigerian cyberspace in anticipation of
attacks, problems, or events. ngCERT is saddled with the responsibility of
reducing the volume of future incidents.

PREPARATION

Incident Response Plan

IDENTIFICATION

What is the Incident?

CONTAINMENT

Contain the Issue immediately

INVESTIGATION

Determine the cause of the incident

ERADICATION

Get Rid of the issue

RECOVERY

Restore service as fast as possible

InfoSec Feeds
Alerts & Advisories

Beware of Black Friday Shopping Scams. The end-of-year holiday season has hitherto witnessed an increase in the number of Black Friday advertisements providing attractive discounts for cheaper purchases of goods and services. However, it is pertinent to note that unsuspecting online shoppers could be targets of cyber attacks disguised as genuine retail brands offering mouth-watering Black Friday deals. Cybercriminals take advantage of the Black Friday frenzy by setting up fake websites in order to trick unsuspecting customers into sharing sensitive information. Reports by Trend Micro disclosed that the month of October alone witnessed nearly 35,000 Black Friday scam-related sites seeking to lure victims for further exploitation. Accordingly, it is advised that online shoppers and retailers alike should emplace necessary security measures to mitigate Black Friday cyberscams.

  • Advisory
  • November 24, 2023

Security Alert For Google Chrome and Apple Users

November 21, 2023

Cloud Storage Misconfiguration Threats

October 13, 2023

Fake YouTube Android Apps Used to Spread Malware

September 29, 2023

Malicious Advertising Campaign Distributing Info-Stealer Malware. Cybercriminals are continuously looking for and developing new ways to disseminate malware, with the most recent option being through malicious advertisements. These malicious advertising, or malvertising campaign are used to spread .NET loaders, known as MalVirt, that deploy information-stealing malware unto unsuspecting devices. Malvertising is a relatively recent hacking strategy that embeds harmful malware in digital advertisements. Almost every internet user is vulnerable to infection.

  • Advisory
  • September 19, 2023

Criminals Using SIM Swapping Attack to Steal Millions of Dollars from the Public

August 31, 2023

Multiple Critical Vulnerabilities Reported in CODESYS V3 SDK

August 16, 2023

New Method of Deploying Malware on Google Play Store

August 10, 2023

[THREAT ALERT]: PLANNED ATTACKS ON NATION’S CRITICAL INFORMATION INFRASTRUCTURES BY “ANONYMOUS SUDAN” HACKING GROUP AGAINST NIGERIA. Anonymous Sudan on the 1st of August, 2023 announced via their Telegram channel of planned cyber attacks against critical information infrastructures in Nigeria, following Nigeria’s role and involvement in ECOWAS recent directives to the Niger Military in the process of restoring power to the democratically elected government of Niger Republic.

  • Advisory
  • August 2, 2023

Advisory On Preventing Web Application Access Control Abuse

August 1, 2023

Advisory on Recent Kenyan Critical Information Infrastructure DDoS Attack

July 28, 2023

Hijacked Microsoft IIS Servers Used to Distribute Malware

July 27, 2023

Android Smartphones Vulnerable to Fingerprint Brute Force Attacks. A new method of bypassing user authentication on smartphones running the Android, HarmonyOS, and iOS operating systems has been discovered. The method has been dubbed 'BrutePrint' by its discoverers, Tencent Labs and Zhejiang University, because it employs brute force attacks to crack modern smartphone authentication mechanisms such as fingerprints to bypass user authentication and take control of the device.

  • Advisory
  • July 24, 2023

Watering Hole Attacks

July 23, 2023

Critical Vulnerability Discovered in Popular WordPress Plugin

July 22, 2023

Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability

July 21, 2023

ngCERT Advisory Microsoft Exchange 2013 and Newer are vulnerable to NTLM relay attacks. ngCERT Advisory Microsoft Exchange 2013 and Newer are vulnerable to NTLM relay attacks

  • Advisory
  • July 21, 2023

ngCERT Advisory 19-years-old WinRAR vulnerability leads to over 100 malware exploits

July 21, 2023

ngCERT Advisory on Scranos Malware

July 21, 2023
Vulnerabilities

Intel Chips Vulnerability. Millions of computers powered by Intel processors are affected by vulnerabilities that can be exploited by malicious actors to obtain potentially sensitive information. The side-channel attack methods, named ZombieLoad, Rogue In-Flight Data Load,(RIDL) and Fallout, are similar to the notorious Meltdown and Spectre. The attack methods work against both PCs and cloud environments, and they can be launched against most Intel CPUs.

  • Vulnerability
  • September 29, 2023

ESXi Remote Code Execution Vulnerability

July 21, 2023

Windows 10 Task Scheduler Zero-Day Vulnerability

July 21, 2023

Windows BlueKeep Vulnerability

July 21, 2023
Resources
NIGERIA DATA PROTECTION ACT, 2023

An Act to provide a legal framework for the protection of personal information, and ...

Cybercrimes (prohibition, Prevention etc) Act, 2015

The Act provides an effective, unified and comprehensive legal, regulatory and institutional framework for...

National Cybersecurity Policy and Strategy

National Cybersecurity Policy and Strategy...

Videos
List

Here is a short youtube video showing tips on how to stay safe online

4 months ago

Top Safe web surfing tips for kids

4 months ago

An informative video about internet safety tips for teens

4 months ago
Collaborations & Membership
antiphishing.ng

"Antiphishing.ng Project is a collaborative effort to create a community driven public repository about phishing that works to build additional tools to benefit the security community at large."

tunCERT

"tunCERT is the National CERT of the Tunisian government under the National Agency for Computer Security. tunCERT is one of the CERT that graciously partook in pioneering ngCERT"

FiRST

"FIRST is a recognized global leader in incident response that brings together a variety of computer security incident response teams from government, commercial, and educational organizations."

Team Cymru

"Team Cymru was formed in 1998 to learn the "who and why" of malicious Internet activity. This focus on attribution resulted in the uncovering of the "what, when, where, and how" of online malevolence"

Copyright © 2019 | Designed by ngCERT