OpenSSL Heartbleed Security Vulnerability – My 2c

OpenSSL Heartbleed Security Vulnerability  - My 2c

I have been involved with developed for a very good part of my life and have advocated the following statements when delivering Information Security Training mostly to solicit reaction from the converted.

“Heartbleed,the hole in the internet’s security that exposed countless encrypted transactions to any attacker who knew how to abuse it.”

“Open Source software is software that failed elsewhere”  When I get a lot of reaction from the audience I will explain my reasoning with examples which I feel strongly are:

  1. Open Source is an excellent way for start-ups or developers to get the public to beta test their software without forking out actual $ for testers.
  2. Once you have a great following, take you software from Open Source to a commerci...
Read More

CISSP Assessment – 250 Questions Online – Creative Commons

CISSP Assessment – 250 Questions Online – Creative Commons

I have looked around and found a document of 250 questions created by Alfred Ouyang and it is licensed under  ‘Creative Commons: Attribution, Non-Commercial, Share-Alike’.  So you can either do it via grabbing the document however, we have decided to put this up onto a web front-end and in the spirit of Creative Commons, giving it a nice push

This is available at no cost however you need to create a User ID that has to be verified by yourself in an email.

http://sacs.co.za/elearning/

You can have as many attempts as you like, and we are busy adding more at the back-end.  Make sure you subscribe to the SACS CISSP Question-A-Day to make you get notification as we roll out new items.

Practice Safe HEX!
Mervin Pearce (CISSP-ISSAP)

Read More

CISSP – Physical (Environmental) Review – Podcast

CISSP Domain 10 – Physical (Environmental) Security  34 minute Review , available on Soundcloud.

CISSP Physical (Environmental) Security Review

 

Read More

Digital Forensics – 101

Digital Forensics – 101

Evidence Collection

We have seen that digital forensics is getting a lot of attention and many want to dabble in the process.  A very important fact to remember is that the evidence is critical as well as the steps taken to make sure it is admissible as evidence.  The last thing you want is to have your evidence ‘tainted’ and thrown out due incorrect procedures taken.  This means that the evidence needs to be collected using tested and proven procedures… and documented all the time.

Evidence is Volatile

You need to collect evidence in the order of volatility starting with those that are most volatile.  This means if it is RAM content you need you will start there as it will disappear as soon as you switch the workstation or server off...

Read More

Web Attack – Persistent Threat Vector

Web Attack – Persistent Threat Vector

Monitoring your web logs it is easy to spot an attack vector taking place.  In this sample, I have taken a snapshot of a web server which shows the visitor vs. visit graph.  The ratio between the two can be an indication of an attack occurring.  In this example the last day there are 9 visitors to the sites and 1,263 visits.  The visit(s) is an indication of the number of sessions created.  The following video clip is an attack on WordPress sites monitored by Wordfence (a plugin)

In real-world terms if a user visits your site you get a visitor and a visit statistic, when he clicks on another link, the visitor number stays the same but the visit number gets incremented by one...

Read More

Quick overview on CISSP

A 90 minute overview of a CISSP course… Have fun!

https://www.dropbox.com/s/966rnvkh3h562eq/SACSCore41.rar

If you have any problems due to download limitations send me an email and I will create a direct link for the download moc.ecraepnivremnull@nivrem

Read More

A CISSP Question a Day

A CISSP Question a day

We are launching a question a day with detailed answers for you to receive in your mailbox.  The questions are based on the 10 CISSP domains and develop to test your knowledge and allow you to enjoy a daily refresher.

Subscribe using the SACS subscription page

 

Read More

Help! Someone stole my photos! – Copyright Infringement

Help! Someone stole my photos! – Copyright Infringement

The Copyright Act in South Africa has changed a few times over the last few years and locally (South Africa) it is not a requirement to register a copyright as in the USA. (USA is $35 per copyright but you can purchase a bulk cover). In South Africa it is the Copyright Act of 1978 and Amendments September 1992.

Great_train_robbery_Barnes

http://commons.wikimedia.org/wiki/File%3AGreat_train_robbery_Barnes.jpg

What do you do when you find someone has used your material illegally.  The best is send them an invoice.  Do NOT go through lawyers unless it is a substantial amount at it would cost you more at the end.

Tumblr Page dedicated to naming and shaming of ‘Photo Stealers’  At this site, people are name and shamed and it becomes apparent

I use TinEye plugin ...

Read More

Information Security Policies – Open sourced

Information Security Policies – Open sourced

Security Audit a Control Solutions (SACS) is bringing the Information Security Policies course as an open source course to the market.  This will be delivered as a online training course through SACS eLearning portal.  There is video course material, sample policies and template with communication to the course leaders.  A knowledge based test will be available at the end of the course.

Why are we doing this?  Time to give back and focus on items that is crucial and sometimes overlooked.  We have found this in fraud investigations where staff never signed any policies or the policies are non-enforceable.

If you would like to be included in the first open source content from SACS, make sure and send an email to the training facilitator by cl...

Read More

Don’t be a Phishing victim + Kerberos review

A forensic investigation completed showed clear evidence of a staff member clicking on a phishing link and ‘changing’ his logon details.  As part of any message you MUST make sure the Internet headers are trusted.  If not, staff should report this to the information security function.  Here is a short video that shows you how to enable Internet header review in Microsoft Outlook.

Have you decided to take up a certification in 2014… well the CISSP is a grueling 6 hour exam testing your knowledge over 10 domain.  We have a instructor led session coming up in March from the 3rd – 7th .

Early Bird Special R9, 995.00 (Excluding VAT) Offer Ends 31st January 2014 – Book Now
CISSP Boot Camp R10, 995.00 (Excluding VAT)

The content of the new course incl...

Read More