ngcert | Home

Saturday, Mar 06, 2021
Abuja, NG 19°C
Contact us
About us
FAQ

InfoSec NEWS FEEDS

National Cybersecurity Capacity Review for Nigeria

Event

Keynote Excerpts From the speech delivered by National Security Adviser during the recent lunching of the National Security Strategy

Article

ngCERT Advisory 19-years-old WinRAR vulnerability leads to over 100 malware exploits

Advisory

Windows BlueKeep Vulnerability

Vulnerability

Malware Gangs Partner Up in Double-Punch Security Threat

Feed

WELCOME TO NIGERIA COMPUTER EMERGENCY RESPONSE TEAM (ngCERT)

The Nigeria Computer Emergency Response Team has the mission to achieve a safe, secure and resilient cyberspace in Nigeria that provides opportunities for national prosperity. ngCERT is
established to prepare, protect, and secure the Nigerian cyberspace in anticipation of
attacks, problems, or events. ngCERT is saddled with the responsibility of
reducing the volume of future incidents.

PREPARATION

Incident Response Plan

IDENTIFICATION

What is the Incident?

CONTAINMENT

Contain the Issue immediately

INVESTIGATION

Determine the cause of the incident

ERADICATION

Get Rid of the issue

RECOVERY

Restore service as fast as possible

InfoSec Feeds

Amazon Dismisses Claims Alexa ‘Skills’ Can Bypass Security Vetting Process

Feeds
February 26, 2021

Cyber extortionist threatened to bomb NHS targets

February 26, 2021

On digital identity, the government gets it wrong again

February 26, 2021

Protecting Sensitive Cardholder Data in Today’s Hyper-Connected World

February 26, 2021

Podcast: Ransomware Attacks Exploded in Q4 2020

Feeds
February 26, 2021

Stalkerware Volumes Remain Concerningly High, Despite Bans

February 26, 2021

Malware Gangs Partner Up in Double-Punch Security Threat

February 26, 2021

Yeezy Fans Face Sneaker-Bot Armies for Boost ‘Sun’ Release

February 26, 2021

Lazarus Targets Defense Companies with ThreatNeedle Malware

Feeds
February 26, 2021

Cyberattacks Launch Against Vietnamese Human-Rights Activists

February 25, 2021

MHRA and other agencies to offer new resources for scam victims

February 25, 2021

Atos and HDF Energy to build ‘green hydrogen-powered’ datacentre by 2023

February 25, 2021

Npower shuts off app after credential stuffing attack

Feeds
February 25, 2021

GCHQ sets out rules of the road for AI in cyber

February 25, 2021

Tech-enabled hybrid working enables HSBC to cut 40% of its global office space

February 25, 2021

Get started with network penetration testing for beginners

February 25, 2021

NCSC Cyber Action Plan emphasises SME security

Feeds
February 25, 2021

Advice on how to learn network penetration testing skills

February 25, 2021

Malicious Mozilla Firefox Extension Allows Gmail Takeover

February 25, 2021

Health Website Leaks 8 Million COVID-19 Test Results

February 25, 2021

Bombardier is latest victim of Accellion supply chain attack

Feeds
February 24, 2021

Babuk ransomware unsophisticated, but highly dangerous

February 24, 2021

Warning on security risk from virtual events platforms

February 24, 2021

Vaccine passports prove an ethical minefield

February 24, 2021

Guide to cloud security management and best practices

Feeds
February 24, 2021

Is Clubhouse safe, and should CISOs stop its use?

February 24, 2021

Rogue drones beware: We’re here to ground you

February 23, 2021

How to achieve security observability in complex environments

February 23, 2021

XDR makes cyber a Stroll in the park for Aston Martin F1

Feeds
February 23, 2021

AI powers reputational damage insurance policy

February 23, 2021

SolarWinds hack explained: Everything you need to know

February 9, 2021

February 3, 2021

Azure AD Premium P1 vs. P2: Which is right for you?

Feeds
December 22, 2020

December 14, 2020

Certified Information Systems Auditor (CISA)

November 21, 2020

Red team vs. blue team vs. purple team: What's the difference?

