ngcert | Home

Wednesday, Oct 27, 2021
Abuja, NG 19°C
Contact us
About us
FAQ

InfoSec NEWS FEEDS

National Cybersecurity Capacity Review for Nigeria

Event

Keynote Excerpts From the speech delivered by National Security Adviser during the recent lunching of the National Security Strategy

Article

ngCERT Advisory 19-years-old WinRAR vulnerability leads to over 100 malware exploits

Advisory

Windows BlueKeep Vulnerability

Vulnerability

Missouri Vows to Prosecute ‘Hacker’ Who Informed State About Data Leak

Feed

WELCOME TO NIGERIA COMPUTER EMERGENCY RESPONSE TEAM (ngCERT)

The Nigeria Computer Emergency Response Team has the mission to achieve a safe, secure and resilient cyberspace in Nigeria that provides opportunities for national prosperity. ngCERT is
established to prepare, protect, and secure the Nigerian cyberspace in anticipation of
attacks, problems, or events. ngCERT is saddled with the responsibility of
reducing the volume of future incidents.

PREPARATION

Incident Response Plan

IDENTIFICATION

What is the Incident?

CONTAINMENT

Contain the Issue immediately

INVESTIGATION

Determine the cause of the incident

ERADICATION

Get Rid of the issue

RECOVERY

Restore service as fast as possible

InfoSec Feeds

Feds Warn BlackMatter Ransomware Gang is Poised to Strike

Feeds
October 19, 2021

TA505 Gang Is Back With Newly Polished FlawedGrace RAT

October 19, 2021

Podcast: Could the Zoho Flaw Trigger SolarWinds 2.0?

October 18, 2021

Sinclair Confirms Ransomware Attack That Disrupted TV Stations

October 18, 2021

TikTok Serves Up Fresh Gamer Targets via Fake Among Us, Steam Offerings

Feeds
October 18, 2021

Twitter Suspends Accounts Used to Snare Security Researchers

October 18, 2021

How Samlesbury, Lancashire became the home of the National Cyber Force

October 18, 2021

No easy fix for vulnerability exploitation, so be prepared

October 18, 2021

TrickBot Gang Enters Cybercrime Elite with Fresh Affiliates

Feeds
October 15, 2021

Missouri Vows to Prosecute ‘Hacker’ Who Informed State About Data Leak

October 15, 2021

Uniform Resource Identifier (URI)

October 15, 2021

Doing the right thing: How CISOs should approach responsible disclosure

October 15, 2021

MIME (Multipurpose Internet Mail Extensions)

Feeds
October 14, 2021

Encryption protects the marginalised – and it’s under threat

October 14, 2021

What is attack surface management and why is it necessary?

October 14, 2021

NHS Digital enhances in-house cyber awareness drive

October 14, 2021

Verizon’s Visible Wireless Carrier Confirms Credential-Stuffing Attack

Feeds
October 14, 2021

Rickroll Grad Prank Exposes Exterity IPTV Bug

October 14, 2021

Apple scheme to detect child abuse creates serious privacy and security risks, say scientists

October 14, 2021

The complete guide to ransomware

October 13, 2021

Google Cybersecurity Action Team springs into life

Feeds
October 13, 2021

FCA warns over future hybrid working security risks

October 13, 2021

Microsoft warns of MysterySnail on October Patch Tuesday

October 13, 2021

Former signals intel leader named godfather of UK security

October 13, 2021

BCS calls on government to retain protections against AI

Feeds
October 12, 2021

Microsoft thwarts mega-DDoS attack on Azure platform

October 12, 2021

What are the pros and cons of shadow IT?

October 12, 2021

Top enterprise risk management certifications to consider

October 12, 2021

What is integrated risk management (IRM)?

Feeds
October 12, 2021

Risk appetite vs. risk tolerance: How are they different?

October 12, 2021

Enterprise risk management team: Roles and responsibilities

October 12, 2021

Covid-19 will loom over cyber strategy for years to come

October 11, 2021

Sensitive documents to stay with whistleblower after deadline for agreement for their return passes

Feeds
October 11, 2021

Craft beer specialist Brewdog fixes serious app vulnerability

October 8, 2021

Fast-moving Ryuk campaign targets healthcare organisations

October 8, 2021

ICO expresses concerns over its future independence

October 7, 2021

next-generation firewall (NGFW)

Feeds
October 7, 2021

Addressing the backup dilemma to ransomware recovery

October 7, 2021

Certified Information Systems Auditor (CISA)

October 5, 2021

RADIUS (Remote Authentication Dial-In User Service)

September 30, 2021

Secure Electronic Transaction (SET)

Feeds
September 30, 2021

vulnerability assessment (vulnerability analysis)

September 24, 2021

Step-ahead IoT security: Developers must be more proactive

September 2, 2021

federated identity management (FIM)

August 31, 2021

Feeds
August 23, 2021

The differences between open XDR vs. native XDR

August 11, 2021

Is bitcoin safe? How to secure your bitcoin wallet

August 6, 2021

How to defend against TCP port 445 and other SMB exploits

August 3, 2021

What is cybersecurity?

