ngcert | Home

Sunday, May 09, 2021
Abuja, NG 19°C
Contact us
About us
FAQ

InfoSec NEWS FEEDS

National Cybersecurity Capacity Review for Nigeria

Event

Keynote Excerpts From the speech delivered by National Security Adviser during the recent lunching of the National Security Strategy

Article

ngCERT Advisory 19-years-old WinRAR vulnerability leads to over 100 malware exploits

Advisory

Windows BlueKeep Vulnerability

Vulnerability

Microsoft Warns of 25 Critical Vulnerabilities in IoT, Industrial Devices

Feed

WELCOME TO NIGERIA COMPUTER EMERGENCY RESPONSE TEAM (ngCERT)

The Nigeria Computer Emergency Response Team has the mission to achieve a safe, secure and resilient cyberspace in Nigeria that provides opportunities for national prosperity. ngCERT is
established to prepare, protect, and secure the Nigerian cyberspace in anticipation of
attacks, problems, or events. ngCERT is saddled with the responsibility of
reducing the volume of future incidents.

PREPARATION

Incident Response Plan

IDENTIFICATION

What is the Incident?

CONTAINMENT

Contain the Issue immediately

INVESTIGATION

Determine the cause of the incident

ERADICATION

Get Rid of the issue

RECOVERY

Restore service as fast as possible

InfoSec Feeds

Microsoft Warns of 25 Critical Vulnerabilities in IoT, Industrial Devices

Feeds
April 30, 2021

End of support for Build 1909 leaves some Windows open to attack

April 30, 2021

The case for vaccine passports: the real world versus the digital world

April 30, 2021

F5 Big-IP Vulnerable to Security-Bypass Bug

April 29, 2021

Experian API Leaks Most Americans’ Credit Scores

Feeds
April 29, 2021

Multi-Gov Task Force Plans to Take Down the Ransomware Economy

April 29, 2021

COVID-19 Results for 25% of Wyoming Accidentally Posted Online

April 29, 2021

Anti-Vaxxer Hijacks QR Codes at COVID-19 Check-In Sites

April 29, 2021

SaaS Attacks: Lessons from Real-Life Misconfiguration Exploits

Feeds
April 29, 2021

DoppelPaymer Gang Leaks Files from Illinois AG After Ransom Negotiations Break Down

April 29, 2021

Babuk Ransomware Gang Mulls Retirement

April 29, 2021

Northern Ireland pilots security training plan for 16-25s

April 29, 2021

How to tackle intellectual property crime

Feeds
April 29, 2021

April 29, 2021

Backup failure: Four key areas where backups go wrong

April 28, 2021

Office 365 compromise likely led to Merseyrail ransomware attack

April 28, 2021

NHS app to serve as vaccine passport for foreign holidays

Feeds
April 28, 2021

Covid-19 security challenges leave bank customers at risk

April 28, 2021

Microsoft Office SharePoint Targeted With High-Risk Phish, Ransomware Attacks

April 28, 2021

Recruiters can’t afford to hold out for cyber ‘unicorns’

April 28, 2021

Applying web application reconnaissance to offensive hacking

Feeds
April 27, 2021

Collaboration is key to a secure web application architecture

April 27, 2021

Total cost of ransomware attack heading towards $2m

April 27, 2021

Why we need to reset the debate on end-to-end encryption to protect children

April 27, 2021

Leaky Azure storage account puts software developer IP at risk

Feeds
April 27, 2021

Apple OS updates patch multiple security holes

April 27, 2021

North London school wins NCSC girls’ cyber challenge

April 27, 2021

The Security Interviews: Making sense of outbound email security

April 27, 2021

French legal challenge over EncroChat cryptophone hack could hit UK prosecutions

Feeds
April 26, 2021

GCHQ: Cyber investment a guarantor of UK’s global status

April 22, 2021

Researchers shed more light on APT29 activity during SolarWinds attack

April 22, 2021

April 21, 2021

unified threat management (UTM)

Feeds
April 13, 2021

physical security

April 13, 2021

How to fix the top 5 cybersecurity vulnerabilities

March 25, 2021

How to fix the top 5 cybersecurity vulnerabilities

March 25, 2021

Top 10 types of information security threats for IT teams

Feeds
March 3, 2021

SolarWinds hack explained: Everything you need to know

February 9, 2021

February 3, 2021

Azure AD Premium P1 vs. P2: Which is right for you?

