CSO reports on the new challenges and threats that will face IT departments in the year ahead.
Sharing fake news stories online and spreading false information could lead to criminal charges against the perpetrators as reported by News24.
Hoax-alert reported that fake news website News@Last posted an article titled "FARM MURDERS: US PRESIDENT THREATENS TO INTERVENE IF SOUTH AFRICA DOES NOT COME UP WITH A SOLUTION TO FARM MURDERS". They were unable to locate any source for the Trump quote or any of the "news sources" mentioned in the article that made any mention of Trump "lending a hand or coming to the rescue" in South Africa.
SA People further notes that fake news sites have trotted out yet another fake story about American President Donald Trump and South Africa.
How to spot fake news according to News24:
+ Look to see if reputable news sites are also reporting on the story;
+ Check for odd-looking domain names;
+ Check the 'About Us' tab on websites or look up the website on snopes.com for more information about the source;
+ Watch out for common news websites that end in '.com.co' as they are often fake versions of real news sources;
+ Bad web design and use of all caps can also be a sign that the source you're looking at should be verified;
+ If the story makes you really angry it’s probably a good idea to keep reading about the topic via other sources to make sure the story you read wasn't purposefully trying to make you angry in order to generate shares and advertising revenue.
The main objective of the Higher Certificate in IT is to provide you with a wide-ranging, sound, academically based and industry oriented training course during which you’ll be steeped in software design and development; exposed to a wide range of technologies that will shape the future of computer applications over the next few years; fully grounded in both the theoretical and practical aspects of IT.
The course is offered part-time over 2 years, which consists of 10 modules.
A South African bank customer who has a complaint against his or her bank may approach the OBS for assistance.
MyBroadband reports on the database leak which revealed the private data of 30 million South Africans.
It is reported that the data included extensive personal attributes such as names, addresses, ethnicities, genders, birth dates, government-issued personal identification numbers, and 2.2 million email addresses.
Readers can have a look whether their e-mail address has been compromised on the "have i been pwned?" website here.
Forbes reports on the 5 computer security questions readers keep asking.
This Certificate in Cyber Security (2018 first intake now open until 30 November 2017) is aimed at individuals currently working full time that would like to get a formal qualification in Information and Cyber Security. The Certificate standard is on NQF Level 5, and successful students will get an official Certificate from the University of Johannesburg.
The course consist of 5 modules, each module lasting 3 days. Each module will be formally examined and all 5 modules must be passed to pass the course.
Disclaimer: Please note that the posted information does not indicate any advice or guidance or support by the UJ Centre for Cyber Security and readers make use of Bitcoin services at their own risk.
Bitcoinzar is a website dedicated to individuals living in South Africa who are interested in Bitcoin.
The website contains information on local Bitcoin exchanges, Bitcoin wallets and Bitcoin costs in South Africa.
TechRadar warns users to not fall victim to the increasing amounts of Android malware and provide a list of the 10 best security and antivirus for Android.
Please note that these suggested antivirus apps have not been tested by the UJ Centre for Cyber Security and readers make use of these apps at their own risk.
The Citizen Reports that the new online suicide game, Blue Whale, may soon be available in South Africa.
The Blue Whale app can be downloaded while an 'administrator' or 'mentor' then gives the player a task every day for the next 50 days, with the final task being suicide. Tasks include self-mutilation, watching horror movies, standing on the edge of the roof of a dangerously high building and listening to music that the 'administrator' sends.
The sickening tasks lead to sleep deprivation, brainwash players as the challenges grow darker and more severe, and on the last day, the exhausted and confused player is encouraged to commit suicide.
The player must take a photo of every completed task to prove to the administrator that it has been completed.
Parents are cautioned to monitor their children’s use of social media and their internet usage.
Eyewitness News further notes that the phrase 'Blue Whale' has made international headlines in recent months, and it has a number of local organisations, including the South African Depression and Anxiety Group and the Films and Publications Board, concerned that teenagers here may soon be exposed to similar dangers.
While concern has been raised over the possible emergence of the so-called Blue Whale game or challenge in South Africa, those looking into the existence of the phenomenon believe there is enough to warrant being on alert and monitoring developments.
The Protection from Harassment Act 17 of 2011 is available as an online document.
Readers are referred specifically to the definitions of 'harassment' and 'harm', as well as section 3(2) that stipulates what a court has to consider in the granting of an interim order.
Also important is the power to have service providers produce details of where offending data messages may have originated.
The biggest cyber attack the world has ever seen is still claiming victims and threatens to create even more havoc on Monday when people return to work.
The attack is a virus that locks people out of their computer files until they pay a ransom to the hackers.
Experts say the spread of the virus had been stymied by a security researcher in the U.K. Hackers have issued new versions of the virus that cyber security organizations are actively trying to counter and stamp out.
The Future of Life Institute reports that Artificial Intelligence (AI) has already provided beneficial tools that are used every day by people around the world. Its continued development, guided by certain principles, will offer amazing opportunities to help and empower people in the decades and centuries ahead.
As a result, the Asilomar AI principles were developed in conjunction with the 2017 Asilomar conference.
