Designed to provide you with the knowledge needed to protect computers and networks from increasingly sophisticated attacks, SECURITY AWARENESS: APPLYING PRACTICE SECURITY IN YOUR WORLD, Fifth Edition continues to present the same straightforward, practical information that has made previous editions so popular. For most computer users, practical computer security poses some daunting challenges: What type of attacks will antivirus software prevent? How do I set up a firewall? How can I test my computer to be sure that attackers cannot reach it through the Internet? When and how should I install Windows patches? This text is designed to help you understand the answers to these questions through a series of real-life user experiences. In addition, hands-on projects and case projects give you the opportunity to test your knowledge and apply what you have learned. SECURITY AWARENESS: APPLYING PRACTICE SECURITY IN YOUR WORLD, Fifth Edition contains up-to-date information on relevant topics such as protecting mobile devices and wireless local area networks.
Every day, over half a billion iOS users blindly entrust mobile devices with their personal information. If you write an application that mishandles that information, you'll create a goldmine for attackers—and a catastrophe for you and your customers. Whether you develop iOS apps or test their defenses, it's critical that you know how to track down and eliminate security threats before they become real issues.
In iOS Application Security, author David Thiel shows you how to write apps that actually protect users from the bad guys. He covers everything you need to know to design secure iOS apps from the ground up, including:
Continue reading “iOS Application Security: The Definitive Guide for Hackers and Developers”
DNS Security: Hacking and Defending the Domain Name System provides tactics on how to secure a Domain Name System (DNS) framework by exploring common DNS vulnerabilities using real-world examples of DNS exploits and providing step-by-step guidelines for securing the infrastructure.
The book is a timely reference as DNS is an integral part of the Internet that translates IP addresses into easily remembered domain names. The book focuses entirely on the security aspects of DNS, combining internal and external data to analyze and effectively prioritize network threats. It shows how to build a security infrastructure based around intelligence, demonstrating how theory can work in real-life situations. Presents a multi-platform approach, covering Linux, BSD, and Windows DNS security tipsDemonstrates how to implement DNS Security tools, including numerous screen shots and configuration examplesProvides a timely reference on DNS, an integral part of the Internet that translates IP addresses into easily remembered domain namesIncludes information of interest to those working in 4DNS, authoritative services, BIND files, buffer overflows, DDoS Attacks, firewalls, transaction signatures, and version control, amongst other topics
Cyber Security: Concepts and Cases explains the basic ideas behind cyber security using real-world examples. There are numerous textbooks and professional reference titles that adopt a very formal and theoretical approach to explaining computer security; these are all very insightful, but readers can waste a lot of time reading them while "Rome burns". This title explains the key concepts behind planning and operationalising responses to cyber threats, using real-world case studies.
Android is the most popular mobile smartphone operating system at present, with over a million applications. Every day hundreds of applications are published to the PlayStore, which users from all over the world download and use. Often, these applications have serious security weaknesses in them, which could lead an attacker to exploit the application and get access to sensitive information. This is where penetration testing comes into play to check for various vulnerabilities.
Learning Pentesting for Android is a practical and hands-on guide to take you from the very basic level of Android Security gradually to pentesting and auditing Android. It is a step-by-step guide, covering a variety of techniques and methodologies that you can learn and use in order to perform real life penetration testing on Android devices and applications. The book starts with the basics of Android Security and the permission model, which we will bypass using a custom application, written by us. Thereafter we will move to the internals of Android applications from a security point of view, and will reverse and audit them to find the security weaknesses using manual analysis as well as using automated tools.
Continue reading “Learning Pentesting for Android Devices”