- CyberWar: Si Vis Pacem, Para Bellum CyberWar

May
19

A Guide to Kernel Exploitation: Attacking the Core

Category: Books Tags: Attack, Buffer Overflow, Exploit, Heap Overflow, Kernel, Mac OS X, Rootkit, Stack Overflow, UNIX, Windows Leave a Comment

The number of security countermeasures against user-land exploitation is on the rise. Because of this, kernel exploitation is becoming much more popular among exploit writers and attackers. Playing with the heart of the operating system can be a dangerous game: This book covers the theoretical techniques and approaches needed to develop reliable and effective kernel-level exploits and applies them to different operating systems (Linux, Solaris, Mac OS X, and Windows). Kernel exploits require both art and science to achieve. Every OS has its quirks and so every exploit must be molded to fully exploit its target. This book discusses the most popular OS families-UNIX derivatives, Mac OS X, and Windows-and how to gain complete control over them. Concepts and tactics are presented categorically so that even when a specifically detailed exploit has been patched, the foundational information that you have read will help you to write a newer, better attack or a more concrete design and defensive structure.

Covers a range of operating system families – UNIX derivatives, Mac OS X, Windows
Details common scenarios such as generic memory corruption (stack overflow, heap overflow, etc.) issues, logical bugs and race conditions
Delivers the reader from user-land exploitation to the world of kernel-land (OS) exploits/attacks, with a particular focus on the steps that lead to the creation of successful techniques, in order to give to the reader something more than just a set of tricks

Price: $49.95

Click here to buy from Amazon

May
18

By CyberWarrior

Hacking Exposed: Malware, Rootkits Secrets and Solutions

Category: Books Tags: Encrypt, Exploit, Hacking, HIPS, Kernel, Malware, NIPS, Obfuscation, Rootkit, Weapon, Zombie 1 Comment

“A harrowing guide to where the bad guys hide, and how you can find them.” –Dan Kaminsky, Director of Penetration Testing, IOActive

“An amazing resource. It is timely, focused, and what we need to better understand and defend against one of the greatest cyber threats we face.” –From the Foreword by Lance Spitzner, President of the Honeynet Project

Don’t let another machine become a zombie in the malware army

Defend against the ongoing wave of malware and rootkit assaults the failsafe Hacking Exposed way. Real-world case studies and examples reveal how today’s hackers use readily available tools to infiltrate and hijack systems. Step-by-step countermeasures provide proven prevention techniques. Find out how to detect and eliminate malicious embedded code, block pop-ups and websites, prevent keylogging, and terminate rootkits. The latest intrusion detection, firewall, honeynet, antivirus, anti-rootkit, and anti-spyware technologies are covered in detail.

Understand how malware infects, survives, and propagates across an enterprise
Learn how hackers use archivers, encryptors, and packers to obfuscate code
Implement effective intrusion detection and prevention procedures
Defend against keylogging, redirect, click fraud, and identity theft threats
Detect, kill, and remove virtual, user-mode, and kernel-mode rootkits
Prevent malicious website, phishing, client-side, and embedded-code exploits
Protect hosts using the latest antivirus, pop-up blocker, and firewall software
Identify and terminate malicious processes using HIPS and NIPS

Price: $49.99

Click here to buy from Amazon

May
18

By CyberWarrior

Managed Code Rootkits: Hooking into Runtime Environments

Category: Books Tags: .NET, A8X, ADB, Android, Application, Attack, Back Door, back doors, Bluetooth, Compiler, Dalvik, development scenarios, Dropad, Froyo, GCC, Gingerbread, GPS, Hacker, Honeycomb, Java, Kernel, Malware, metula, new rootkit, ReFrameworker, Rootkit, rootkits, runtime environments, Samsung, security checks, Tools, Virtual, Virtual Machine, VM, VMware, War, Weapon, WiFi 1 Comment

Imagine being able to change the languages for the applications that a computer is running and taking control over it. That is exactly what managed code rootkits can do when they are placed within a computer. This new type of rootkit is hiding in a place that had previously been safe from this type of attack-the application level. Code reviews do not currently look for back doors in the virtual machine (VM) where this new rootkit would be injected. An invasion of this magnitude allows an attacker to steal information on the infected computer, provide false information, and disable security checks. Erez Metula shows the reader how these rootkits are developed and inserted and how this attack can change the managed code that a computer is running, whether that be JAVA, .NET, Android Dalvik or any other managed code. Management development scenarios, tools like ReFrameworker, and countermeasures are covered, making this book a one stop shop for this new attack vector.

Introduces the reader briefly to managed code environments and rootkits in general
Completely details a new type of rootkit hiding in the application level and demonstrates how a hacker can change language runtime implementation
Focuses on managed code including Java, .NET, Android Dalvik and reviews malware development scenarios

Price: $49.95

Click here to buy from Amazon

May
18

By CyberWarrior

The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System

Category: Books Tags: Arsenal, Attack, Black Hat, Kernel, Rootkit, Weapon, White Hat 2 Comments

With the growing prevalence of the Internet, rootkit technology has taken center stage in the battle between White Hats and Black Hats. Adopting an approach that favors full disclosure, The Rootkit Arsenal presents the most accessible, timely, and complete coverage of rootkit technology. This book covers more topics, in greater depth, than any other currently available. In doing so, the author forges through the murky back alleys of the Internet, shedding light on material that has traditionally been poorly documented, partially documented, or intentionally undocumented.

Price: $49.95

Click here to buy from Amazon

May
15

By CyberWarrior

Unmasked

Category: Books Tags: Anonymous, Anoun, Attack, congressman, Cyber Weapon, cyber weapons, Hacker, Hackers, Law, mail messages, Rootkit, rootkits, security company, Unmasked, wikileaks Leave a Comment

Anonymous got lucky. When five of its hackers attacked security company HBGary Federal on February 6, 2011, they were doing so in order to defend the group’s privacy. It wasn’t because they hoped to reveal plans to attack WikiLeaks, create surveillance cells targeting pro-union organizations, and sell sophisticated rootkits to the US government for use as offensive cyber weapons—but that’s what they found.

In the weeks after the attack, the hackers released tens of thousands of e-mail messages and made headlines around the world. Aaron Bar, the CEO of HBGary Federal, eventually resigned; 12 Congressman called for an investigation; an ethics complaint was lodged against a major DC law firm involved with some of the more dubious plans.

Join Ars’ editors as they dig into the secret world of Anonymous and hackers for hire in Unmasked.

Price: $1.99

Click here to buy from Amazon

Unmasked @ CyberWar: Si Vis Pacem, Para Bellum

A Guide to Kernel Exploitation: Attacking the Core

Hacking Exposed: Malware, Rootkits Secrets and Solutions

Managed Code Rootkits: Hooking into Runtime Environments

The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System

Unmasked

Amazon Cyber Tools