LUCT CyberSquad
United we Shield...💻🖥️📱🌐🛡️⚔️🔐
Securing the Future!!!
21/06/2026
🚨 CyberSquad Saw It Coming | DFIR Training Wasn’t a Coincidence 🚨
24 billion records. 8 terabytes of stolen logins.
South Africans are being urged to change passwords _right now_ after one of the biggest data leaks in history just dropped.
Here’s the Lesotho angle:
Most `.ls` domains + Lesotho org websites are hosted in South Africa. proved it at Universal Acceptance 2025.
That means when SA gets hit, Lesotho gets hit too. Your bank, school, gov site… if the server’s in JHB or Cape Town, your data, uptime, and incident response depend on infrastructure outside our borders.
This is exactly why CyberSquad pushed for DFIR training for youths across universities.
We’ve been warning: cyber threats aren’t “if”, they’re “when”. Prevention alone won’t save you when credentials flood the dark web. What saves organizations is people who can _detect, investigate, and respond fast_ when breaches like this hit — even across borders.
That’s Digital Forensics & Incident Response.
That’s why our training covered:
✅ Evidence collection & preservation
✅ Log analysis & threat investigation
✅ Network traffic + memory forensics
✅ Cloud & SaaS forensics
✅ Real-world incident response
✅ Turning cyber incidents into actionable intel
What flagged means for us:
1. Shared risk - SA data center breach = exposure for Lesotho banks, schools, gov sites hosted there
2. Response time - Lesotho DFIR teams must work _across borders_ with SA hosting providers to get logs + contain fast
3. Digital sovereignty - We can’t outsource response. We need local talent who can chase clues even when servers aren’t here
While others are reacting today, CyberSquad youth are already training to lead the response tomorrow.
Your move right now:
1. Change passwords - especially email + banking
2. Use unique passwords for every account
3. Turn on 2FA everywhere
4. Watch for weird logins
Don’t wait for the next breach to care about cybersecurity. The leak proves it: IT alone isn’t enough. You need cybersecurity + DFIR teams _alongside_ IT teams, not after the damage.
Train now. Respond later. Thank yourself when it happens.
🚨 SOUTH AFRICANS URGED TO CHANGE PASSWORDS AFTER MASSIVE GLOBAL DATA LEAK
A major cybersecurity warning has been issued to South Africans following the discovery of one of the largest data leaks ever recorded.
Security researchers recently uncovered a staggering database containing approximately 24 billion compromised records, with the leaked information reportedly occupying around 8 terabytes of data. The exposed records are believed to include usernames, passwords, email addresses and login credentials linked to various online platforms.
Experts warn that cybercriminals can use stolen login details to gain unauthorized access to social media accounts, banking profiles, email accounts and other online services, especially when people reuse the same password across multiple platforms.
🔹 Cybersecurity specialists are advising South Africans to: • Change passwords immediately, especially for email and banking accounts. • Use strong, unique passwords for every online account. • Enable two-factor authentication (2FA) wherever possible. • Monitor accounts for suspicious login attempts or unusual activity. • Avoid clicking on suspicious links sent via email, SMS or social media.
The leak highlights the growing threat of cybercrime worldwide and serves as a reminder that personal online security is more important than ever. Even if your information was not directly exposed in this breach, experts say updating passwords regularly remains one of the best ways to protect yourself.
Have you changed your passwords recently, or do you still use the same password for multiple accounts?
👉 Share this post to warn friends and family.
If you’re seeing this for the first time, FOLLOW The Mzansi Plug — we break news before mainstream media does.
Follow The Mzansi Plug for real-time breaking news across Mzansi and beyond.
🎉🏆Combined Universities Cybersecurity Training for Youths🏆🎉
Every cyberattack leaves behind clues. The real challenge is knowing how to find them, analyze them, and respond before the damage escalates.
As cyber threats become more sophisticated, organizations need professionals who can investigate security incidents, uncover digital evidence, and lead effective response efforts. That's where Digital Forensics & Incident Response (DFIR) comes in.
Our DFIR training program is designed to help aspiring cybersecurity professionals develop the practical skills needed to detect, investigate, and respond to real-world cyber incidents.