Furthermore, TechTarget also notes that the introduction of the Asilomar AI Principles provides guidelines to protect us against an AI apocalypse and ensure that the many, not just the few, reap AI's benefits.
Vanity Fair reports that FAKE NEWS IS ABOUT TO GET EVEN SCARIER THAN YOU EVER DREAMED.
The article underscores fake news’s rapid ascent from an amorphous notion to perhaps the most significant digital epidemic.
Furthermore, it is also mentioned that advancements in audio and video technology are becoming so sophisticated that individuals will be able to replicate real news — real TV broadcasts, for instance, or radio interviews — in unprecedented, and truly indecipherable, ways.
One research paper published last year by professors at Stanford University and the University of Erlangen-Nuremberg demonstrated how technologists can record video of someone talking and then change their facial expressions in real time.
The department of Justice and Constitutional Development of the Republic of South Africa has published the Cybercrimes and Cybersecurity Bill along with supporting documents. Access the articles here:
Cybercrimes and Cybersecurity Bill
Cybercrime Discussion Document
Cybercrimes and Cybersecurity Bill Briefing
The statistics for the second half of 2016's cybercrimes that have been reported through the UJ Centre for Cyber Security's reporting facility (for statistical purposes only) are now available.
Readers are reminded of the South African Cybersecurity Hub which allows South African citizens to report incidences of cybercrime at www.cybersecurityhub.co.za.
★ Featured Post ★
WiFi and VPNs
★ WiFi - Evil Twin Attack Background:
TechoPedia describes an Evil Twin attack (in the context of network security) as a rogue or fake wireless access point (WAP) that appears as a genuine WiFi hotspot offered by a legitimate provider.
In an evil twin attack, an eavesdropper or hacker fraudulently creates this rogue WiFi hotspot to collect the personal data of unsuspecting users. Sensitive data can be stolen by spying on a connection or using a phishing technique.
★ Evil Twin Attack Approach:
A hacker using an evil twin exploit may be positioned near an authentic WiFi access point and discover the service set identifier (SSID) and frequency. The hacker may then send a radio signal using the exact same frequency and SSID. To end users, the rogue evil twin appears as their legitimate WiFi hotspot with the same name.
★ Virtual Private Network (VPN) Background:
PCMag explains that connecting to public WiFi networks, for example, is a commonplace practice, but these are also excellent avenues for attackers to seize your personal information.
This is where virtual private networks, or VPNs, step in by using simple software to secure your Internet connection and give you greater control of how you appear online.
In the simplest terms, it creates a secure, encrypted connection, which can be thought of as a tunnel, between your computer and a server operated by the VPN service. While connected to the VPN, all your network traffic passes through this protected tunnel, and no one in between can see what you are up to.
★ VPN Examples:
A selection of free and premium examples of desktop VPNs available from PCMag.
A selection of free and premium examples of Android VPN apps available from PCMag.
★ Free Wifi - Friend or foe? A summary by VeraCode:
★ Reasons why businesses offer free WiFi - a summary by Shaw Business:
Source: Shaw Business
★ Featured Post ★
TrendMicro asks what makes ransomware so effective? One reason — fear. Just like any traditional extortion op, ransomware operations succeed because they capitalise on fear, which ultimately forces victims to do something irrational such as paying cybercriminals.
★ Ransomware - a summary by TrendMicro:
Mail & Guardian ft. Prof Von Solms - Internet banking fraud: The scourge of SIM swaps.
Information brochures, timetables, application forms and fee structures for the Certificate in Cyber Security 2017 courses have been uploaded.
This Certificate is aimed at individuals currently working full time that would like to get a formal qualification in Information and Cyber Security. The Certificate standard is on NQF Level 5, and successful students will get an official Certificate from the University of Johannesburg.
★ Featured Post ★
Smartphone/Mobile Operating Systems
GSMArena summarises an Operating System (OS) as a base infrastructure software component of a computerised system. It controls all basic operations of the computer (or other electronic devices such as smartphones etc.). The OS allows the user to install and execute third-party applications (commonly called apps for short), usually adding new functionality to the device.
PCMag notes that the four major smartphone OSs that are currently in use include:
Although more Symbian smartphones had been sold worldwide than any other, in 2011, Nokia switched from its native Symbian OS to Windows Phone. At one time the market leader, BlackBerry was unable to hold its customers even with innovative new phones in 2013.
★ Worldwide smartphone OS market share - a summary by Statista:
★ Featured Post ★
Microsoft refers to cloud computing as the use of computing power that is located elsewhere, in "the cloud" of remote networks.
It's really just a name for storing and processing data online. For example, many of us already use cloud computing when using the internet for storing photos and emails.
Different types of clouds include:
- Private: resource dedicated to one customer.
- Public: resources shared by multiple customers.
- Hybrid: customised combination of shared and dedicated resource.
- Community: dedicated resource for a group of customers.
A selection of cloud storage services readily available to the public:
★ What is cloud computing? - a summary by Microsoft:
★ Featured Post ★
The Dark and Deep Web
★ Dark Web Background:
Lynley Donnelly, from Mail & Guardian reports that readers should beware of the Web's dark side.