December 22, 2020

Feeds
December 14, 2020

Certified Information Systems Auditor (CISA)

November 21, 2020

Red team vs. blue team vs. purple team: What's the difference?

November 4, 2020

Cybersecurity communication key to addressing risk

November 4, 2020

3 steps to secure codebase updates, prevent vulnerabilities

Feeds
September 15, 2020

Site-to-site VPN security benefits and potential risks

August 28, 2020

Security issues with working remotely (and how to fix them)

July 31, 2020

vulnerability assessment (vulnerability analysis)

July 24, 2020

Remote backup and recovery, protection changes that will stick

Feeds
July 15, 2020

Identifying and troubleshooting VPN session timeout issues

June 11, 2020

How automating incident response benefits security programs

June 3, 2020

integrated risk management (IRM)

May 20, 2020

Use and protect backup against COVID-19-related cybercrime

Feeds
April 23, 2020

quantum supremacy

November 26, 2019

Zoom vulnerability reveals privacy issues for users

July 12, 2019

What's the best way to mitigate the risk of GPU malware?

December 7, 2015

Millions left at risk as Android Stagefright fix pushed to September

Feeds
August 18, 2015

Web monitoring software helps keep employees honest

July 7, 2015

Fobber: Drive-by financial malware returns with new tricks

July 1, 2015

Samsung vulnerability affects up to 600 million Android devices

June 17, 2015

After Windows Server 2003 end of life: An emergency action plan

Feeds
June 5, 2015

IRS breach shows the importance of PII security

May 29, 2015

Is paying the ransom the only way to remove ransomware?

May 26, 2015

Google changes Chrome extension policy amid security concerns

May 20, 2015

Comparing the top SSL VPN products

Feeds
April 28, 2015

Insider threat programs need people, not technology

April 28, 2015

To protect privileged users, consider using least privilege principle

March 5, 2014

Web browser protection for users: Adapting to new Web security threats

March 5, 2014

Surviving cyberwar: Preparing for APTs, Stuxnet malware-style attacks

Feeds
July 31, 2012

Social engineering penetration testing: Four effective techniques

July 18, 2012

Alerts & Advisories

Cellebrite Forensic Software Security Vulnerabilities. Signal CEO in a successful hacking of the Cellebrite cellphone hacking and cracking tool revealed that the software lacks industry-standard exploit mitigation defenses, thereby making the software vulnerable to exploitations. This is coming after Cellebrite claimed in 2019 that its new tool unlocks almost any iOS and Android device, and in December 2020, that it could easily crack Signal’s encryption. Marlinspike accused Cellebrite of making a living from undisclosed vulnerabilities hence the decision to play it smart with the company by publicly publishing the vulnerability.

Advisory
April 28, 2021

Cybercriminals Using Telegram messaging service to Distribute ToxicEye Malware

April 28, 2021

Fake LinkedIn Job Offer Malware

April 12, 2021

Phishing Attack Using Fake Google reCAPTCHA to Steal Credential from Microsoft Users

March 16, 2021

Microsoft Exchange Servers Zero-Day Vulnerability. Microsoft has confirmed the attacks against the Exchange servers aimed at stealing email addresses and installing malware to gain persistence in the target networks. This attacks campaign has been attributed to China-based hacker group called HAFNIUM who were exploiting unknown software bugs in Exchange Server to steal sensitive data from select targets. The vulnerability is being actively exploited in the wild by several cyber espionage groups, including LuckyMouse, Tick, and Calypso targeting servers around the world.

Advisory
March 8, 2021

Advisory on Windows Vulnerabilities

February 25, 2021

Security Advisory on Apple Chips Malware

February 23, 2021

Update Advisory for APT Attacks on the SolarWinds Products

January 4, 2021

APT Compromise of Orion Platforms. Reports revealed recent compromises of U.S. government agencies, critical infrastructure entities, and private sector organizations by an advanced persistent threat (APT) actor which began at least since March 2020. It is expected that removing this threat actor from compromised environments will be highly complex and challenging for organizations hence the need to take proactive actions in the protection of government critical national information infrastructures. The cyber-security firm that identified the large-scale hacking of US government agencies says it "genuinely impacted" around 50 organisations. The US Treasury and departments of homeland security, state and defence are known to have been targeted. Russian Intelligence has been accused by the US for the cyber intrusion. Several other organisations around the world are understood to have been targeted by hackers using the same network management software.

