Focus Track
Cyber Security
Defensive and ethical security for Stellenbosch students: protect accounts, respect privacy, and build resilience against South African threats.
Defensive First
Secure coding, threat modeling, and reviewing OWASP Top 10 themes without exploit steps.
Student Safety
Protect NSFAS, banking, and student accounts from phishing, SIM swap, and credential stuffing.
POPIA Aware
Collect minimum personal data, state purpose, secure storage, and respect deletion/consent.
Responsible Disclosure
Report issues safely and privately; avoid testing without permission.
South African Threats
Identity & Banking
- • SIM swap and OTP interception targeting mobile banking.
- • Phishing on student emails for NSFAS refunds or “account updates”.
- • Fake job offers and bursary scams collecting ID/passport numbers.
Campus & Personal
- • Device theft: keep disk encryption and strong screen locks.
- • Public Wi‑Fi risks: prefer VPN for sensitive work.
- • Social engineering: verify staff/student requests before sharing info.
POPIA Principles (High Level)
- • Collect only what you need and state why.
- • Secure personal information (encryption, access control, logs).
- • Let people access or request deletion where appropriate.
- • Keep data accurate and limit retention.
Responsible Disclosure
Report privately, avoid data access, and give owners time to fix. Do not run intrusive tests without permission.
Subject: Potential security issue found
Hello Team,
I identified a potential security issue on <system/URL>. No data was accessed or modified. Please let me know the right contact to share details privately so we can resolve it responsibly.
Thank you.
Tools & Practices
- • Burp Suite for controlled web testing
- • Wireshark for traffic inspection in lab environments
- • Nmap for network discovery with permission
- • SIEM concepts (logs, alerts, correlation)
- • Password managers for students and teams
- • MFA everywhere; use hardware keys where possible.
- • Backups and incident runbooks for student projects.