CyberPlural’s Annual Cybersecurity Report 2022

Cyberplural has released it’s 2022 cybersecurity report. Cyberplural is a cybersecurity company based in Abuja that provides cybersecurity services such as security operations, threat intelligence. System assessment and Audit, research and development and also cybersecurity training.

Some  insight on the Report.

This is Cyber Plural’s first edition of this report which details security incidents , trends, impacts and changes in the Nigeria’s cybersecurity space.

Q4 2022

  • CVEs from Q4 of 2021 and Q1, Q2 and Q3 of 2022 are still been exploited. Critical National Infrastructure (CNI) of countries and businesses continue to be the target of multiple breaches and ransomware attacks in Q4.
  • Certain threat actors or groups are now going around with phishing campaigns targeted at businesses
    /organizations in Nigeria. Hosted their novel script that will harvest unsuspecting users’ credentials on IPFS.
  • From phishing scams to backdoor breaches, a wide range of cyberattacks have been used just this year to
    steal millions of dollars in crypto. Interesting was the use of crypto stealer malware targeting crypto platform extensions in browsers.
  • Threat Actors were observed to be scanning for and attempting exploitation for initial access vulnerabilities such as Log4j, and Exchange vuln; across organizations in Nigeria with combined pressure by leveraging social engineering through phishing emails containing info stealer malware.
  • Several unreported incidents involving misconfiguration of cloud infrastructure and insecure applications design have led to breaches of confidentiality, availability and integrity within the startup space.

Persistent Threat Actors Operations.

It is the case with the activities of the threat actor (TA) /group that the  team observed for almost 3 weeks in the month of November. During this period (starting from the second week of November), our observations revealed the interest of the threat actor/group which was to gain initial access leveraging possible vulnerabilities on the Internet facing assets.

Q3 2022

  • Several unreported incidents hit Nigerian businesses, as many continue to treat cybersecurity incidents as IT related problems. This has resulted in huge downtime of services and financial loss for affected businesses.
  • CVEs from Q4 of 2021 and Q1, Q2 of 2022 are still been exploited. CNIs of countries and businesses are the target of multiple breaches and ransomware attacks in Q3. Government-wide network attacks and breaches become prevalent.
  • Our Dark web HUMINT engagement reported the proliferation of new tools and upgrades to existing and
    new variants of ransomware from Ransomware groups. Invitation-only forums focused on initial access are also been leverage by cyber criminals.
    Cyber Plural’s Threat Intelligence Team came across a server on the Internet serving critical information identified to be related to businesses and organizations that are more focused on finance / FinTech in Nigeria.
  • A relatively new social engineering technique known as “MFA Fatigue” has been successfully used to
    compromise employee accounts at large corporations like Uber, Microsoft, and Cisco.

You can find more detail in the report here

Total
0
Shares
4 1 vote
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
Prev
The Cyber-Grinch is in Town: Here Are Ways to be Safe Online This Holiday Season

The Cyber-Grinch is in Town: Here Are Ways to be Safe Online This Holiday Season

Now that the holiday season is here, many people’s to-do lists include

Next
CyBlack – A Cybersecurity Community Making a Difference in Europe
CyBlack is One

CyBlack – A Cybersecurity Community Making a Difference in Europe

About CyBlack A year ago, Iretioluwa Akerele, Aliyu Yisa, Febisola Olanipekun,

You May Also Like
0
Would love your thoughts, please comment.x
()
x