Nigeria’s Cyberspace ISAC + People CERT

We are your first line of defense against cyber threats. Our team of experts is ready to respond to incidents and keep your systems secure.

Report an Incident Report a Vulnerability Our Github

Latest News & Updates

NEWS

The Rise and Fall of Evgenii Ptitsyn: A Case Study in Cyber Extortion

Interestingly, the activities of Phobos affiliates have also been noted on the shores of Nigeria as early as 2023. In 2024 ..

Nigerian national gets 10-year for stealing $20 million through BEC scams

A Nigerian national was sentenced to 10 years in U.S. federal prison for stealing almost $20 million from hundreds of people through cyber fraud

Interpol operation nets 41 arrests, takedown of 22,000 malicious IPs

Interpol announced 41 arrests and the seizure of hundreds of servers in an ops intended to take down malicious IP addresses used for phishing..

Addressing Misconfigured Telecom Infrastructure

Our team has identified multiple reports concerning misconfigured telecom infrastructure. Notably, some of these issues involve AP deployed in residential environments

Advisory: Exploitation of CVE-2023-27532 on Veeam by Ransomware Groups

Estate and Phobos Ransomware Group have been exploiting the CVE-2023-27532 vulnerability in Veeam Backup & Replication for initial access

Addressing Threats to Our Educational and Government Websites

Our analysis reveals that threat groups specializing in website defacement and backdoor access are targeting the educational and government sectors.

ALERT

The Declutter Deception: A Digital Fraud Story

.One such scheme involves a fraudster who steals images of items from legitimate declutter businesses and masquerades as a genuine seller. By creating enticing ads on platforms like Instagram and Facebook, they attract potential buyers looking for great deals

Advisory: Increased APT Activities in Nigeria

Since mid-2022, there has been a notable rise in Advanced Persistent Threat (APT) activities along the shores of Nigeria. Recent data from supporting Security Operations Centers (SOC) and Managed Security Service Providers (MSSP)..

ZamaniMart - New Phishing Campaign Targeting Victims in Nigeria

This threat group employs a deceptive shopping module to lure victims via WhatsApp, aiming to collect sensitive financial information, including credit card details and login credentials. Then transfer funds from the victims' accounts

The Rise of Fake Advertisements Targeting Vulnerable Users on Facebook

We have observed a troubling increase in fake advertisements aimed at vulnerable users on Facebook. These threat groups are leveraging deceptive tactics, such as promoting fake welfare packages

Immediate Threats to Mikrotik Routers

We recently observed a concerning incident involving a threat group specializing in exploiting vulnerable Mikrotik routers running outdated RouterOS. Within minutes, we detected the group attempting to brute-force access via Telnet.

The Risks of Misconfiguration on Internet-Facing Assets and Its Impact on Data Protection

These misconfigurations expose personally identifiable information (PII) of users and customers, raising serious concerns about the effectiveness of data protection measures and revealing a troubling trend of mere paper compliance

A Look into Deceptive Practices Targeting Bank Customers

These malicious actors have been quick to capitalize on the situation by setting up fake or replica versions of corporate banking websites to deceive individuals into divulging their personally identifiable information.