The Nigeria Computer Emergency Response Team has the mission to achieve a safe, secure and resilient cyberspace in Nigeria that provides opportunities for national prosperity. ngCERT is
established to prepare, protect, and secure the Nigerian cyberspace in anticipation of
attacks, problems, or events. ngCERT is saddled with the responsibility of
reducing the volume of future incidents.
Incident Response Plan
What is the Incident?
Contain the Issue immediately
Determine the cause of the incident
Get Rid of the issue
Restore service as fast as possible
Beware of Black Friday Shopping Scams. The end-of-year holiday season has hitherto witnessed an increase in the number of Black Friday advertisements providing attractive discounts for cheaper purchases of goods and services. However, it is pertinent to note that unsuspecting online shoppers could be targets of cyber attacks disguised as genuine retail brands offering mouth-watering Black Friday deals. Cybercriminals take advantage of the Black Friday frenzy by setting up fake websites in order to trick unsuspecting customers into sharing sensitive information. Reports by Trend Micro disclosed that the month of October alone witnessed nearly 35,000 Black Friday scam-related sites seeking to lure victims for further exploitation. Accordingly, it is advised that online shoppers and retailers alike should emplace necessary security measures to mitigate Black Friday cyberscams.
Malicious Advertising Campaign Distributing Info-Stealer Malware. Cybercriminals are continuously looking for and developing new ways to disseminate malware, with the most recent option being through malicious advertisements. These malicious advertising, or malvertising campaign are used to spread .NET loaders, known as MalVirt, that deploy information-stealing malware unto unsuspecting devices. Malvertising is a relatively recent hacking strategy that embeds harmful malware in digital advertisements. Almost every internet user is vulnerable to infection.
[THREAT ALERT]: PLANNED ATTACKS ON NATION’S CRITICAL INFORMATION INFRASTRUCTURES BY “ANONYMOUS SUDAN” HACKING GROUP AGAINST NIGERIA. Anonymous Sudan on the 1st of August, 2023 announced via their Telegram channel of planned cyber attacks against critical information infrastructures in Nigeria, following Nigeria’s role and involvement in ECOWAS recent directives to the Niger Military in the process of restoring power to the democratically elected government of Niger Republic.
Android Smartphones Vulnerable to Fingerprint Brute Force Attacks. A new method of bypassing user authentication on smartphones running the Android, HarmonyOS, and iOS operating systems has been discovered. The method has been dubbed 'BrutePrint' by its discoverers, Tencent Labs and Zhejiang University, because it employs brute force attacks to crack modern smartphone authentication mechanisms such as fingerprints to bypass user authentication and take control of the device.
Intel Chips Vulnerability. Millions of computers powered by Intel processors are affected by vulnerabilities that can be exploited by malicious actors to obtain potentially sensitive information. The side-channel attack methods, named ZombieLoad, Rogue In-Flight Data Load,(RIDL) and Fallout, are similar to the notorious Meltdown and Spectre. The attack methods work against both PCs and cloud environments, and they can be launched against most Intel CPUs.
The Act provides an effective, unified and comprehensive legal, regulatory and institutional framework for...
"Antiphishing.ng Project is a collaborative effort to create a community driven public repository about phishing that works to build additional tools to benefit the security community at large."
"tunCERT is the National CERT of the Tunisian government under the National Agency for Computer Security. tunCERT is one of the CERT that graciously partook in pioneering ngCERT"
"FIRST is a recognized global leader in incident response that brings together a variety of computer security incident response teams from government, commercial, and educational organizations."
"Team Cymru was formed in 1998 to learn the "who and why" of malicious Internet activity. This focus on attribution resulted in the uncovering of the "what, when, where, and how" of online malevolence"