What we must learn and perfect it:
✅ Digital Forensics Investigation Techniques - Disk, memory, network & mobile forensics
✅ Incident Detection & Response Processes - NIST/ISO incident lifecycle, containment strategies
✅ Evidence Collection & Preservation - Chain of custody, forensic imaging, write-blockers
✅ Log Analysis & Threat Investigation - SIEM, Windows Event Logs, Sysmon, Linux logs
✅ Malware Analysis Fundamentals - Static + dynamic analysis, sandboxing, IOC extraction
✅ Network Traffic Analysis - Wireshark, Zeek, IDS/IPS alerts, PCAP analysis
✅ Timeline & Artifact Analysis - Registry, Prefetch, MFT, browser history, file timestamps
✅ Memory Forensics - Volatility, RAM dumps, rootkit detection
✅ Cloud & SaaS Forensics - AWS/Azure/Office365 logs, cloud incident response
✅ Threat Intelligence & IOC Development - Turning findings into actionable intel
✅ Reporting & Legal Procedures - Writing forensic reports, courtroom testimony basics
✅ Real-World DFIR Case Studies - Ransomware, insider threats, BEC, data exfiltration
Why DFIR?
Because cybersecurity is no longer just about prevention. Organizations need experts who can rapidly identify threats, analyze attacks, contain incidents, and support recovery efforts while preserving critical evidence.
Whether you're a student, SOC analyst, security professional, or aspiring incident responder, DFIR skills can open doors to some of the most in-demand roles in cybersecurity.
Learn from industry-relevant training from real experts from Lesotho Communications Authority gain hands-on experience through practical labs, and build the expertise needed to thrive in modern cyber defense environments.
Start building the skills that turn cyber incidents into actionable intelligence.
🚨 FortiBleed Detected | Immediate Action Required 🚨
Heads up: FortiBleed vulnerability alerts are active right now.
Installing more “cyber defense systems” won’t solve this.
The real gap: Having _only_ an IT team is not enough anymore.
Every organization needs cybersecurity teams working alongside IT teams — not as an afterthought, not outsourced only during a crisis.
IT keeps systems running. Cybersecurity teams stop, detect, and respond to threats like FortiBleed. You need both, side by side, sharing intel and patching fast.
Tools without dedicated security people = exposure.
If your org doesn’t have cybersecurity talent working _with_ IT daily, that’s the vulnerability attackers will use.
20/06/2026
🚨 Combined universities cybersecurity training continues 🚨
🔥 MEET our TRAINER: SELAKANE KHAILE 🔥
We are thrilled to announce that Selakane Khaile, a Cybersecurity Engineer at the Lesotho Communications Authority (LCA), will be leading two high-impact sessions at our upcoming Inter-Varsity Cybersecurity Training.
Selakane is no ordinary trainer. he holds a BSc (Hons) in Computing and is a certified Junior Pe*******on Tester, BTL1 (Blue Team Level 1), Certified SOC Analyst, and a FIRST Tier 3 Trainer. he is also an active CTF player, constantly sharpening his skills through competitive cybersecurity challenges. His real-world experience across both offensive and defensive security makes him the perfect guide for anyone looking to break into this field.
🤖 SESSION 1: AI IN SECURITY
In this session, Selakane will take you into the exciting world of Artificial Intelligence and Cybersecurity. You will learn how AI is transforming threat detection and incident response, and how machine learning is being used to predict and prevent cyberattacks before they happen. he will also uncover the dark side – how attackers are weaponizing AI for cybercrime – and show you how to build AI-resilient security operations. Expect practical demonstrations of AI-powered security tools that are shaping the future of defence.
🐛 SESSION 2: BUG BOUNTY 101
If you have ever wanted to get paid for finding vulnerabilities, this session is for you. Selakane will break down what bug bounty is and how the entire process works. You will learn how to find your first bug, what tools and methodologies top bounty hunters use, and most importantly – how to practice responsible disclosure the right way. This is your chance to turn ethical hacking into a real career or side hustle.
📅 Event Details
The Inter-Varsity Training runs
from 8th June to 5th July 2026,
from 8:00 AM to 2:30 PM daily,
at Limkokwing University Lesotho – Hall 3 (Multi-purpose) .
don't wait just join us
19/06/2026
Day 8 – of Inter Varsity cybersecurity training, and what a session it was! 🇱🇸🔥
Today we had the privilege of hosting Mr Tsepang Nkoe and his colleague Selakane Khaile from the Lesotho Communications Authority (LCA).
They delivered an incredible session covering:
🛡️ Network Security & Defense – real-world strategies to protect infrastructure
📱 Mobile App Security – identifying vulnerabilities and securing mobile ecosystems
We are truly grateful for their time and expertise. Learning directly from industry experts like this is exactly what builds a strong, capable, and ready cyber workforce in Lesotho.