Feeds
August 2, 2021

DOS (disk operating system)

July 30, 2021

How to fix the top 5 cybersecurity vulnerabilities

March 25, 2021

Top 10 types of information security threats for IT teams

March 3, 2021

Use and protect backup against COVID-19-related cybercrime

Feeds
April 23, 2020

quantum supremacy

November 26, 2019

Zoom vulnerability reveals privacy issues for users

July 12, 2019

Millions left at risk as Android Stagefright fix pushed to September

August 18, 2015

Web monitoring software helps keep employees honest

Feeds
July 7, 2015

Fobber: Drive-by financial malware returns with new tricks

July 1, 2015

Samsung vulnerability affects up to 600 million Android devices

June 17, 2015

Google changes Chrome extension policy amid security concerns

May 20, 2015

Insider threat programs need people, not technology

Feeds
April 28, 2015

Comparing the top SSL VPN products

April 28, 2015

Social engineering penetration testing: Four effective techniques

July 18, 2012

How to prevent a WPS flaw from damaging enterprise wireless security

May 1, 2012

Web-facing applications: Mitigating likely Web application threats

Feeds
April 4, 2012

How to ensure data security by spotting enterprise security weaknesses

March 9, 2012

Android malicious apps: How to tell secure Android apps from malware

August 25, 2011

Locate IP address location: How to confirm the origin of a cyberattack

August 25, 2011

How to ensure the security of financial transactions online

Feeds
August 18, 2011

Do any particular mobile device vulnerabilities outweigh the others?

August 18, 2011

Alerts & Advisories

Flubot Malware Targets Androids With Fake Security Updates and App Installations. A newly discovered Android malware, dubbed FluBot, impersonates Android mobile banking applications to draw fake webview on targeted applications. The malware primarily focuses on stealing credit card details or online banking credentials, apart from personal data.

Advisory
October 19, 2021

Google Warn Users of Government-Sponsored Attacks

October 16, 2021

OpenOffice and LibreOffice Digital Signature Spoofing Vulnerabilities

October 12, 2021

Facebook, Instagram and WhatsApp global outage

October 4, 2021

Browser’s DNS Rebinding Attacks. Cybercriminals have been discovered to be using a technique known as DNS rebinding to compromise internal networks by abusing web-based consoles. This method exposes the attack surface of internal web applications to malicious websites after being launched on victims' browsers. The DNS rebinding attack can use victims' browsers as a proxy to expand the attack surface to private networks.

Advisory
September 22, 2021

Fortinet Leaked VPN Account Credentials

September 10, 2021

COVID-19 RELATED SCAMS

August 25, 2021

Ransomware Attacks

July 7, 2021

Russian GRU Global Brute Force Attacks. The Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS), military unit 26165, is reported to be conducting a Global anonymized Brute Force Campaign to Compromise Enterprise and Cloud Environments. This attack is discovered to be targeting government and foreign organizations using brute force access to penetrate government and private sector victim networks.

Advisory
July 2, 2021

Microsoft Edge Browser Vulnerabilities

July 1, 2021

Apple Zero-Day Vulnerabilities

May 18, 2021

Best Practices for Preventing Business Disruption from Ransomware Attacks

May 15, 2021

Cellebrite Forensic Software Security Vulnerabilities. Signal CEO in a successful hacking of the Cellebrite cellphone hacking and cracking tool revealed that the software lacks industry-standard exploit mitigation defenses, thereby making the software vulnerable to exploitations. This is coming after Cellebrite claimed in 2019 that its new tool unlocks almost any iOS and Android device, and in December 2020, that it could easily crack Signal’s encryption. Marlinspike accused Cellebrite of making a living from undisclosed vulnerabilities hence the decision to play it smart with the company by publicly publishing the vulnerability.

Advisory
April 28, 2021

Cybercriminals Using Telegram messaging service to Distribute ToxicEye Malware

April 28, 2021

Fake LinkedIn Job Offer Malware

April 12, 2021

Phishing Attack Using Fake Google reCAPTCHA to Steal Credential from Microsoft Users

March 16, 2021

Microsoft Exchange Servers Zero-Day Vulnerability. Microsoft has confirmed the attacks against the Exchange servers aimed at stealing email addresses and installing malware to gain persistence in the target networks. This attacks campaign has been attributed to China-based hacker group called HAFNIUM who were exploiting unknown software bugs in Exchange Server to steal sensitive data from select targets. The vulnerability is being actively exploited in the wild by several cyber espionage groups, including LuckyMouse, Tick, and Calypso targeting servers around the world.