November 4, 2020

Cybersecurity communication key to addressing risk

Feeds
November 4, 2020

3 steps to secure codebase updates, prevent vulnerabilities

September 15, 2020

Site-to-site VPN security benefits and potential risks

August 28, 2020

Security issues with working remotely (and how to fix them)

July 31, 2020

vulnerability assessment (vulnerability analysis)

Feeds
July 24, 2020

Remote backup and recovery, protection changes that will stick

July 15, 2020

Identifying and troubleshooting VPN session timeout issues

June 11, 2020

How automating incident response benefits security programs

June 3, 2020

integrated risk management (IRM)

Feeds
May 20, 2020

Use and protect backup against COVID-19-related cybercrime

April 23, 2020

Create a mobile BYOD policy for the coronavirus pandemic

April 8, 2020

managed detection and response (MDR)

April 3, 2020

How zero-trust authentication and architecture have evolved

Feeds
March 25, 2020

4 factors that should shape a BYOD mobile policy

January 3, 2020

quantum supremacy

November 26, 2019

Lack of U.S. cryptocurrency regulation invites risk

August 19, 2019

Zoom vulnerability reveals privacy issues for users

Feeds
July 12, 2019

Top 10 types of information security threats for IT teams

June 28, 2019

How to fix the top 5 cybersecurity vulnerabilities

June 28, 2019

What's the best way to mitigate the risk of GPU malware?

December 7, 2015

Millions left at risk as Android Stagefright fix pushed to September

Feeds
August 18, 2015

Web monitoring software helps keep employees honest

July 7, 2015

Fobber: Drive-by financial malware returns with new tricks

July 1, 2015

Samsung vulnerability affects up to 600 million Android devices

June 17, 2015

From the frontlines: Horror stories on information breach response

Feeds
June 11, 2015

After Windows Server 2003 end of life: An emergency action plan

June 5, 2015

IRS breach shows the importance of PII security

May 29, 2015

Is paying the ransom the only way to remove ransomware?

May 26, 2015

Google changes Chrome extension policy amid security concerns

Feeds
May 20, 2015

Comparing the top SSL VPN products

April 28, 2015

Insider threat programs need people, not technology

April 28, 2015

To protect privileged users, consider using least privilege principle

March 5, 2014

Web browser protection for users: Adapting to new Web security threats

Feeds
March 5, 2014

Surviving cyberwar: Preparing for APTs, Stuxnet malware-style attacks

July 31, 2012

Alerts & Advisories

Advisory on Windows Vulnerabilities. Cybercriminals are actively taking advantage of weaknesses in Windows and deploying malware for nefarious purposes. Windows has been a direct target of attacks by malware, more than 80% of malware detected are from windows according to latest discovery. This amongst others includes two updated versions of LodaRAT malware, TrickBot malware and the Zerologon flaws.

Advisory
February 25, 2021

Security Advisory on Apple Chips Malware

February 23, 2021

Update Advisory for APT Attacks on the SolarWinds Products

January 4, 2021

APT Compromise of Orion Platforms

January 1, 2021

Security Advisory on Phishing Attacks. Phishing attacks are the most common and effective cyber security threat to individuals, businesses and organizations. Phishing is the delivery mechanism of choice for ransomware and other malware and it is a critical problem that every organization must address through a variety of means. Most phishing messages indicate immediate action is needed to avoid an unwanted time-sensitive consequence. It is important to be suspicious of all requests, and review messages carefully to determine if the message may be a phishing scam.

Advisory
December 15, 2020

ADVISORY ON SQL INJECTION VULNERABILITY AND OTHER BASIC NETWORK SECURITY MEASURES

October 16, 2020

Advisory on Intended Nationwide Cyber attack

October 15, 2020

ReVoLTE Networks Vulnerability

August 27, 2020

Tecno Phones Vulnerability. Researchers has discovered critical security risk with Tecno Android phones which has a pre-installed malware called Triada. Malware which signed users up to subscription services without their permission was discovered on thousands of Tecno mobile phones sold in Africa. Anti-fraud firm Upstream found the malicious code on Tecno handsets sold in Ethiopia, Cameroon, Egypt, Ghana and South Africa.

