Aimed at both the novice and expert in IT security and industrial control systems (ICS), this book will help readers gain a better understanding of protecting ICSs from electronic threats. Cyber security is getting much more attention and ‘SCADA security’ (Supervisory Control and Data Acquisition) is a particularly important part of this field, as are Distributed Control Systems (DCS), Programmable Logic Controllers (PLCs), Remote Terminal Units (RTUs), Intelligent Electronic Devices (IEDs)-and all the other, field controllers, sensors, and drives, emission controls, and that make up the ‘intelligence’ of modern industrial buildings and facilities. This book will help the reader better understand what is industrial control system cyber security, why is it different than IT security, what has really happened to date, and what needs to be done. Loads of practical advice is offered on everything from clarity on current cyber-security systems and how they can be integrated into general IT systems, to how to conduct risk assessments and how to obtain certifications, to future trends in legislative and regulatory issues affecting industrial security.
Click here to buy from Amazon
Violent Python shows you how to move from a theoretical understanding of offensive computing concepts to a practical implementation. Instead of relying on another attacker's tools, this book will teach you to forge your own weapons using the Python programming language. This book demonstrates how to write Python scripts to automate large-scale network attacks, extract metadata, and investigate forensic artifacts. It also shows how to write code to intercept and analyze network traffic using Python, craft and spoof wireless frames to attack wireless and Bluetooth devices, and how to data-mine popular social media websites and evade modern anti-virus.
- Demonstrates how to write Python scripts to automate large-scale network attacks, extract metadata, and investigate forensic artifacts.
- Write code to intercept and analyze network traffic using Python. Craft and spoof wireless frames to attack wireless and Bluetooth devices.
- Data-mine popular social media websites and evade modern anti-virus.
In many penetration tests, there is a lot of useful information to be gathered from the radios used by organizations. These radios can include two-way radios used by guards, wireless headsets, cordless phones and wireless cameras. Wireless Reconnaissance in Penetration Testing describes the many ways that a penetration tester can gather and apply the information available from radio traffic. Stopping attacks means thinking like an attacker, and understanding all the ways that attackers gather information, or in industry terms profile, specific targets. With information from what equipment to use and how to find frequency information, to tips for reducing radio information leakage, to actual case studies describing how this information can be used to attack computer systems, this book is the go-to resource for penetration testing and radio profiling. Author Matthew Neely is a respected and well-known expert and speaker on radio reconnaissance and penetration testingIncludes real-world case studies of actual penetration tests using radio profilingCovers data leakage, frequency, attacks, and information gathering
If you think computer security has improved in recent years, The Myths of Security will shake you out of your complacency. Longtime security professional John Viega, formerly Chief Security Architect at McAfee, reports on the sorry state of the industry, and offers concrete suggestions for professionals and individuals confronting the issue.
Why is security so bad? With many more people online than just a few years ago, there are more attackers — and they’re truly motivated. Attacks are sophisticated, subtle, and harder to detect than ever. But, as Viega notes, few people take the time to understand the situation and protect themselves accordingly.
This book tells you:
- Why it’s easier for bad guys to “own” your computer than you think
- Why anti-virus software doesn’t work well — and one simple way to fix it
- Whether Apple OS X is more secure than Windows
- What Windows needs to do better
- How to make strong authentication pervasive
- Why patch management is so bad
- Whether there’s anything you can do about identity theft
- Five easy steps for fixing application security, and more
Provocative, insightful, and always controversial, The Myths of Security not only addresses IT professionals who deal with security issues, but also speaks to Mac and PC users who spend time online.
Click here to buy from Amazon
Many people think of the Smart Grid as a power distribution group built on advanced smart metering-but that's just one aspect of a much larger and more complex system. The "Smart Grid" requires new technologies throughout energy generation, transmission and distribution, and even the homes and businesses being served by the grid. This also represents new information paths between these new systems and services, all of which represents risk, requiring a more thorough approach to where and how cyber security controls are implemented.
This insight provides a detailed architecture of the entire Smart Grid, with recommended cyber security measures for everything from the supply chain to the consumer.Discover the potential of the Smart GridLearn in depth about its systemsSee its vulnerabilities and how best to protect it