ngcert | Home

InfoSec Feeds

IP surveillance: The storage it needs, on-premise and in the cloud

Feeds
November 26, 2020

Major BEC Phishing Ring Cracked Open with 3 Arrests

November 25, 2020

Use of abusive stalkerware against women skyrocketed in 2020

November 25, 2020

Securing UK’s critical national infrastructure is a 2021 priority

November 25, 2020

From front line to back office – how supporting the cyber community keeps the NHS safe

Feeds
November 25, 2020

8 benefits of a security operations center

November 25, 2020

Three cyber criminals arrested in Nigerian BEC investigation

November 25, 2020

Critical MobileIron RCE Flaw Under Active Attack

November 25, 2020

How to Update Your Remote Access Policy – And Why You Should Now

Feeds
November 25, 2020

Laser-Based Hacking from Afar Goes Beyond Amazon Alexa

November 25, 2020

Tesla Hacked and Stolen Again Using Key Fob

November 24, 2020

Blackrota Golang Backdoor Packs Heavy Obfuscation Punch

November 24, 2020

Belgian security researcher hacks Tesla with Raspberry Pi

Feeds
November 24, 2020

Business continuity vendors bolster offerings during pandemic

November 24, 2020

Nominet introduces new resources for cyber scam victims

November 24, 2020

‘Minecraft Mods’ Attack More Than 1 Million Android Devices

November 24, 2020

Smart Doorbells on Amazon, eBay, Harbor Serious Security Issues

Feeds
November 24, 2020

Post-Breach, Peatix Data Reportedly Found on Instagram, Telegram

November 24, 2020

Baidu Apps in Google Play Leak Sensitive Data

November 24, 2020

Manchester United praised for swift response to cyber attack

November 23, 2020

MPs subjected to over 22 million malicious email attacks in 2020

Feeds
November 23, 2020

Telcos could face huge fines under new security laws

November 23, 2020

NCSC issues retail security alert ahead of Black Friday sales

November 23, 2020

Certified Information Systems Auditor (CISA)

November 21, 2020

Data protection impact assessment tips and templates

Feeds
November 20, 2020

Security pros fear prosecution under outdated UK laws

November 20, 2020

Security sector broadly backs Boris Johnson’s Cyber Force

November 19, 2020

Data silos and IT complexity stifle business potential

November 19, 2020

2021 the year of commodity ransomware, says Sophos

Feeds
November 18, 2020

US cyber security chief fired for contradicting Trump

November 18, 2020

The case of Julian Assange as he faces US extradition bid – Computer Weekly Downtime Upload podcast

November 18, 2020

Red team vs. blue team vs. purple team: What's the difference?

November 4, 2020

Cybersecurity communication key to addressing risk

Feeds
November 4, 2020

3 steps to secure codebase updates, prevent vulnerabilities

September 15, 2020

Site-to-site VPN security benefits and potential risks

August 28, 2020

Security issues with working remotely (and how to fix them)

July 31, 2020

vulnerability assessment (vulnerability analysis)

Feeds
July 24, 2020

Remote backup and recovery, protection changes that will stick

July 15, 2020

Identifying and troubleshooting VPN session timeout issues

June 11, 2020

How automating incident response benefits security programs

June 3, 2020

integrated risk management (IRM)

Feeds
May 20, 2020

Use and protect backup against COVID-19-related cybercrime

April 23, 2020

Create a mobile BYOD policy for the coronavirus pandemic

April 8, 2020

managed detection and response (MDR)

April 3, 2020

What is cybersecurity? Everything you need to know

Feeds
April 3, 2020

How zero-trust authentication and architecture have evolved

March 25, 2020

4 factors that should shape a BYOD mobile policy

January 3, 2020

quantum supremacy

November 26, 2019

Lack of U.S. cryptocurrency regulation invites risk

Feeds
August 19, 2019

How to detect and defend against a TCP port 445 exploit and attacks

August 15, 2019

Azure AD Premium P1 vs. P2: Which is right for you?

August 14, 2019

What's the best way to approach multi-cloud security?

July 26, 2019

Zoom vulnerability reveals privacy issues for users

Feeds
July 12, 2019

How to fix the top 5 cybersecurity vulnerabilities

June 28, 2019

Top 10 types of information security threats for IT teams

June 28, 2019

What's the best way to mitigate the risk of GPU malware?

December 7, 2015

Millions left at risk as Android Stagefright fix pushed to September

Feeds
August 18, 2015

Web monitoring software helps keep employees honest

July 7, 2015

Fobber: Drive-by financial malware returns with new tricks

July 1, 2015

Samsung vulnerability affects up to 600 million Android devices

June 17, 2015

From the frontlines: Horror stories on information breach response

Feeds
June 11, 2015

After Windows Server 2003 end of life: An emergency action plan

June 5, 2015

IRS breach shows the importance of PII security

May 29, 2015

Is paying the ransom the only way to remove ransomware?

