Monday morning ‘quickie’
All 10 domains in a core overview. Click to go to the YouTube playlist
The ability to learn at your own pace without breaking the bank has a few advantages. Any previous learner will get a special discount on any course. Costs will be kept realistic as we believe electronic delivery should be much more realistic due to the usage of technology.
First courses being delivered with many in the pipeline which will the prioritised… some courses will be available at no cost and we have specials for previous SACS learners.
If you want any additional details on any of the upcoming courses… make sure you are subscribed to the training list. Subscribe here
An extract fro...Read More
A short podcast which is available as a download covers domain 9 in the CISSP CBK which is Law, Regulations, Investigations & Compliance and is just over 34 minutes long. This is to cover some information and not be too ‘in-depth’
Listen on SoundCloud (Downloadable)Read More
Listening to the radio one morning dropping of my son at school, there was a prank call to a lady that said she was offered a bribe by a police officer for not stopping properly at a stop sign. The overwhelming results from the listeners in the area was phoning in, tweeting, emailing and text message sharing their experiences with corrupt traffic officers in the area. One phoned in to complain that this has been an article in the local news paper about two years ago and NOTHING has been done to address this.
I have been stopped once and I was told I was speeding and was offered to make up my own amount to pay as the actual fine is R800 (approx $80)...Read More
I have seen the ‘Ransomware’ increasing as a persistent threat and although there is a simple solution, in the event of the threat realisation, which is backups. As soon as you lose access to your data, you can retrieve a backup copy. The problem exists which
The following video is a small example of a file that came into my email and how you can use a free service such as VirusTotal to check for a possible threat. The video is 6min long and just shows some tricks that the fraudsters use to see if they can get users to click on the file.
The ‘ransomware’ in this case was sent from an email server in Mauritius however, this most certainly is also compromised.
Practice SAFE HEX!Read More
I have been involved with developed for a very good part of my life and have advocated the following statements when delivering Information Security Training mostly to solicit reaction from the converted.
“Heartbleed,the hole in the internet’s security that exposed countless encrypted transactions to any attacker who knew how to abuse it.”
“Open Source software is software that failed elsewhere” When I get a lot of reaction from the audience I will explain my reasoning with examples which I feel strongly are:
I have looked around and found a document of 250 questions created by Alfred Ouyang and it is licensed under ‘Creative Commons: Attribution, Non-Commercial, Share-Alike’. So you can either do it via grabbing the document however, we have decided to put this up onto a web front-end and in the spirit of Creative Commons, giving it a nice push
This is available at no cost however you need to create a User ID that has to be verified by yourself in an email.
You can have as many attempts as you like, and we are busy adding more at the back-end. Make sure you subscribe to the SACS CISSP Question-A-Day to make you get notification as we roll out new items.
Practice Safe HEX!
Mervin Pearce (CISSP-ISSAP)
We have seen that digital forensics is getting a lot of attention and many want to dabble in the process. A very important fact to remember is that the evidence is critical as well as the steps taken to make sure it is admissible as evidence. The last thing you want is to have your evidence ‘tainted’ and thrown out due incorrect procedures taken. This means that the evidence needs to be collected using tested and proven procedures… and documented all the time.
You need to collect evidence in the order of volatility starting with those that are most volatile. This means if it is RAM content you need you will start there as it will disappear as soon as you switch the workstation or server off...Read More