Career PathGRC
In our second series on career path, Mosimi interviewed cybersecurity professionals in Governance, Risk and Compliance(GRC).If you missed it, check out our first series on security assessment. There are two main categories of career paths in cybersecurity- Strategic and Tactical. The Strategic Path focuses on areas such as Governance, Risk and Compliance (GRC), IT Audit, […]...
Career PathSecurity Assessment
Cybersecurity as we know it today has many subdomains but alot of people tend to focus on some very few(penetration testing and it’s variants).While that is intresting, there are so many opportunites in other subdomains.It is for this reason that Mosimiolu – A senior cybersecurity consultant and a member of the NaijaSecForce interviewed prominent Nigerian […]...
EDRHackingRed Teaming
A recent client engagement had me thinking about ways to evade security tools that rely heavily on command line arguments. During a red team task, I wanted to dump the SAM database of the victim’s system, but I knew that commands such as “reg save HKLM\SAM SAM” would easily be caught by the installed EDR. […]...
HackingRed Teaming
Overview Red Teaming has rapidly transitioned from Living off the Land (LotL) to Bringing Your Own Land (BYOL). It is now possible to execute .NET assemblies entirely within memory. By developing custom C#-based assemblies, attackers no longer need to rely on the tools present on the target system; they can instead write and deliver their […]...
HackingMalware
Time Frame 3rd November, 2019 – Current Overview The NaijaSecForce team have detected a new wave of malware spreading across Africa and the Middle East. This malware comes in form of a spam campaign targeting corporate mailboxes within Africa and the Middle east. We started receiving reports of this malware campaign on the 3rd of […]...
ForensicsHacking
This article was written for eForensics Magazine USB Mass Storage devices come in several small sizes, capable of usage as attack tools against any group or organization. To this effect, researchers from Ben-Gurion University in Israel have discovered 29 ways USB devices can be used to attack and compromise computer systems. Likewise, the Insider Threat […]...
AfricaCyber securityTalent Shortage
Are you awake all-night thinking of the effects of Africa’s cybersecurity skills gap and rising brain drain on your team? It’s time to think differently. Recently, my friend and I combed through a mental list of ex-colleagues and realized that we were the last men standing (I am a woman). Everyone in our previous clique […]...
Cyber securitymeetupNetworking
Yassss!!! NaijaSecCon held its first Abuja Meet-Up on the 28th of September,2019 after the long wait (smiles). It was a great meetup as there were industry veterans who were available to give talks on various interesting topics and also amazing participants. Mr Onifade Opeyemi who is the CEO of Afenoid enterprise gave a talk on […]...
HackingReverse Shell
My team was recently engaged by a client (HackMe) to perform a black-box external penetration test. The objective was simple – see how susceptible the organization is from an external point of view and test the effectiveness of the security controls that are managed enterprise-wide. As such, asides, the company name, we were given “ZERO” […]...