The dark web does not only host places for terrorists, child pornographers and arms dealers to sell their wares, it is also where activists in oppressive regimes go to get around government spying and censorship, whistle-blowers can leak material in relative safety, and ethical hackers gather to share knowledge and campaign.
Nevertheless, the cybersecurity risks that can stem from the dark web have government agencies and private companies around the world sweating about the security of their networks, their data and their bank accounts.
Access the full article here.
★ Media Reports:
Articles hosted by Cyanre discussing the Dark Web in South Africa:
★ Everything You Wanted to Know about TOR & the Deep Web by Who Is Hosting This: The Blog:
Source: Who Is Hosting This: The Blog
★ Featured Post ★
Social Communication Guidelines for Schools
The article, Cyber-safety: A South African School Perspective, by Professor E. Kritzinger reports that despite the benefits, ICT (Information and Communications Technology) devices and online access can lead to a number of online risks.
These risks can be harmful to school learners if the learners are not educated on how to protect themselves and their information.
It is therefore vital to ensure that learners are educated accordingly on the matter.
Educating school learners regarding cyber risks within the school environment is dependent on a number of factors; some of these factors include preparedness of:
To access more articles like this, in addition to other resources such as research reports, pupil workbooks and classroom posters, visit the Cyber Security Awareness project.
- The school towards ICT devices and relating ICT policies and procedures;
- The teachers and their knowledge regarding ICT devices and online activities;
- The available educational material regarding online safety; and
- The handling of ICT incidents within the school.
★ Media Reports:
A list of sexting media reports involving South African learners:
by Times Live.
Examples of Social Communication Guidelines from schools across South Africa:
★ My Cyber Safety Pledge for learners as summarised by Cyber Security Awareness project:
Source: Cyber Security Awareness project
★ Additional reading:
by Steven Anderson.
★ Featured Post ★
Anti-virus software can typically assist with preventing, detecting and removing malicious software from various types of digital computing devices such as desktop computers and smartphones. Many anti-virus software suites are readily available online and some are also free of charge!
A brief summary of resources to guide end users in choosing their own anti-virus software follows.
as identified by PCMag.
★ Most popular free anti-virus for Windows desktop (PC):
★ Most popular free anti-virus for Android smartphones:
★ Featured Post ★
is a cross-platform mobile messaging app which allows you to exchange messages without having to pay for SMS. WhatsApp Messenger is available for .
★ Staying Safe on WhatsApp:
A list of that have been designed to help you stay safe while using WhatsApp, as recommended by WhatsApp.
★ Guides for parents:
WhatsApp: a guide for parents and carers - by
NSPCC and O2: WhatsApp - by
WhatsApp: What parents need to know about the instant messaging app - by
★ A few useful WhatsApp tips and tricks as summarised by :
★ Featured Post ★
Understanding SIM Swap Fraud
With the rise in SIM swap fraud occurences all over South Africa, make sure you take all the precautions you can to avoid becoming a victim.
note that while the methods used to steal a person’s banking details may differ, the process followed by fraudsters to steal money from online banking users in South Africa is nearly always the same:
In each of these steps the criminals can exploit different weaknesses in the system to achieve their goal.
- Get the victim's Internet banking details, typically through a phishing/insider attack.
- Create a bank account(s) which money can be transferred to and also withdrawn from.
- Clone the SIM card (SIM swap) used by the victim.
- Create beneficiaries (using the bank accounts created in point 2) and transfer money to these beneficiaries.
- Withdraw the money from these beneficiary accounts.
Read up on some of the SIM swap articles featuring incidents from across South Africa:
by Ivor Powell | WEEKEND ARGUS | 05-03-2016
by fin24.com | 03-03-2016
★ Bank Resources:
A collection of SIM swap resources from leading South African banking institutions:
A summary of resources to aid you in understanding, analysing and reviewing your Facebook profile security.
★ 3 Simple Facebook Security Tips from :
- Protect your password. Don't use your Facebook password anywhere else online and never share it. You should be the only one who knows it. Avoid including your name or common words. Your password should be difficult to guess.
Facebook will never send you a message or email asking for your login details or credit card number. If someone asks you for this information do not respond or click on any links in their message. Please report the message to the Facebook team to investigate and then delete it. You can also block the sender from contacting you again.
- Use extra security features to add more protection to your account and information on Facebook:
★ Active Facebook users can now review their security settings by making use of facility.
★ Active Facebook users that make use of the Android app on their smartphone can now review their security settings by making use of facility.
★ A look at some of the reasons why people hack Facebook accounts as summarised by .
★ Bridge the digital divide and become a tech-savvy parent with the book by Nikki Bush and Arthur Goldstuck.
If you are a WhatsApp user and do not want to share your account information with Facebook, you can take steps to prevent this from happening. You may only have 30 days to react if you have already accepted the new policy.
The report cybercrime statistics for the first half of 2016 have been released based on input received through the UJ Centre for Cybersecurity's reporting page.
Read the article featuring Prof Von Solms, the director of the UJ Centre for Cyber Security, entitled "Cyber criminals make big bucks as security budget cut" as published in The Times – 30 May 2016 – pg.8.