Advisory
January 1, 2021

Security Advisory on Phishing Attacks

December 15, 2020

ADVISORY ON SQL INJECTION VULNERABILITY AND OTHER BASIC NETWORK SECURITY MEASURES

October 16, 2020

Advisory on Intended Nationwide Cyber attack

October 15, 2020

ReVoLTE Networks Vulnerability. Recently, a group of security researchers discovered a new vulnerability named ReVoLTE attack. This vulnerability is due to mobile operators often utilizing similarly encryption key to obtain multiple 4G voice calls that takes place through similarly base station. This vulnerability could allow a malicious attacker to manipulate encrypted content of a recorded Volte call so as to eavesdrop the conversation.

Advisory
August 27, 2020

Tecno Phones Vulnerability

August 27, 2020

RV Series Routers Command Injection Vulnerabilities

August 5, 2020

Remote Access Vulnerability

July 22, 2020

Cisco Small Business Routers Vulnerabilities. According to Cisco, different categories of vulnerabilities were discovered from different Cisco routers. This vulnerabilities ranges from static default credential, Management interface remote command execution, authentication bypass, arbitrary code execution, and privilege escalation.

Advisory
July 17, 2020

New EvilQuest Ransomware for macOS Systems

July 1, 2020

Webex Desktop App Vulnerability

June 24, 2020

SaltStack FrameWork Vulnerabilities in Cisco Products

June 19, 2020

Multiple Security Vulnerabilities for Adobe Products. Adobe has released an update for multiple adobe products in Windows, MacOS, and Linux. The updates resolves critical out-of-bounds Read and Write vulnerabilities that could lead to arbitrary code execution and information disclosure.

Advisory
June 18, 2020

Multiple Security Vulnerabilities on D-LINK Home Routers

June 17, 2020

Local Privilege Escalation Vulnerability for VMware

June 16, 2020

ngCERT Advisory on Scranos Malware

February 10, 2020

ngCERT Advisory 19-years-old WinRAR vulnerability leads to over 100 malware exploits. ngCERT Advisory 19-years-old WinRAR vulnerability leads to over 100 malware exploits

Advisory
February 10, 2020

ngCERT Advisory Microsoft Exchange 2013 and Newer are vulnerable to NTLM relay attacks

February 10, 2020

Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability

February 10, 2020

ngCERT VMware Tools vulnerability

January 16, 2020

ngCERT 2nd Advisory on WannaCry/WCry/WCrypt0 Ransomware Warm and Remote Desktop Protocol (RDP) & Server Message Block (SMB) Protocol Vulnerability. The Remote Desktop Protocol (RDP) and a vulnerability in the implementation of the Server Message Block SMB protocol of Microsoft Windows Operating System is currently being exploited by a ransomware called WannaCry worm. The worm encrypts all files on an infected computer’s hard drive.

Advisory
May 15, 2017

Vulnerabilities

Windows 10 Task Scheduler Zero-Day Vulnerability. Microsoft Windows Task Scheduler is a set of Microsoft Windows components that allows for the execution of scheduled tasks. The exploit "functions reliably on 32- and 64-bit Windows 10 platforms, as well as Windows Server 2016 and Windows Server 2019.

Vulnerability
February 10, 2020

Intel Chips Vulnerability

February 10, 2020

Windows BlueKeep Vulnerability

February 10, 2020

ESXi Remote Code Execution Vulnerability

February 10, 2020

Resources

National Cybersecurity Policy and Strategy 2021

READ MORE & DOWNLOAD

National Cybersecurity Policy and Strategy 2021...

Cybercrimes (prohibition, Prevention etc) Act, 2015

READ MORE & DOWNLOAD

The Act provides an effective, unified and comprehensive legal, regulatory and institutional framework for...

Draft Data Protection Bill 2020

READ MORE & DOWNLOAD

Draft Data Protection Bill 2020 ...

Videos

List

Collaborations & Membership

antiphishing.ng

"Antiphishing.ng Project is a collaborative effort to create a community driven public repository about phishing that works to build additional tools to benefit the security community at large."

tunCERT

"tunCERT is the National CERT of the Tunisian government under the National Agency for Computer Security. tunCERT is one of the CERT that graciously partook in pioneering ngCERT"

FiRST

"FIRST is a recognized global leader in incident response that brings together a variety of computer security incident response teams from government, commercial, and educational organizations."

Team Cymru

"Team Cymru was formed in 1998 to learn the "who and why" of malicious Internet activity. This focus on attribution resulted in the uncovering of the "what, when, where, and how" of online malevolence"