Cyber security
Official URL: ABCCCYBERHACKATHON Organized by: CTF.NG – A NaijaSecForce Initiative Date: 16th – 18th August, 2021 Background The NaijaSecForce team in partnership with the American Business Council Nigeria (ABC Nigeria) and Comercio Limited (a leading information technology solution provider in Nigeria) organized a Capture The Flag contest as part of the 2021 Cybersecurity Conference. The […]...
Career
We understand how daunting it is to decide on certifications to take as a Cybersecurity professional or enthusiast. As we might know already, Cybersecurity has multiple domains. In this post, we shall be focusing on the “Security Operations” domain and splitting into Forensics, Incident Response & Threat Intelligence. There is also a sub-domain within “Security […]...
Threat Intelligence
Microsoft has released security updates for Exchange Server 2013, 2016, and 2019, where 4 actively exploited #security vulnerabilities were fixed. 3 of them could allow remote code execution, and one vulnerability (CVE-2021-26855) could allow server-side request forgery. To know more about this and what you should do as an organisation, the research team at nsfLABs […]...
Cyber security
The way we talked about Cybersecurity in this decade was like never before. One cannot write about 10 years of Cybersecurity in Nigeria without revisiting some of the major events preceeding this period, which had set the ball rolling for the developments witnessed. The question to be answered here is, “Did we improve?”....
Career
Cybersecurity remains a great concern and as cyber attacks continue to rise, Cybersecurity teams have the responsibility of protecting IT infrastutures, networks and data among others from cyber attacks. For effective management of cyber risk, cybersecurity teams should incorporate the following: Review completeness of asset inventory: You need complete visibility into what is on your […]...
Cloud Security
On this series on career path, Mosimi interviewed cybersecurity professionals on cloud security. The cloud has changed how people use the Internet. This is especially true for companies and organizations who are adopting the use of cloud. While the adoption has increased, so have the challenges in regards to cloud security. Cloud security is a […]...
Hacking
February 11 is Safer Internet Day and the theme for this year’s is “Together for a better internet”. Safer internet day is celebrated globally to promote the safe and positive use of digital technology for children and young people and inspire a national conversation. Subsequent, to our review of Data Breaches in 2019. We are […]...
Data breaches
Many organisations today are leveraging the cloud to transform their business and help with cost reduction. However, the adoption of cloud technology introduces new risks, security and privacy concerns. One of these risks introduced are Data Breaches. There is an increasing number of exposed databases containing Personal Identifiable Information (“PII”) and Personal Health Information (“PHI”) and even sensitive company data (more details later on). ...
Bug bountyCareer Path
On this series on career path, Mosimi interviewed cybersecurity profesionals on bug bounty. Bug bounty is a tactical path in cybersecurity that gives security researchers an opportunity to report vulnerablilites in softwares and application that can be exploited. Bug bounty programs allow the developers to discover and resolve bugs before the general public is aware of them, preventing incidents of widespread abuse. There are various bug bounty platforms that offers bug bounty hunters an oppourtunity to get paid for finding security flaws in applications/softwares. This includes Hackerone, Bugcrowd, Facebook, and Google Project Zero among others. Bug bounty programs promotes responsible disclosure and it is powering millionnaire hackers globally. According to HackerOne, "a critical vulnerability solution can yield a hacker an average of $3,384."...
HackingMalwareThreat Intelligence
Starting from late November, 2019 till now (9th December, 2019), the NaijaSecForce team detected a surge in Emotet spam campaign targeting corporate mailboxes within Africa and Globally. Emotet is not new as it was first recorded in 2014. Emotet is an extremely sophisticated and destructive banking Trojan used to download and install other malware. ...