Thank you, LCA, for investing in our youth! 🙌
🚨 STOP! Don't Scan That QR Code! 🚨
That restaurant menu QR code?
That parking meter QR code?
That "free WiFi" QR code?
Mall vibes or win win vibe?
It could be a TRAP. Here's how hackers are using QR codes to steal your data RIGHT NOW 👇
🔴 THE SCAM IS CALLED "QUISHING"
(QR Code + Phishing)
Hackers paste FAKE QR codes over real ones.
You scan it. It looks legit.
But it sends you to a clone site that steals:
⚠️ Your bank login
⚠️ Your passwords
⚠️ Your personal data
⚠️ Installs malware on your phone
📍 WHERE FAKE QR CODES ARE FOUND:
• Parking meters (stickers placed over real ones)
• Restaurant tables
• Bus stops & posters
• Emails & text messages
• Fake package delivery notices
* Malls
• Public WiFi signs
🛡️ HOW TO PROTECT YOURSELF:
1️⃣ PREVIEW the URL before opening — if it looks weird, DON'T tap it
2️⃣ Check if the QR code is a STICKER placed over another one
3️⃣ Never enter passwords or banking info from a QR code link
4️⃣ Use your phone's built-in camera, NOT random QR apps
5️⃣ If a QR code asks to download something — RED FLAG 🚩
6️⃣ When in doubt, type the website manually instead
💀 REAL CASE:
In 2024, criminals placed fake QR codes on parking meters across major cities. Drivers scanned to "pay for parking" and entered their card details on a cloned payment site. Thousands lost money before anyone noticed.
One scan. That's all it takes.
Your phone is your life — your bank, your photos, your identity.
Don't hand it to a hacker through a tiny square.
18/06/2026
🔥 TOMORROW! 🔥 19 June 2026
We're kicking things off with a session led by none other than Tsepang Nkoe is a Cybersecurity Engineer and CSIRT Analyst at the Lesotho Communications Authority, working within the LS ComCSIRT team across the full security lifecycle: blue team operations, incident response, security operations, detection engineering mapped to MITRE ATT&CK, vulnerability management, and mobile application security testing. He holds a Bachelor of Engineering in Computer Systems and Networks, awarded with First Class Honours, from the National University of Lesotho.
He is a FIRST Tier 3 trainer and is ITU-certified in conducting security audits of mobile payment applications against the ITU-T X.1150 framework, covering mobile application security and pe*******on testing. From EC-Council he holds the Certified Network Defender and Certified SOC Analyst credentials, with further certifications in cyber threat intelligence, attack surface management, email security, and digital risk protection. He placed first overall in the FIRST × AFRALTI Operation Glass House cyberdrill, conducts coordinated vulnerability disclosure against high-assurance targets including a national e-voting system, and developed the CIPHER Framework for translating technical risk into executive decision-making
Network Security is on the menu – firewalls, VPNs, attacks, defenses, and everything in between. 🛡️
Our squad is ready. Are you? Bring the energy, bring the questions, and let's make tomorrow count! 💪
Full timetable coming soon. Stay tuned!
Shout out to my newest followers! Excited to have you onboard! Jst Mohau Mokhakala, Thapelo Ntsane, Taelo Goodwill Mafokane, Sealemoea Lebetla, Mmeme Matsepe, Keketso Mohai, Khooanyana Lucia, Boitumelo Lesaoana, Phiri David Lets'ela, Thapelo Damane, Ausi Martha Pita, Victor Likoebe, Ausy Zanny, Matsana Sehloho, Polite Phalatsi, Molefi Lebakeng, Matlotla Ramohlabi, Mope Maphutseng, Andriase Nchabeng Enester, Rorisang Sets'abi, Setlaba Paballo, Katiso Letlotlo, Khosi David Pheku, Sylvester Moiloa, Mapeshoane Reabetsoe, Malefetsane Soai, Rankabi Manosa, David Moepeng, Mabekebeke Khamali, Khauhelo Nqhoaki, Mkay Khonyane, Ntate Cyber, Lasechaba Sechaba, Wise Ťhamae, Libe Limpho, Tēē Kay LS, Seeiso Jerry
if you want to learn: ethical hacking, cybersecurity Defence, Pe*******on Testing, digital forensics
join us
We have new schedule for this week
Training continues: Monday, wensday & Friday only
Click here to claim your Sponsored Listing.
Category
Website
Address
Maseru