58% of Nigerian Women Face Online Harm — Gatefield Report Reveals

In addition, 26% of Nigerians aged 25–34 experience the highest rates of online harms

Dear subscriber,

Welcome to this edition of the Top Tech Security Brief.

😊Enjoy reading as we unfold recent stories and happenings in the cybersecurity world and that of Africa.

Beginning with African stories:

Nigeria Data Protection Commission Investigates TikTok and Truecaller Over Data Privacy Violations

The Nigeria Data Protection Commission (NDPC) has launched an investigation into TikTok and Truecaller over alleged breaches of data privacy regulations.

This move affirms the commission’s dedication to upholding the Nigeria Data Protection Act (NDPA) and ensuring that local and foreign entities operating in the country adhere to established data protection standards.

That said, let’s take time to applaud the NDPC; they are doing something marvelous.

Initially, only 4% of organizations in Nigeria complied with data regulations, but following sustained enforcement actions and stakeholder engagement, compliance rates have now exceeded 55%.

---

Ghana President’s X Account Hacked in Growing Trend of Crypto Scams in Africa

The official X account of Ghana’s President, H.E. John Mahama, got hacked a few days ago and was to promote Solano Africa cryptocurrency.

It wasn’t the first time a high-profile account was compromised and used for crypto advertisement.

In 2025 alone, Africa has recorded several cases.

For instance, Tanzanian billionaire Mohammed Dewji's X account was compromised by crypto scammers and was utilized to promote a fraudulent cryptocurrency token named $Tanzania.

Another instance involves the official social media accounts of the South African Parliament which was hacked to promote a cryptocurrency token named after President Cyril Ramaphosa.

It’s a clear indication attackers are after high-profile accounts and so we must be vigilant.

A post from an authoritative account doesn’t necessarily mean they authored it.

---

"58% of Nigerian women experience online harm", Gatefield Report

According to the “State of Online Harms in Nigeria 2024” report by Gatefield, 58% of Nigerian women experience online harm, making them the primary victims of digital abuse compared to men (42%).

In addition, 26% of Nigerians aged 25–34 experience the highest rates of online harms such as fake news, misinformation, hate speech, and others.

---

Compliance

South African Financial Institutions Face 1 June 2025 Deadline for Cybersecurity Compliance

The Financial Sector Conduct Authority (FSCA) and the South African Reserve Bank (SARB) introduced the Joint Standard on Cybersecurity and Cyber Resilience Requirements in 2024, mandating financial institutions to comply by 1 June 2025.

This regulation is a significant step towards enhancing cybersecurity within South Africa’s financial sector, ensuring institutions adopt stringent security measures to combat evolving cyber threats.

Failure to comply may result in regulatory penalties and reputational damage. Read more

---

📊 Cyber Threat Watch

• Medusa Ransomware Attacks:

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have warned against the ongoing trend of Medusa ransomware attacks which has reportedly affected at least 300 victims from the critical infrastructure sector.

Medusa ransomware attack is said to have increased by 42% from 2023 to 2024 and continue to rise in 2025.

In January and February 2025, Medusa attacks nearly doubled compared to the same period in 2024.

Businesses must take proactive measures to mitigate the risk of such attacks.

To reduce the risk of Medusa ransomware attacks, the FBI and CISA gave out certain recommendations. Find them on our website.

Additionally, the Medusa ransomware has been observed leveraging a sophisticated malicious driver called ABYSSWORKER to disable endpoint detection and response (EDR) systems.

In other news:

• Cybercriminals exploit CSS to evade spam filters and track email users' actions.

• Attackers use weaponized CAPTCHA’s to execute PowerShell commands & install malware.

• Threat actors are exploiting a critical vulnerability in Apache Tomcat, identified as CVE-2025-24813, which could allow unauthorized remote code execution (RCE) on affected servers. Read more

• VMware vulnerabilities are exploited actively to bypass security controls & deploy ransomware

  ---

🎁Bonus:

Is your business or startup struggling to maintain compliance with frameworks like SOC 2, ISO 27001 & GDPR? If yes, then this is for you. Bubba AI, Inc. is on a mission to help 100,000 companies achieve compliance with cyber security frameworks like SOC 2, ISO 27001 & GDPR by 2032. Read more

🛠 Cybersecurity Tip of the Week:

Do you know what to do when your WhatsApp account gets hacked? Kaspersky has laid down steps to follow.

📅 Upcoming Events in Africa:

• Public Sector Cybersecurity Summit

• The CISO Summit 2025

• Africa CyberFest 2025

• IDC South Africa CIO Summit 2025

• MyBroadband 2025 Cloud and Security Conference

Check out the full list here.

Follow us on:

• LinkedIn

• X

Thank you for being part of the Top Tech community. Stay safe, stay informed!