InfoSec NEWS FEEDS

National Cybersecurity Capacity Review for Nigeria

  • Event

Keynote Excerpts From the speech delivered by National Security Adviser during the recent lunching of the National Security Strategy

  • Article

ngCERT Advisory 19-years-old WinRAR vulnerability leads to over 100 malware exploits

  • Advisory

Windows BlueKeep Vulnerability

  • Vulnerability

The Log4j Vulnerability Puts Pressure on the Security World

  • Feed

Contact us

+2349055554499
Send us a message
incident@cert.gov.ng, PGP Key ID:bff035583da678b1
Visit us
Report
Incidents, Vulnerabilities, Phishing or Maliciousware

WELCOME TO NIGERIA COMPUTER EMERGENCY RESPONSE TEAM (ngCERT)

The Nigeria Computer Emergency Response Team has the mission to achieve a safe, secure and resilient cyberspace in Nigeria that provides opportunities for national prosperity. ngCERT is
established to prepare, protect, and secure the Nigerian cyberspace in anticipation of
attacks, problems, or events. ngCERT is saddled with the responsibility of
reducing the volume of future incidents.

PREPARATION

Incident Response Plan

IDENTIFICATION

What is the Incident?

CONTAINMENT

Contain the Issue immediately

INVESTIGATION

Determine the cause of the incident

ERADICATION

Get Rid of the issue

RECOVERY

Restore service as fast as possible

InfoSec Feeds
Alerts & Advisories

SMS-Based Malware Infecting Mobile Devices. Recently a notorious FlutBot SMS Android malware that targets mobile devices was reported, but now there is another Android malware called TangleBot that employs more or less similar tactics to gain control of the device. This malware is reported to be far more invasive than the FlutBot malware.

  • Advisory
  • January 20, 2022

Ransomware Attack Warning

January 12, 2022

Apache Log4j Remote Code Execution Vulnerability.

December 20, 2021

New Windows Installer Zero-Day Vulnerability

November 25, 2021

Rootkits Malware Attacks. Rootkits are one of the most damaging types of malware. They are very difficult to detect & remove and provide the Threat Actors almost complete access to the target computer. A hacker who installs a rootkit into a computer can access & steal data, delete or corrupt files, spy on all system activities, modify programs, etc. Since rootkits remain constantly hidden and avoid detection, most commercially available anti-virus software is ineffective against them.

  • Advisory
  • November 22, 2021

Iranian Hacking Group targets Telecos, ISPs and Ministry of foreign Affairs (MFA) with Upgraded Malware

November 12, 2021

New Android Rooting Malware

November 3, 2021

Flubot Malware Targets Androids With Fake Security Updates and App Installations

October 19, 2021

Google Warn Users of Government-Sponsored Attacks. Google's Threat Analysis Group (TAG) has revealed that it is monitoring over 270 government-backed threat actors from over 50 countries. Since the beginning of 2021, the tech giant has sent approximately 50,000 alerts to customers about state-sponsored phishing or malware attempts.

  • Advisory
  • October 16, 2021

OpenOffice and LibreOffice Digital Signature Spoofing Vulnerabilities

October 12, 2021

Facebook, Instagram and WhatsApp global outage

October 4, 2021

Browser’s DNS Rebinding Attacks

September 22, 2021

Fortinet Leaked VPN Account Credentials. A malicious actor has leaked a list of almost 500,000 Fortinet VPN login names and passwords that were allegedly scraped from exploitable devices last summer. These credentials were reported to be obtained from systems that remained unpatched against FG-IR-18-384 / CVE-2018-13379 at the time of the actor's scan.

  • Advisory
  • September 10, 2021

COVID-19 RELATED SCAMS

August 25, 2021

Ransomware Attacks

July 7, 2021

Russian GRU Global Brute Force Attacks

July 2, 2021

Microsoft Edge Browser Vulnerabilities. A Microsoft Edge vulnerability that could allow hackers steal secrets from any website was discovered and thereby prompting Microsoft to release updates for the Edge browser, including a fix. This bypass vulnerability could allow a remote attacker to bypass implemented security restrictions to inject and execute arbitrary code on any website just by sending a message.

  • Advisory
  • July 1, 2021

Apple Zero-Day Vulnerabilities

May 18, 2021

Best Practices for Preventing Business Disruption from Ransomware Attacks

May 15, 2021

Cellebrite Forensic Software Security Vulnerabilities

April 28, 2021

Cybercriminals Using Telegram messaging service to Distribute ToxicEye Malware. Researchers discovered that Telegram instant messaging service is being used by malicious actors to manage a remote access trojan (RAT) called ToxicEye. These cyber criminals are increasingly abusing Telegram as a "command-and-control" system to distribute malware into organizations that could then be used to capture sensitive information from targeted systems. More than 130 attacks involving the ToxicEye RAT has been discovered recently, and warning that even when Telegram is not installed or being used, the system allows hackers to send malicious commands and operations remotely via the instant messaging app.

  • Advisory
  • April 28, 2021

Fake LinkedIn Job Offer Malware

April 12, 2021

Phishing Attack Using Fake Google reCAPTCHA to Steal Credential from Microsoft Users

March 16, 2021

Microsoft Exchange Servers Zero-Day Vulnerability

March 8, 2021

Advisory on Windows Vulnerabilities. Cybercriminals are actively taking advantage of weaknesses in Windows and deploying malware for nefarious purposes. Windows has been a direct target of attacks by malware, more than 80% of malware detected are from windows according to latest discovery. This amongst others includes two updated versions of LodaRAT malware, TrickBot malware and the Zerologon flaws.