May 26, 2015

Google changes Chrome extension policy amid security concerns

Feeds
May 20, 2015

Comparing the top SSL VPN products

April 28, 2015

Insider threat programs need people, not technology

April 28, 2015

To protect privileged users, consider using least privilege principle

March 5, 2014

Web browser protection for users: Adapting to new Web security threats

Feeds
March 5, 2014

Surviving cyberwar: Preparing for APTs, Stuxnet malware-style attacks

July 31, 2012

Alerts & Advisories

ADVISORY ON SQL INJECTION VULNERABILITY AND OTHER BASIC NETWORK SECURITY MEASURES. An SQL injection is a technique that attackers apply to insert SQL query into input fields to then be processed by the underlying SQL database. These weaknesses are then able to be abused when entry forms allow user-generated SQL statements to query the database directly. The attack results in the unauthorized viewing of user lists, the deletion of database entries and stealing of data.

Advisory
October 16, 2020

Advisory on Intended Nationwide Cyber attack

October 15, 2020

ReVoLTE Networks Vulnerability

August 27, 2020

Tecno Phones Vulnerability

August 27, 2020

RV Series Routers Command Injection Vulnerabilities. Researchers discovered multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers. This vulnerabilities could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device.

Advisory
August 5, 2020

Remote Access Vulnerability

July 22, 2020

Cisco Small Business Routers Vulnerabilities

July 17, 2020

New EvilQuest Ransomware for macOS Systems

July 1, 2020

Webex Desktop App Vulnerability. A critical vulnerability was discovered in Cisco Webex Meetings Desktop App which might allow a malicious remote attacker to execute programs on affected end-user system. This vulnerability is caused by improper validation of input that is supplied to application URLs. Also, the attacker could exploit this vulnerability by persuading a user to follow a malicious URL.

Advisory
June 24, 2020

SaltStack FrameWork Vulnerabilities in Cisco Products

June 19, 2020

Multiple Security Vulnerabilities for Adobe Products

June 18, 2020

Multiple Security Vulnerabilities on D-LINK Home Routers

June 17, 2020

Local Privilege Escalation Vulnerability for VMware. VMware Fusion, VMRC, and Horizon Client contain a local privilege escalation vulnerability due to a Time-of-check Time-of-use (TOC/TOU) issue in the service opener. Furthermore, another local privilege escalation was discovered, which allows the application to blindly executes files from an untrusted location. Both vulnerabilities result in arbitrary code execution as root.

Advisory
June 16, 2020

ngCERT Advisory on Scranos Malware

February 10, 2020

ngCERT Advisory 19-years-old WinRAR vulnerability leads to over 100 malware exploits

February 10, 2020

ngCERT Advisory Microsoft Exchange 2013 and Newer are vulnerable to NTLM relay attacks

February 10, 2020

Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability. A vulnerability in the REST API of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network Manager (EPNM) releases prior to 3.0.2 could allow an unauthenticated remote attacker to execute arbitrary code with root privileges on the underlying operating system.

Advisory
February 10, 2020

ngCERT VMware Tools vulnerability

January 16, 2020

ngCERT 2nd Advisory on WannaCry/WCry/WCrypt0 Ransomware Warm and Remote Desktop Protocol (RDP) & Server Message Block (SMB) Protocol Vulnerability

May 15, 2017

Vulnerabilities

Windows 10 Task Scheduler Zero-Day Vulnerability. Microsoft Windows Task Scheduler is a set of Microsoft Windows components that allows for the execution of scheduled tasks. The exploit "functions reliably on 32- and 64-bit Windows 10 platforms, as well as Windows Server 2016 and Windows Server 2019.

Vulnerability
February 10, 2020

Intel Chips Vulnerability

February 10, 2020

Windows BlueKeep Vulnerability

February 10, 2020

ESXi Remote Code Execution Vulnerability

February 10, 2020

Resources

Action Plan for the Implementation of the National Cybersecurity Strategy

READ MORE & DOWNLOAD

Considering the national doctrines and principles on security, and the inter-connected nature of ICT...

Cybercrimes (prohibition, Prevention etc) Act, 2015

READ MORE & DOWNLOAD

The Act provides an effective, unified and comprehensive legal, regulatory and institutional framework for...

National Cybersecurity Policy and Strategy

READ MORE & DOWNLOAD

National Cybersecurity Policy and Strategy...

Draft Data Protection Bill 2020

READ MORE & DOWNLOAD

Draft Data Protection Bill 2020 ...

ARTICLE CATEGORIES

Latest Articles

Recent Events

Contact us

WELCOME TO NIGERIA COMPUTER EMERGENCY RESPONSE TEAM (ngCERT)

PREPARATION

IDENTIFICATION

CONTAINMENT

INVESTIGATION

ERADICATION

RECOVERY

InfoSec Feeds

Alerts & Advisories

Vulnerabilities

Resources

Videos

List

Collaborations & Membership

antiphishing.ng

tunCERT

FiRST

Team Cymru