CyberWar

Si Vis Pacem, Para Bellum

By

Managed Code Rootkits: Hooking into Runtime Environments

Managed Code Rootkits: Hooking into Runtime EnvironmentsImagine being able to change the languages for the applications that a computer is running and taking control over it. That is exactly what managed code rootkits can do when they are placed within a computer. This new type of rootkit is hiding in a place that had previously been safe from this type of attack-the application level. Code reviews do not currently look for back doors in the virtual machine (VM) where this new rootkit would be injected. An invasion of this magnitude allows an attacker to steal information on the infected computer, provide false information, and disable security checks. Erez Metula shows the reader how these rootkits are developed and inserted and how this attack can change the managed code that a computer is running, whether that be JAVA, .NET, Android Dalvik or any other managed code. Management development scenarios, tools like ReFrameworker, and countermeasures are covered, making this book a one stop shop for this new attack vector.

  • Introduces the reader briefly to managed code environments and rootkits in general
  • Completely details a new type of rootkit hiding in the application level and demonstrates how a hacker can change language runtime implementation
  • Focuses on managed code including Java, .NET, Android Dalvik and reviews malware development scenarios

Price: $49.95

Click here to buy from Amazon

By

Mobile Malware Attacks and Defense

Mobile Malware Attacks and DefenseMalware has gone mobile, and the security landscape is changing quickly with emerging attacks on cell phones, PDAs, and other mobile devices. This first book on the growing threat covers a wide range of malware targeting operating systems like Symbian and new devices like the iPhone. Examining code in past, current, and future risks, protect your banking, auctioning, and other activities performed on mobile devices.

* Visual Payloads
View attacks as visible to the end user, including notation of variants.

* Timeline of Mobile Hoaxes and Threats
Understand the history of major attacks and horizon for emerging threates.

* Overview of Mobile Malware Families
Identify and understand groups of mobile malicious code and their variations.

* Taxonomy of Mobile Malware
Bring order to known samples based on infection, distribution, and payload strategies.

* Phishing, SMishing, and Vishing Attacks
Detect and mitigate phone-based phishing (vishing) and SMS phishing (SMishing) techniques.

* Operating System and Device Vulnerabilities
Analyze unique OS security issues and examine offensive mobile device threats.

* Analyze Mobile Malware
Design a sandbox for dynamic software analysis and use MobileSandbox to analyze mobile malware.

* Forensic Analysis of Mobile Malware
Conduct forensic analysis of mobile devices and learn key differences in mobile forensics.

* Debugging and Disassembling Mobile Malware
Use IDA and other tools to reverse-engineer samples of malicious code for analysis.

* Mobile Malware Mitigation Measures
Qualify risk, understand threats to mobile assets, defend against attacks, and remediate incidents.

* Understand the History and Threat Landscape of Rapidly Emerging Mobile Attacks

* Analyze Mobile Device/Platform Vulnerabilities and Exploits

* Mitigate Current and Future Mobile Malware Threats

Price: $59.95

Click here to buy from Amazon

By

Malware Analyst’s Cookbook and DVD

Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious CodeMalware Analyst’s Cookbook and DVD: Tools and Techniques for Fighting Malicious Code:  a computer forensics “how-to” for fighting malicious code and analyzing incidents

With our ever-increasing reliance on computers comes an ever-growing risk of malware. Security professionals will find plenty of solutions in this book to the problems posed by viruses, Trojan horses, worms, spyware, rootkits, adware, and other invasive software. Written by well-known malware experts, this guide reveals solutions to numerous problems and includes a DVD of custom programs and tools that illustrate the concepts, enhancing your skills.

  • Security professionals face a constant battle against malicious software; this practical manual will improve your analytical capabilities and provide dozens of valuable and innovative solutions
  • Covers classifying malware, packing and unpacking, dynamic malware analysis, decoding and decrypting, rootkit detection, memory forensics, open source malware research, and much more
  • Includes generous amounts of source code in C, Python, and Perl to extend your favorite tools or build new ones, and custom programs on the DVD to demonstrate the solutions

Malware Analyst’s Cookbook is indispensible to IT security administrators, incident responders, forensic analysts, and malware researchers.

Price: $59.99

Click here to buy from Amazon

By

Hack Attacks Revealed: A Complete Reference for UNIX, Windows, and Linux with Toolkit

Hack Attacks Revealed: A Complete Reference for UNIX, Windows, and Linux with Custom Security Toolkit, Second EditionThe much-anticipated second edition of the bestselling book that details network security through the hacker’s eye
Since the first edition of Hack Attacks Revealed was published, many new attacks have been made on all operating systems, including UNIX, Windows XP, Mac OS, and Linux, and on firewalls, proxies, and gateways. Security expert John Chirillo is ready to tackle these attacks with you again. He has packed the Second Edition of his all-in-one reference with forty percent new material.
In this fascinating new edition, you’ll discover:
* The hacker’s perspective on security holes in UNIX, Linux, and Windows networks
* Over 170 new vulnerabilities and exploits
* Advanced discovery techniques
* A crash course in C for compiling hacker tools and vulnerability scanners
* The top seventy-five hack attacks for UNIX and Windows
* Malicious code coverage of Myparty, Goner, Sircam, BadTrans, Nimda, Code Red I/II, and many more
* TigerSuite Professional 3.5 (full suite single license)

Price: $60.00

Click here to buy from Amazon

By

Identifying Malicious Code Through Reverse Engineering

Identifying Malicious Code Through Reverse Engineering (Advances in Information Security)Attacks take place everyday with computers connected to the internet, because of worms, viruses or due to vulnerable software. These attacks result in a loss of millions of dollars to businesses across the world.

Identifying Malicious Code through Reverse Engineering provides information on reverse engineering and concepts that can be used to identify the malicious patterns in vulnerable software. The malicious patterns are used to develop signatures to prevent vulnerability and block worms or viruses. This book also includes the latest exploits through various case studies.

Identifying Malicious Code through Reverse Engineering is designed for professionals composed of practitioners and researchers writing signatures to prevent virus and software vulnerabilities. This book is also suitable for advanced-level students in computer science and engineering studying information security, as a secondary textbook or reference.

Price: $119.00

Click here to buy from Amazon

/* */