African Union Convention on Cyber Security and Personal Data Protection | African Union

The Malabo Convention was drafted in 2011 and adopted in 2014. By March 2022, 14 African Union member sates signed the convention and 13 ratified it.

The Convention provides 34 definitions including those for child pornography, computer data, cryptology, electronic commerce, interconnection of personal data, and personal data, establishing an effective legal framework addressing electronic transactions, personal data protection, cybersecurity and cybercrime.

 

New Somnia ransomware attacks target corporations in Ukraine

The Computer Emergency Response Team of Ukraine (CERT-UA) reported the spread of a new ransomware strain called ‘Somnia’, attributing the attacks to the Russian threat actor known as ‘From Russia with Love’ (FRwL), also known as ‘Z-Team’. The ransomware attacks targeted Ukrainian corporations’ employees, using their Telegram accounts to try and gain access to a corporate network.

As explained by CERT-UA, the group used fake sites that mimic the ‘Advanced IP Scanner’ software, which, if downloaded, infects the victim’s computer with the Vidar data-stealing malware that can capture Telegram session data, as well as take over the victim’s account.

Then, the threat actors used victims’ Telegram accounts to gain access to the corporate network. Once access to the target’s network was obtained, the hackers executed reconnaissance operations using tools like Netscan and deployed Cobalt Strike Beacons before exfiltrating data.

According to CERT-UA, the group had previously revealed that they created Somnia ransomware on Telegram and posted evidence of the attacks they made against Ukrainian targets.