  • Advisory
  • February 25, 2021

Security Advisory on Apple Chips Malware

February 23, 2021

Update Advisory for APT Attacks on the SolarWinds Products

January 4, 2021

APT Compromise of Orion Platforms

January 1, 2021

Security Advisory on Phishing Attacks. Phishing attacks are the most common and effective cyber security threat to individuals, businesses and organizations. Phishing is the delivery mechanism of choice for ransomware and other malware and it is a critical problem that every organization must address through a variety of means. Most phishing messages indicate immediate action is needed to avoid an unwanted time-sensitive consequence. It is important to be suspicious of all requests, and review messages carefully to determine if the message may be a phishing scam.

  • Advisory
  • December 15, 2020

ADVISORY ON SQL INJECTION VULNERABILITY AND OTHER BASIC NETWORK SECURITY MEASURES

October 16, 2020

Advisory on Intended Nationwide Cyber attack

October 15, 2020

ReVoLTE Networks Vulnerability

August 27, 2020

Tecno Phones Vulnerability. Researchers has discovered critical security risk with Tecno Android phones which has a pre-installed malware called Triada. Malware which signed users up to subscription services without their permission was discovered on thousands of Tecno mobile phones sold in Africa. Anti-fraud firm Upstream found the malicious code on Tecno handsets sold in Ethiopia, Cameroon, Egypt, Ghana and South Africa.

  • Advisory
  • August 27, 2020

RV Series Routers Command Injection Vulnerabilities

August 5, 2020

Remote Access Vulnerability

July 22, 2020

Cisco Small Business Routers Vulnerabilities

July 17, 2020

New EvilQuest Ransomware for macOS Systems. A new ransomware known as EvilQuest has been discovered by security researchers. This ransomware was first spotted to be impersonating the Google Software Update program, and on torrent sites, injected in installers wrapping pirated versions of popular macOS software such as Little Snitch, Ableton Live, and Mixed in key. EvilQuest ransomware is discovered to encrypt macOS systems, installs a keylogger and a reverse shell for full control over infected host, and exfiltrates files that contain valuable information (keys to cryptocurrency wallets, code-signing certificates, and many more) with a variety of extensions (eg .pdf, .doc, .jpg, .txt, .pages, .wallet, .zip, etc).

  • Advisory
  • July 1, 2020

Webex Desktop App Vulnerability

June 24, 2020

SaltStack FrameWork Vulnerabilities in Cisco Products

June 19, 2020

Multiple Security Vulnerabilities for Adobe Products

June 18, 2020

Multiple Security Vulnerabilities on D-LINK Home Routers. Researchers discovered six new vulnerabilities in D-Link wireless cloud routers running their latest firmware. The reported vulnerabilities were found in the DIR-865L model of D-Link routers, which is meant for home network use. There are also likelihood that some of these vulnerabilities are present in newer models of the router because of the similiarities in codebase.

  • Advisory
  • June 17, 2020

Local Privilege Escalation Vulnerability for VMware

June 16, 2020

ngCERT Advisory on Scranos Malware

February 10, 2020

ngCERT Advisory 19-years-old WinRAR vulnerability leads to over 100 malware exploits

February 10, 2020

ngCERT Advisory Microsoft Exchange 2013 and Newer are vulnerable to NTLM relay attacks. ngCERT Advisory Microsoft Exchange 2013 and Newer are vulnerable to NTLM relay attacks

  • Advisory
  • February 10, 2020

Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability

February 10, 2020

ngCERT VMware Tools vulnerability

January 16, 2020

ngCERT 2nd Advisory on WannaCry/WCry/WCrypt0 Ransomware Warm and Remote Desktop Protocol (RDP) & Server Message Block (SMB) Protocol Vulnerability

May 15, 2017
Vulnerabilities

Windows 10 Task Scheduler Zero-Day Vulnerability. Microsoft Windows Task Scheduler is a set of Microsoft Windows components that allows for the execution of scheduled tasks. The exploit "functions reliably on 32- and 64-bit Windows 10 platforms, as well as Windows Server 2016 and Windows Server 2019.

  • Vulnerability
  • February 10, 2020

Intel Chips Vulnerability

February 10, 2020

Windows BlueKeep Vulnerability

February 10, 2020

ESXi Remote Code Execution Vulnerability

February 10, 2020
Resources
National Cybersecurity Policy and Strategy 2021

National Cybersecurity Policy and Strategy 2021...

Cybercrimes (prohibition, Prevention etc) Act, 2015

The Act provides an effective, unified and comprehensive legal, regulatory and institutional framework for...

Draft Data Protection Bill 2020

Draft Data Protection Bill 2020 ...

Videos
List

Here is a short youtube video showing tips on how to stay safe online

1 year ago

Top Safe web surfing tips for kids

1 year ago

An informative video about internet safety tips for teens

1 year ago
Collaborations & Membership
antiphishing.ng

"Antiphishing.ng Project is a collaborative effort to create a community driven public repository about phishing that works to build additional tools to benefit the security community at large."

tunCERT

"tunCERT is the National CERT of the Tunisian government under the National Agency for Computer Security. tunCERT is one of the CERT that graciously partook in pioneering ngCERT"

FiRST

"FIRST is a recognized global leader in incident response that brings together a variety of computer security incident response teams from government, commercial, and educational organizations."

Team Cymru

"Team Cymru was formed in 1998 to learn the "who and why" of malicious Internet activity. This focus on attribution resulted in the uncovering of the "what, when, where, and how" of online malevolence"

Copyright © 2021 | Designed by ngCERT