sacs.co.za Information,sacs.co.za IP Address,sacs.co.za DNS Server
|Website / Domain:
|Website IP Address:
|Domain DNS Server:
sacs.co.za Html To Plain Text
Security Audit and Control Solutions Contact Details Event Calendar Partners Subscribe Go to ... Go to ... Home About Blog Downloads Products Fraud Manager Services Digital Forensics IT Compliance Audits PCI-DSS Audits Penetration Testing Threat Matrix Management Training Bank Fraud Management Barefoot IT Auditor CISSP Computer Forensics eLearning ISO 27000 Training DVDs First Responder Missing Link Education and Training can address that 'missing link' in your information security program. SACS eLearning a cost effective solution. Read More Dark Side of the Moon All areas needs to be scanned and documented to ensure that you are aware of all the threats. Read More Fraud Monitor and Management Eagle eyes scan the horizon picking up minute disturbances to gather evidence Read More Big Data Analysis Looking beyond the logs... disparate sources with neural network analysis Read More Hack your own system.... ...before hackers do! Hackers are not normally external threats but rather internal staff with knowledge of your systems Read More Tweets Tweets by @sacs1 Facebook Video Information Security Policies Phishing - Adding 'Message Options' in Outlook Recent Posts Phishing is getting more sophisticated April 8, 2015 CISSP Certification April 8, 2015 Student Feedback April 8, 2015 Some free resources for CISSP Domain 06 – Security Assessment & Testing (2015) March 30, 2015 A fine line between ‘Accidental Discovery’ and Hacking March 4, 2015 Phishing is getting more sophisticated April 8, 2015 Posted in Blog Standard email with a link inside the email linking back to a compromised website. You often find phishing attacks in your email and they are sometimes removed by the antivirus software in your organisation. One of the ways you are protected is the antivirus scanning attachments and quarantine infected emails, however they are using ‘escaped’ characters and let the browser interpret the escape characters and then interpret that as normal HTML code. The normal emails that you see often tried to send you a link which you click on, and this will take you to a compromised site that looks similar to your bank website and try and dupe you to enter your logon credentials. Later attempts by fraudsters adding an attachment which when you opened it with a text reader, you could easily see that it ...Read More CISSP Certification April 8, 2015 Posted in Blog The CISSP Exam sets aside six hours for individuals to write, but with our training providing a well detailed foundation and information on the domains, and the dedication of hard-working individuals, one allows for wonderful results! Below is an e-mail our trainer Mervin received after a student who attended the CISSP Training wrote his exam recently. The student’s name has been changed in order to keep their anonymity. With receiving the CISSP certification, one receives the opportunity for more doors to open and provides knowledge that will always be advantageous. “Hi there, I passed. The boot camp was ample preparation for the task. I wrote in 90 minutes and panicked about that. Thanks for the exceptional prep. It is greatly appreciated! Regards, J.R. Tolkien” The CISSP certific...Read More Student Feedback April 8, 2015 Posted in Blog The feedback below is given by students who have taken part in various courses provided by SACS. Their anonymity has been kept as to safeguard their personal information as well as that of the companies. “This lecturer is a motivator. He is filled with knowledge and also challenges his audiences to think. The course was an eye-opener and makes you wonder how secured is our work environment.” – Private “The presenter demonstrated a high level of the content knowledge and was able to communicate the knowledge across. This course is excellent. The continuous relationship after training is the best idea.” – Financial Institution “Mervin is extremely knowledgeable and it is good to have him as a reference. The course has opened my eyes to various new methodologies...Read More Some free resources for CISSP Domain 06 – Security Assessment & Testing (2015) March 30, 2015 Posted in Blog Going to be an exiting exercise to deliver online training as a free resource for the Security Assessment & Testing domain for the 2015 CISSP curriculum. Go to the subscription listRead More A fine line between ‘Accidental Discovery’ and Hacking March 4, 2015 Posted in Blog A fine line between ‘Accidental Discovery’ and Hacking Lets set the scene using a local law (ECT Act of 2002) and set the scene for a few cases and use the following definition for the Act. Government using cracking tools to install Windows? “Access” includes the actions of a person who, after taking note of any data, becomes aware of the fact that he or she is not authorised to access that data and still continues to access that data. Disclaimer: I do not condone any form of unauthorised access to any system. I would like to draw attention on two previous newsletters we have raised to the relevant contacts evidence of the website that was hacked many years ago. Government example First public notice August 2012 however evidence of the hack was seen by us on the 9th of May 2011 due to ...Read More The enemy from within February 16, 2015 Posted in Blog The Enemy within The enemy from within How much do you trust those that are entrusted with the accountability of securing your system? This seems to be a huge problem with all walks of life and it is ‘The enemy from within’! Internal IT staff colluding with syndication to create remote access points into a bank to commit fraud Police services being found with hijacked (car-jacked) and stolen motor vehicles at his residence Anti-poaching spokesman to be charged with rhino poaching Everyone of these examples has a commonality… and this is an external influence such as syndication organised crime. Three types of staff exist and they can be qualified as follows: The first type WILL look for a fraud opportunity and commit it. The second type WILL NOT look for the opportunity, however whe...Read More CISSP Domain Changes for 2015 January 26, 2015 Posted in Blog CISSP Domain Changes for 2015 CISSP Domain Changes for 2015 The number of domains are being reduced from ten to eight with some exciting adaptations. It is important that the content of any certification is updated to be inline with real-world scenarios. The last update was in 2012 and for 2015 there are some major changes. The changes in 2012 were minimal and reflected more on the naming and the weight and importance of the domains. Here is the table with CISSP Domain Changes for 2015 with 2012 as a reference as well as some personal observations. The first domain in the list is ‘Security and Risk Management’ which is a nice update which takes many attributes into consideration such as the security function in an organisation to address the Persistent Threat Matrix (PTM)...Read More CISSP Boot Camp January 15, 2015 Posted in Blog, CISSP, eLearning, T...