Advisory
March 8, 2021

Advisory on Windows Vulnerabilities

February 25, 2021

Security Advisory on Apple Chips Malware

February 23, 2021

Update Advisory for APT Attacks on the SolarWinds Products

January 4, 2021

APT Compromise of Orion Platforms. Reports revealed recent compromises of U.S. government agencies, critical infrastructure entities, and private sector organizations by an advanced persistent threat (APT) actor which began at least since March 2020. It is expected that removing this threat actor from compromised environments will be highly complex and challenging for organizations hence the need to take proactive actions in the protection of government critical national information infrastructures. The cyber-security firm that identified the large-scale hacking of US government agencies says it "genuinely impacted" around 50 organisations. The US Treasury and departments of homeland security, state and defence are known to have been targeted. Russian Intelligence has been accused by the US for the cyber intrusion. Several other organisations around the world are understood to have been targeted by hackers using the same network management software.

Advisory
January 1, 2021

Security Advisory on Phishing Attacks

December 15, 2020

ADVISORY ON SQL INJECTION VULNERABILITY AND OTHER BASIC NETWORK SECURITY MEASURES

October 16, 2020

Advisory on Intended Nationwide Cyber attack

October 15, 2020

ReVoLTE Networks Vulnerability. Recently, a group of security researchers discovered a new vulnerability named ReVoLTE attack. This vulnerability is due to mobile operators often utilizing similarly encryption key to obtain multiple 4G voice calls that takes place through similarly base station. This vulnerability could allow a malicious attacker to manipulate encrypted content of a recorded Volte call so as to eavesdrop the conversation.

Advisory
August 27, 2020

Tecno Phones Vulnerability

August 27, 2020

RV Series Routers Command Injection Vulnerabilities

August 5, 2020

Remote Access Vulnerability

July 22, 2020

Cisco Small Business Routers Vulnerabilities. According to Cisco, different categories of vulnerabilities were discovered from different Cisco routers. This vulnerabilities ranges from static default credential, Management interface remote command execution, authentication bypass, arbitrary code execution, and privilege escalation.

Advisory
July 17, 2020

New EvilQuest Ransomware for macOS Systems

July 1, 2020

Webex Desktop App Vulnerability

June 24, 2020

SaltStack FrameWork Vulnerabilities in Cisco Products

June 19, 2020

Multiple Security Vulnerabilities for Adobe Products. Adobe has released an update for multiple adobe products in Windows, MacOS, and Linux. The updates resolves critical out-of-bounds Read and Write vulnerabilities that could lead to arbitrary code execution and information disclosure.

Advisory
June 18, 2020

Multiple Security Vulnerabilities on D-LINK Home Routers

June 17, 2020

Local Privilege Escalation Vulnerability for VMware

June 16, 2020

ngCERT Advisory on Scranos Malware

February 10, 2020

ngCERT Advisory 19-years-old WinRAR vulnerability leads to over 100 malware exploits. ngCERT Advisory 19-years-old WinRAR vulnerability leads to over 100 malware exploits

Advisory
February 10, 2020

ngCERT Advisory Microsoft Exchange 2013 and Newer are vulnerable to NTLM relay attacks

February 10, 2020

Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability

February 10, 2020

ngCERT VMware Tools vulnerability

January 16, 2020

ngCERT 2nd Advisory on WannaCry/WCry/WCrypt0 Ransomware Warm and Remote Desktop Protocol (RDP) & Server Message Block (SMB) Protocol Vulnerability. The Remote Desktop Protocol (RDP) and a vulnerability in the implementation of the Server Message Block SMB protocol of Microsoft Windows Operating System is currently being exploited by a ransomware called WannaCry worm. The worm encrypts all files on an infected computer’s hard drive.

Advisory
May 15, 2017

Vulnerabilities

Windows 10 Task Scheduler Zero-Day Vulnerability. Microsoft Windows Task Scheduler is a set of Microsoft Windows components that allows for the execution of scheduled tasks. The exploit "functions reliably on 32- and 64-bit Windows 10 platforms, as well as Windows Server 2016 and Windows Server 2019.

Vulnerability
February 10, 2020

Intel Chips Vulnerability

February 10, 2020

Windows BlueKeep Vulnerability

February 10, 2020

ESXi Remote Code Execution Vulnerability

February 10, 2020

Resources

National Cybersecurity Policy and Strategy 2021

READ MORE & DOWNLOAD

National Cybersecurity Policy and Strategy 2021...

Cybercrimes (prohibition, Prevention etc) Act, 2015

READ MORE & DOWNLOAD

The Act provides an effective, unified and comprehensive legal, regulatory and institutional framework for...

Draft Data Protection Bill 2020

READ MORE & DOWNLOAD

Draft Data Protection Bill 2020 ...

Videos

List

Collaborations & Membership

antiphishing.ng

"Antiphishing.ng Project is a collaborative effort to create a community driven public repository about phishing that works to build additional tools to benefit the security community at large."

tunCERT

"tunCERT is the National CERT of the Tunisian government under the National Agency for Computer Security. tunCERT is one of the CERT that graciously partook in pioneering ngCERT"

FiRST

"FIRST is a recognized global leader in incident response that brings together a variety of computer security incident response teams from government, commercial, and educational organizations."

Team Cymru

"Team Cymru was formed in 1998 to learn the "who and why" of malicious Internet activity. This focus on attribution resulted in the uncovering of the "what, when, where, and how" of online malevolence"