ngcert | Home

Friday, Apr 03, 2020
Abuja, NG 19°C
Contact us
About us
FAQ

InfoSec NEWS FEEDS

Keynote Excerpts From the speech delivered by National Security Adviser during the recent lunching of the National Security Strategy

Article

National Cybersecurity Capacity Review for Nigeria

Event

ngCERT Advisory 19-years-old WinRAR vulnerability leads to over 100 malware exploits

Advisory

Windows BlueKeep Vulnerability

Vulnerability

Critical Android Bluetooth Bug Enables RCE, No User Interaction Needed

Feed

WELCOME TO NIGERIA COMPUTER EMERGENCY RESPONSE TEAM (ngCERT)

The Nigeria Computer Emergency Response Team has the mission to achieve a safe, secure and resilient cyberspace in Nigeria that provides opportunities for national prosperity. ngCERT is
established to prepare, protect, and secure the Nigerian cyberspace in anticipation of
attacks, problems, or events. ngCERT is saddled with the responsibility of
reducing the volume of future incidents.

PREPARATION

Incident Response Plan

IDENTIFICATION

What is the Incident?

CONTAINMENT

Contain the Issue immediately

INVESTIGATION

Determine the cause of the incident

ERADICATION

Get Rid of the issue

RECOVERY

Restore service as fast as possible

InfoSec Feeds

Choosing the right disaster recovery for your business

Feeds
February 10, 2020

Security Think Tank: Zero trust is complex, but has rich rewards

February 10, 2020

Security Think Tank: No trust in zero trust need not be a problem

February 7, 2020

Joaquin Phoenix’s Joker is ‘most dangerous’ movie

February 7, 2020

RobbinHood ransomware tricks Windows into deleting defences

Feeds
February 7, 2020

Critical Android Bluetooth Bug Enables RCE, No User Interaction Needed

February 7, 2020

Wacom Tablet Data Exfiltration Raises Security Concerns

February 7, 2020

Magecart Gang Attacks Olympic Ticket Reseller and Survival Food Sites

February 7, 2020

Phishing Campaign Targets 250 Android Apps with Anubis Malware

Feeds
February 7, 2020

Critical Citrix RCE Flaw Still Threatens 1,000s of Corporate LANs

February 7, 2020

Google Chrome To Bar HTTP File Downloads

February 7, 2020

The RSAC 2020 Trend Report

February 6, 2020

Charming Kitten Uses Fake Interview Requests to Target Public Figures

Feeds
February 6, 2020

Metamorfo Returns with Keylogger Trick to Target Financial Firms

February 6, 2020

Stressed, overworked CISOs losing £23k a year in unpaid overtime

February 6, 2020

U.S. Finance Sector Hit with Targeted Backdoor Campaign

February 6, 2020

Security Think Tank: Zero trust is not the answer to all your problems

Feeds
February 5, 2020

IoT network flaw left Philips Hue bulbs open to attack

February 5, 2020

Check Point pledges end to security updates

February 5, 2020

Web app ubiquity gives cyber criminals new opportunities

February 5, 2020

Scammers using fake PayPal emails stole over £1m in the UK in last quarter

Feeds
February 5, 2020

Darktrace signs to McLaren for 2020 F1 season

February 5, 2020

Acronis CEO bullish as specialist goes beyond backup

February 4, 2020

The fight against cyber crime: Why cooperation matters

February 4, 2020

Podcast: The Computer Weekly Downtime Upload – Episode 45

Feeds
February 4, 2020

MI5 faces court ruling over unlawful surveillance warrants

February 4, 2020

Security Think Tank: Facing the challenge of zero trust

February 4, 2020

Brexit messes up IT project plans

February 3, 2020

NHS adds supplier security audits to procurement platform

Feeds
February 3, 2020

Security Think Tank: Zero trust – just another name for the basics?

February 3, 2020

4 factors that should shape a BYOD mobile policy

January 3, 2020

quantum supremacy

November 26, 2019

What is Cybersecurity? Everything You Need to Know

Feeds
October 16, 2019

Certified Information Systems Auditor (CISA)

August 22, 2019

Lack of U.S. cryptocurrency regulation invites risk

August 19, 2019

How to detect and defend against a TCP port 445 exploit and attacks

August 15, 2019

Azure AD Premium P1 vs. P2: Which is right for you?

Feeds
August 14, 2019

What's the best way to approach multi-cloud security?

July 26, 2019

Construct a solid Active Directory password policy

July 19, 2019

Zoom vulnerability reveals privacy issues for users

July 12, 2019

How to fix the top 5 cybersecurity vulnerabilities

Feeds
June 28, 2019

Top 10 types of information security threats for IT teams

June 28, 2019

How to fix the top 5 cybersecurity vulnerabilities

June 28, 2019

IPsec vs. SSL VPN: Comparing speed, security risks and technology

June 26, 2019

New options to enable remote access in the network

Feeds
April 24, 2019

Mobile security trends: app containers, app wrapping for BYOD

November 2, 2018

Trojan.AndroidOS.Loapi: What is this jack-of-all-trades malware?

