The Myths of Security: What the Computer Security Industry Doesn’t Want You to Know

Rating: 
Amazon Price: N/A (as of November 24, 2017 19:18 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

If you think computer security has improved in recent years, The Myths of Security will shake you out of your complacency. Longtime security professional John Viega, formerly Chief Security Architect at McAfee, reports on the sorry state of the industry, and offers concrete suggestions for professionals and individuals confronting the issue.

Why is security so bad? With many more people online than just a few years ago, there are more attackers — and they're truly motivated. Attacks are sophisticated, subtle, and harder to detect than ever. But, as Viega notes, few people take the time to understand the situation and protect themselves accordingly. This book tells you:
Continue reading “The Myths of Security: What the Computer Security Industry Doesn't Want You to Know”

Cyber-War: The Anatomy of the Global Security Threat

Amazon Price: N/A (as of November 24, 2017 11:06 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

This unique project takes a socio-political approach to the widely debated issue of cyber-war, considering changing patterns of conflict, international diplomacy and governmental thinking in the face of the emerging threat.
In examining whether an example of cyber war has yet been seen, a number of case studies are explored, from the explosion of a Soviet pipeline in the latter stages of the Cold War; to the 2007 attacks on Estonia; and the recent discovery of the Stuxnet worm in an Iranian nuclear plant. This highly accessible study attempts to demystify technical concepts, and will appeal to scholars, practitioners and interested observers involved in the study of this most contemporary of security threats.

Windows Registry Forensics, Second Edition: Advanced Digital Forensic Analysis of the Windows Registry

Rating: 
Amazon Price: $69.95 $53.44 You save: $16.51 (24%). (as of November 24, 2017 16:08 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Windows Registry Forensics: Advanced Digital Forensic Analysis of the Windows Registry, Second Edition, provides the most in-depth guide to forensic investigations involving Windows Registry. This book is one-of-a-kind, giving the background of the Registry to help users develop an understanding of the structure of registry hive files, as well as information stored within keys and values that can have a significant impact on forensic investigations. Tools and techniques for post mortem analysis are discussed at length to take users beyond the current use of viewers and into real analysis of data contained in the Registry. This second edition continues a ground-up approach to understanding so that the treasure trove of the Registry can be mined on a regular and continuing basis.Named a Best Digital Forensics Book by InfoSec ReviewsPacked with real-world examples using freely available open source toolsProvides a deep explanation and understanding of the Windows Registry―perhaps the least understood and employed source of information within Windows systemsIncludes a companion website that contains the code and author-created tools discussed in the bookFeatures updated, current tools and techniquesContains completely updated content throughout, with all new coverage of the latest versions of Windows

Investigating Internet Crimes: An Introduction to Solving Crimes in Cyberspace

Rating: 
Amazon Price: N/A (as of November 24, 2017 12:10 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Written by experts on the frontlines, Investigating Internet Crimes provides seasoned and new investigators with the background and tools they need to investigate crime occurring in the online world. This invaluable guide provides step-by-step instructions for investigating Internet crimes, including locating, interpreting, understanding, collecting, and documenting online electronic evidence to benefit investigations.

Cybercrime is the fastest growing area of crime as more criminals seek to exploit the speed, convenience and anonymity that the Internet provides to commit a diverse range of criminal activities. Today's online crime includes attacks against computer data and systems, identity theft, distribution of child pornography, penetration of online financial services, using social networks to commit crimes, and the deployment of viruses, botnets, and email scams such as phishing. Symantec's 2012 Norton Cybercrime Report stated that the world spent an estimated $110 billion to combat cybercrime, an average of nearly $200 per victim.
Continue reading “Investigating Internet Crimes: An Introduction to Solving Crimes in Cyberspace”

Bulletproof SSL and TLS: Understanding and Deploying SSL/TLS and PKI to Secure Servers and Web Applications

Rating: 
Amazon Price: $60.00 $48.00 You save: $12.00 (20%). (as of November 25, 2017 06:51 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Bulletproof SSL and TLS is a complete guide to using SSL and TLS encryption to deploy secure servers and web applications. Written by Ivan Ristic, the author of the popular SSL Labs web site, this book will teach you everything you need to know to protect your systems from eavesdropping and impersonation attacks.

In this book, you'll find just the right mix of theory, protocol detail, vulnerability and weakness information, and deployment advice to get your job done:
Comprehensive coverage of the ever-changing field of SSL/TLS and Internet PKI, with updates to the digital versionFor IT security professionals, help to understand the risksFor system administrators, help to deploy systems securelyFor developers, help to design and implement secure web applicationsPractical and concise, with added depth when details are relevantIntroduction to cryptography and the latest TLS protocol versionDiscussion of weaknesses at every level, covering implementation issues, HTTP and browser problems, and protocol vulnerabilitiesCoverage of the latest attacks, such as BEAST, CRIME, BREACH, Lucky 13, RC4 biases, Triple Handshake Attack, and HeartbleedThorough deployment advice, including advanced technologies, such as Strict Transport Security, Content Security Policy, and pinningGuide to using OpenSSL to generate keys and certificates and to create and run a private certification authorityGuide to using OpenSSL to test servers for vulnerabilitiesPractical advice for secure server configuration using Apache httpd, IIS, Java, Nginx, Microsoft Windows, and TomcatThis book is available in paperback and a variety of digital formats without DRM. Digital version of Bulletproof SSL and TLS can be obtained directly from the author, at feistyduck.com.