Black Code: Surveillance, Privacy, and the Dark Side of the Internet

Amazon Price: $17.95 $13.95 You save: $4.00 (22%). (as of December 13, 2017 05:51 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Cyberspace is all around us. We depend on it for everything we do. We have reengineered our business, governance, and social relations around a planetary network unlike any before it. But there are dangers looming, and malign forces are threatening to transform this extraordinary domain.

In Black Code, Ronald J. Deibert, a leading expert on digital technology, security, and human rights, lifts the lid on cyberspace and shows what’s at stake for Internet users and citizens. As cyberspace develops in unprecedented ways, powerful agents are scrambling for control. Predatory cyber criminal gangs such as Koobface have made social media their stalking ground. The discovery of Stuxnet, a computer worm reportedly developed by Israel and the United States and aimed at Iran’s nuclear facilities, showed that state cyberwar is now a very real possibility. Governments and corporations are in collusion and are setting the rules of the road behind closed doors.
Continue reading “Black Code: Surveillance, Privacy, and the Dark Side of the Internet”

BIT WARS: Cyber Crime, Hacking & Information Warfare (Volume 2)

Amazon Price: $5.50 $5.50 (as of December 13, 2017 21:53 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Do you hear news everyday on the latest hacking attack, but just don't quite understand what it is all about? Well this is the book for you. In BIT WARS, Dr. Thomas Hyslip presents the history of cybercrime, hacking and information warfare that has lead us to where we are today. Espionage, Stuxnet, Cyber Terrorism, Anonymous, TOR, the Deep Web, they are included. Hacking started as a quest for knowledge and curiosity, but has become a worldwide problem with no end in sight. The Center for Strategic and International Studies estimated the annual cost of cybercrime at more than $445 billion annually. Furthermore, the number and sophistication of attacks has steadily increased. In 2014, Target and Home Depot were victims of large scale point of sale attacks, and millions of credit and debit cards were stolen. Ebay lost the account information of over 233 million users, and Sony was attacked by North Korea in retaliation for the movie, “The Interview.” Read about it all in BIT WARS: Cyber Crime, Hacking and Information Warfare, and understand why you should be concerned.

CCSP (ISC)2 Certified Cloud Security Professional Official Study Guide

Rating: 
Amazon Price: $60.00 $35.05 You save: $24.95 (42%). (as of December 13, 2017 01:58 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

The only official study guide for the new CCSP exam

CCSP (ISC)2 Certified Cloud Security Professional Official Study Guide is your ultimate resource for the CCSP exam. As the only official study guide reviewed and endorsed by (ISC)2, this guide helps you prepare faster and smarter with the Sybex study tools that include pre-test assessments that show you what you know, and areas you need further review. Objective maps, exercises, and chapter review questions help you gauge your progress along the way, and the Sybex interactive online learning environment includes access to a PDF glossary, hundreds of flashcards, and two complete practice exams. Covering all CCSP domains, this book walks you through Architectural Concepts and Design Requirements, Cloud Data Security, Cloud Platform and Infrastructure Security, Cloud Application Security, Operations, and Legal and Compliance with real-world scenarios to help you apply your skills along the way.
Continue reading “CCSP (ISC)2 Certified Cloud Security Professional Official Study Guide”

Fuzzing: Brute Force Vulnerability Discovery

Fuzzing: Brute Force Vulnerability DiscoveryFUZZING

Master One of Today’s Most Powerful Techniques for Revealing Security Flaws!

Fuzzing has evolved into one of today’s most effective approaches to test software security. To “fuzz,” you attach a program’s inputs to a source of random data, and then systematically identify the failures that arise. Hackers have relied on fuzzing for years: Now, it’s your turn. In this book, renowned fuzzing experts show you how to use fuzzing to reveal weaknesses in your software before someone else does.

Fuzzing is the first and only book to cover fuzzing from start to finish, bringing disciplined best practices to a technique that has traditionally been implemented informally. The authors begin by reviewing how fuzzing works and outlining its crucial advantages over other security testing methods. Next, they introduce state-of-the-art fuzzing techniques for finding vulnerabilities in network protocols, file formats, and web applications; demonstrate the use of automated fuzzing tools; and present several insightful case histories showing fuzzing at work. Coverage includes:

• Why fuzzing simplifies test design and catches flaws other methods miss

• The fuzzing process: from identifying inputs to assessing “exploitability”

• Understanding the requirements for effective fuzzing

• Comparing mutation-based and generation-based fuzzers

• Using and automating environment variable and argument fuzzing

• Mastering in-memory fuzzing techniques

• Constructing custom fuzzing frameworks and tools

• Implementing intelligent fault detection

Attackers are already using fuzzing. You should, too. Whether you’re a developer, security engineer, tester, or QA specialist, this book teaches you how to build secure software.

Foreword     xix

Preface        xxi

Acknowledgments  xxv

About the Author   xxvii

PARTI         BACKGROUND     1

Chapter 1    Vulnerability Discovery Methodologies  3

Chapter 2    What Is Fuzzing?   21

Chapter 3    Fuzzing Methods and Fuzzer Types     33

Chapter 4    Data Representation and Analysis        45

Chapter 5    Requirements for Effective Fuzzing      61

PART II      TARGETS AND AUTOMATION          71

Chapter 6    Automation and Data Generation        73

Chapter 7    Environment Variable and Argument Fuzzing 89

Chapter 8    Environment Variable and Argument Fuzzing: Automation 103

Chapter 9    Web Application and Server Fuzzing     113

Chapter 10  Web Application and Server Fuzzing: Automation    137

Chapter 11  File Format Fuzzing         169

Chapter 12  File Format Fuzzing: Automation on UNIX     181

Chapter 13  File Format Fuzzing: Automation on Windows         197

Chapter 14  Network Protocol Fuzzing         223

Chapter 15  Network Protocol Fuzzing: Automation on UNIX     235

Chapter 16  Network Protocol Fuzzing: Automation on Windows         249

Chapter 17  Web Browser Fuzzing      267

Chapter 18  Web Browser Fuzzing: Automation     283

Chapter 19  In-Memory Fuzzing         301

Chapter 20  In-Memory Fuzzing: Automation         315

PART III    ADVANCED FUZZING TECHNOLOGIES      349

Chapter 21  Fuzzing Frameworks       351

Chapter 22  Automated Protocol Dissection  419

Chapter 23  Fuzzer Tracking     437

Chapter 24  Intelligent Fault Detection 471

PART IV     LOOKING FORWARD    495

Chapter 25  Lessons Learned    497

Chapter 26  Looking Forward    507

Index 519

Price: $54.99

Click here to buy from Amazon

Practical SCADA for Industry (IDC Technology)

Practical SCADA for Industry (IDC Technology)A SCADA system gathers information, such as where a leak on a pipeline has occurred, transfers the information back to a central site, alerting the home station that the leak has occurred, carrying out necessary analysis and control, such as determining if the leak is critical, and displaying the information in a logical and organized fashion. SCADA systems can be relatively simple, such as one that monitors environmental conditions of a small office building, or incredibly complex, such as a system that monitors all the activity in a nuclear power plant or the activity of a municipal water system.

An engineer's introduction to Supervisory Control and Data Acquisition (SCADA) systems and their application in monitoring and controlling equipment and industrial plant.

Essential reading for data acquisition and control professionals in plant engineering, manufacturing, telecommunications, water and waste control, energy, oil and gas refining and transportation.

Provides the knowledge to analyse, specify and debug SCADA systems, covering the fundamentals of hardware, software and the communications systems that connect SCADA operator stations

Price: $66.95

Click here to buy from Amazon