July 20, 2018

Zealot campaign: How is the Apache Struts vulnerability used?

July 19, 2018

Domain fronting: Why cloud providers are concerned about it

Feeds
July 19, 2018

Digimine bot: How does social media influence cryptojacking?

July 18, 2018

Accenture's Justin Harvey explains why cyber attribution isn't important

July 17, 2018

Spider ransomware: How do ransomware attacks differ?

July 17, 2018

An introduction to ICS threats and the current landscape

Feeds
July 17, 2018

Android vulnerability: How can users mitigate Janus malware?

July 16, 2018

What's the best way to mitigate the risk of GPU malware?

December 7, 2015

Millions left at risk as Android Stagefright fix pushed to September

August 18, 2015

Web monitoring software helps keep employees honest

Feeds
July 7, 2015

Fobber: Drive-by financial malware returns with new tricks

July 1, 2015

Samsung vulnerability affects up to 600 million Android devices

June 17, 2015

From the frontlines: Horror stories on information breach response

June 11, 2015

After Windows Server 2003 end of life: An emergency action plan

Feeds
June 5, 2015

IRS breach shows the importance of PII security

May 29, 2015

Is paying the ransom the only way to remove ransomware?

May 26, 2015

Google changes Chrome extension policy amid security concerns

May 20, 2015

Comparing the top SSL VPN products

Feeds
April 28, 2015

Insider threat programs need people, not technology

April 28, 2015

To protect privileged users, consider using least privilege principle

March 5, 2014

Web browser protection for users: Adapting to new Web security threats

March 5, 2014

Surviving cyberwar: Preparing for APTs, Stuxnet malware-style attacks

Feeds
July 31, 2012

Crisis Trojan, new Mac OSX Trojan, considered a low risk for now

July 25, 2012

Alerts & Advisories

ngCERT Advisory on Scranos Malware. Scranos is a Trojan horse that steals information from the compromised computer. It may also download potentially malicious files. Scranos cloaks itself as cracked software or apps that pose as legitimate programs, such as ebook readers, video players, drivers, and even security products. Upon execution, a rootkit driver is installed to hide the malware.

Advisory
February 10, 2020

ngCERT Advisory 19-years-old WinRAR vulnerability leads to over 100 malware exploits

February 10, 2020

ngCERT Advisory Microsoft Exchange 2013 and Newer are vulnerable to NTLM relay attacks

February 10, 2020

Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability

February 10, 2020

ngCERT VMware Tools vulnerability. A vulnerability in VMware Tools is a functionality that was removed from VMware Tools 11.0.0 and it has been determined to affect VMware Tools for Windows version 10.x.y.

Advisory
January 16, 2020

Vulnerabilities

Windows 10 Task Scheduler Zero-Day Vulnerability. Microsoft Windows Task Scheduler is a set of Microsoft Windows components that allows for the execution of scheduled tasks. The exploit "functions reliably on 32- and 64-bit Windows 10 platforms, as well as Windows Server 2016 and Windows Server 2019.

Vulnerability
February 10, 2020

Intel Chips Vulnerability

February 10, 2020

Windows BlueKeep Vulnerability

February 10, 2020

ESXi Remote Code Execution Vulnerability

February 10, 2020

Resources

Action Plan for the Implementation of the National Cybersecurity Strategy

READ MORE & DOWNLOAD

Considering the national doctrines and principles on security, and the inter-connected nature of ICT...

Cybercrimes (prohibition, Prevention etc) Act, 2015

READ MORE & DOWNLOAD

The Act provides an effective, unified and comprehensive legal, regulatory and institutional framework for...

National Cybersecurity Policy and Strategy

READ MORE & DOWNLOAD

National Cybersecurity Policy and Strategy...

Videos

List

Collaborations & Membership

antiphishing.ng

"Antiphishing.ng Project is a collaborative effort to create a community driven public repository about phishing that works to build additional tools to benefit the security community at large."

tunCERT

"tunCERT is the National CERT of the Tunisian government under the National Agency for Computer Security. tunCERT is one of the CERT that graciously partook in pioneering ngCERT"

FiRST

"FIRST is a recognized global leader in incident response that brings together a variety of computer security incident response teams from government, commercial, and educational organizations."

Team Cymru

"Team Cymru was formed in 1998 to learn the "who and why" of malicious Internet activity. This focus on attribution resulted in the uncovering of the "what, when, where, and how" of online malevolence"