Advisory
August 27, 2020

RV Series Routers Command Injection Vulnerabilities

August 5, 2020

Remote Access Vulnerability

July 22, 2020

Cisco Small Business Routers Vulnerabilities

July 17, 2020

New EvilQuest Ransomware for macOS Systems. A new ransomware known as EvilQuest has been discovered by security researchers. This ransomware was first spotted to be impersonating the Google Software Update program, and on torrent sites, injected in installers wrapping pirated versions of popular macOS software such as Little Snitch, Ableton Live, and Mixed in key. EvilQuest ransomware is discovered to encrypt macOS systems, installs a keylogger and a reverse shell for full control over infected host, and exfiltrates files that contain valuable information (keys to cryptocurrency wallets, code-signing certificates, and many more) with a variety of extensions (eg .pdf, .doc, .jpg, .txt, .pages, .wallet, .zip, etc).

Advisory
July 1, 2020

Webex Desktop App Vulnerability

June 24, 2020

SaltStack FrameWork Vulnerabilities in Cisco Products

June 19, 2020

Multiple Security Vulnerabilities for Adobe Products

June 18, 2020

Multiple Security Vulnerabilities on D-LINK Home Routers. Researchers discovered six new vulnerabilities in D-Link wireless cloud routers running their latest firmware. The reported vulnerabilities were found in the DIR-865L model of D-Link routers, which is meant for home network use. There are also likelihood that some of these vulnerabilities are present in newer models of the router because of the similiarities in codebase.

Advisory
June 17, 2020

Local Privilege Escalation Vulnerability for VMware

June 16, 2020

ngCERT Advisory on Scranos Malware

February 10, 2020

ngCERT Advisory 19-years-old WinRAR vulnerability leads to over 100 malware exploits

February 10, 2020

ngCERT Advisory Microsoft Exchange 2013 and Newer are vulnerable to NTLM relay attacks. ngCERT Advisory Microsoft Exchange 2013 and Newer are vulnerable to NTLM relay attacks

Advisory
February 10, 2020

Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability

February 10, 2020

ngCERT VMware Tools vulnerability

January 16, 2020

ngCERT 2nd Advisory on WannaCry/WCry/WCrypt0 Ransomware Warm and Remote Desktop Protocol (RDP) & Server Message Block (SMB) Protocol Vulnerability

May 15, 2017

Vulnerabilities

Windows 10 Task Scheduler Zero-Day Vulnerability. Microsoft Windows Task Scheduler is a set of Microsoft Windows components that allows for the execution of scheduled tasks. The exploit "functions reliably on 32- and 64-bit Windows 10 platforms, as well as Windows Server 2016 and Windows Server 2019.

Vulnerability
February 10, 2020

Intel Chips Vulnerability

February 10, 2020

Windows BlueKeep Vulnerability

February 10, 2020

ESXi Remote Code Execution Vulnerability

February 10, 2020

Resources

National Cybersecurity Policy and Strategy 2021

READ MORE & DOWNLOAD

National Cybersecurity Policy and Strategy 2021...

Cybercrimes (prohibition, Prevention etc) Act, 2015

READ MORE & DOWNLOAD

The Act provides an effective, unified and comprehensive legal, regulatory and institutional framework for...

Draft Data Protection Bill 2020

READ MORE & DOWNLOAD

Draft Data Protection Bill 2020 ...

Videos

List

Collaborations & Membership

antiphishing.ng

"Antiphishing.ng Project is a collaborative effort to create a community driven public repository about phishing that works to build additional tools to benefit the security community at large."

tunCERT

"tunCERT is the National CERT of the Tunisian government under the National Agency for Computer Security. tunCERT is one of the CERT that graciously partook in pioneering ngCERT"

FiRST

"FIRST is a recognized global leader in incident response that brings together a variety of computer security incident response teams from government, commercial, and educational organizations."

Team Cymru

"Team Cymru was formed in 1998 to learn the "who and why" of malicious Internet activity. This focus on attribution resulted in the uncovering of the "what, when, where, and how" of online malevolence"