Cyber-War: The Anatomy of the Global Security Threat

Amazon Price: N/A (as of June 25, 2017 00:40 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

This unique project takes a socio-political approach to the widely debated issue of cyber-war, considering changing patterns of conflict, international diplomacy and governmental thinking in the face of the emerging threat.
In examining whether an example of cyber war has yet been seen, a number of case studies are explored, from the explosion of a Soviet pipeline in the latter stages of the Cold War; to the 2007 attacks on Estonia; and the recent discovery of the Stuxnet worm in an Iranian nuclear plant. This highly accessible study attempts to demystify technical concepts, and will appeal to scholars, practitioners and interested observers involved in the study of this most contemporary of security threats.

Bulletproof SSL and TLS: Understanding and Deploying SSL/TLS and PKI to Secure Servers and Web Applications

Rating: 
Amazon Price: $60.00 $48.00 You save: $12.00 (20%). (as of June 24, 2017 18:59 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Bulletproof SSL and TLS is a complete guide to using SSL and TLS encryption to deploy secure servers and web applications. Written by Ivan Ristic, the author of the popular SSL Labs web site, this book will teach you everything you need to know to protect your systems from eavesdropping and impersonation attacks.

In this book, you'll find just the right mix of theory, protocol detail, vulnerability and weakness information, and deployment advice to get your job done:
Comprehensive coverage of the ever-changing field of SSL/TLS and Internet PKI, with updates to the digital versionFor IT security professionals, help to understand the risksFor system administrators, help to deploy systems securelyFor developers, help to design and implement secure web applicationsPractical and concise, with added depth when details are relevantIntroduction to cryptography and the latest TLS protocol versionDiscussion of weaknesses at every level, covering implementation issues, HTTP and browser problems, and protocol vulnerabilitiesCoverage of the latest attacks, such as BEAST, CRIME, BREACH, Lucky 13, RC4 biases, Triple Handshake Attack, and HeartbleedThorough deployment advice, including advanced technologies, such as Strict Transport Security, Content Security Policy, and pinningGuide to using OpenSSL to generate keys and certificates and to create and run a private certification authorityGuide to using OpenSSL to test servers for vulnerabilitiesPractical advice for secure server configuration using Apache httpd, IIS, Java, Nginx, Microsoft Windows, and TomcatThis book is available in paperback and a variety of digital formats without DRM. Digital version of Bulletproof SSL and TLS can be obtained directly from the author, at feistyduck.com.

Cybercrime and Cyber Warfare (FOCUS Series)

Amazon Price: N/A (as of June 24, 2017 19:53 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

In order to enable general understanding and to foster the implementation of necessary support measures in organizations, this book describes the fundamental and conceptual aspects of cyberspace abuse. These aspects are logically and reasonably discussed in the fields related to cybercrime and cyberwarfare. The book illustrates differences between the two fields, perpetrators’ activities, as well as the methods of investigating and fighting against attacks committed by perpetrators operating in cyberspace.
The first chapter focuses on the understanding of cybercrime, i.e. the perpetrators, their motives and their organizations. Tools for implementing attacks are also briefly mentioned, however this book is not technical and does not intend to instruct readers about the technical aspects of cybercrime, but rather focuses on managerial views of cybercrime. Other sections of this chapter deal with the protection against attacks, fear, investigation and the cost of cybercrime. Relevant legislation and legal bodies, which are used in cybercrime, are briefly described at the end of the chapter.
The second chapter deals with cyberwarfare and explains the difference between classic cybercrime and operations taking place in the modern inter-connected world. It tackles the following questions: who is committing cyberwarfare; who are the victims and who are the perpetrators? Countries which have an important role in cyberwarfare around the world, and the significant efforts being made to combat cyberwarfare on national and international levels, are mentioned.
The common points of cybercrime and cyberwarfare, the methods used to protect against them and the vision of the future of cybercrime and cyberwarfare are briefly described at the end of the book.

Contents
Continue reading “Cybercrime and Cyber Warfare (FOCUS Series)”

Kali Linux Wireless Penetration Testing: Beginner’s Guide

Rating: 
Amazon Price: N/A (as of June 24, 2017 23:06 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Key FeaturesLearn wireless penetration testing with Kali Linux, the latest iteration of BacktrackDetect hidden wireless networks and discover their namesExplore advanced Wi-Fi hacking techniques including rogue access point hosting and probe sniffingDevelop your encryption cracking skills and gain an insight into the methods used by attackers and the underlying technologies that facilitate these attacks

Book Description
Continue reading “Kali Linux Wireless Penetration Testing: Beginner's Guide”

XSS Attacks: Cross Site Scripting Exploits and Defense

Rating: 
Amazon Price: N/A (as of June 24, 2017 17:23 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

A cross site scripting attack is a very specific type of attack on a web application. It is used by hackers to mimic real sites and fool people into providing personal data.

Cross Site Scripting Attacks starts by defining the terms and laying out the ground work. It assumes that the reader is familiar with basic web programming (HTML) and JavaScript. First it discusses the concepts, methodology, and technology that makes XSS a valid concern. It then moves into the various types of XSS attacks, how they are implemented, used, and abused. After XSS is thoroughly explored, the next part provides examples of XSS malware and demonstrates real cases where XSS is a dangerous risk that exposes internet users to remote access, sensitive data theft, and monetary losses. Finally, the book closes by examining the ways developers can avoid XSS vulnerabilities in their web applications, and how users can avoid becoming a victim. The audience is web developers, security practitioners, and managers.
Continue reading “XSS Attacks: Cross Site Scripting Exploits and Defense”