CyberWar

Si Vis Pacem, Para Bellum

By

Cyber War: The Next Threat to National Security and What to Do about It

Cyber War: The Next Threat to National Security and What to Do about It“The Forgotten Homeland” gathers some of the leading homeland security experts to analyze the United States’ most significant vulnerabilities and to propose strategies to reduce them. The report addresses terrorist as well as non-terrorist threats, and offers ideas for strengthening all aspects of emergency response – including the ability to respond to natural disasters such as Hurricane Katrina.

 

 

 

 

 

Price:

Click here to buy from Amazon

By

Air Cyber Power and ADS-B Vulnerabilities

Dynamic Radar Map from Flightradar24.com

Exploring Potential ADS-B Vulnerabilities in The FAA NEXTGEN Air Transportation System
The Fog of a “Cyber” War

“It is late fall 2025; Al Qaeda sleeper cells target the disruption of airline traffic into multiple East coast airports during the busy travel season from Thanksgiving through Christmas.
ADS-B IN/OUT has been fully implemented by the FAA; all commercial airlines have invested heavily to comply with the mandate. Oil prices are at an all time high and flights are carrying minimal fuel loads to save money and offset the cost of avionics.

The goal: force multiple airplanes to divert; pilots, FAA controllers and passengers to lose faith in the system; and possibly cause enough chaos to the NAS system that a few lives are lost.

The plan: exploit the U.S. dependency on ADS-B IN/OUT and GPS for arrivals into busy airports, especially during low visibility conditions.

The teams: five two man teams have been put into play for the mission. They are provided with all the commercially available technology they will need, along with a few modified laptop computers, antennas and transmitters.

The targets: Regan National, Dulles, La Guardia, JFK and Philadelphia International airports. The terrorists have been tasked to park minivans with computers containing modified software that are coupled to ADS-B OUT transmitters. The software is designed to be remotely activated and controlled over an Internet connection. Each computer is programmed specifically for the targeted airport, and transmits 978MHz and 1090MHz signals out a boosted transmitter.

As a result, airlines on final approach will receive false targets on their displays. The terrorists ghost target injects also propagate to the FAA controller’s screens. The terrorists intended these spoofed targets, programmed at conflicting arrival and departure corridors as well as in runway incursion situations, to cause multiple airports to become temporarily unusable. The resulting domino effect causes aircraft diversions and delays that will lead to chaos.”

DONALD L. McCALLIE
Major, USAF
Degree of Master of Cyber Warfare
Air Force Institute of Technology
Wright-Patterson Air Force Base, Ohio, USA

Download Exploring Potential ADS-B Vulnerabilities in The FAA’s Nextgen Air Transportation System

By

Metasploit: The Penetration Tester’s Guide

Metasploit - A Penetration Tester GuideThe Metasploit Framework is a powerful suite of tools that security researchers use to investigate and resolve potential network and system vulnerabilities. Metasploit: The Penetration Tester‘s Guide shows readers how to assess networks by using Metasploit to launch simulated attacks that expose weaknesses in their security. The book begins with the basics of information security and Metasploit, then proceeds to general and advanced techniques for penetration testing, including network reconnaissance and enumeration, server- and client-side attacks, devastating wireless attacks, and even targeted social engineering attacks. Whether readers are looking to secure their own networks or discover holes in others’, Metasploit is the definitive guide to penetration testing with this dynamic and flexible framework.

Price: $49.95

Click here to buy from Amazon

By

Buffer Overflow Attacks: Detect, Exploit, Prevent

Buffer Overflow Attacks: Detect, Exploit, PreventThe SANS Institute maintains a list of the “Top 10 Software Vulnerabilities.” At the current time, over half of these vulnerabilities are exploitable by Buffer Overflow attacks, making this class of attack one of the most common and most dangerous weapon used by malicious attackers. This is the first book specifically aimed at detecting, exploiting, and preventing the most common and dangerous attacks.

Buffer overflows make up one of the largest collections of vulnerabilities in existence; And a large percentage of possible remote exploits are of the overflow variety. Almost all of the most devastating computer attacks to hit the Internet in recent years including SQL Slammer, Blaster, and I Love You attacks. If executed properly, an overflow vulnerability will allow an attacker to run arbitrary code on the victim’s machine with the equivalent rights of whichever process was overflowed. This is often used to provide a remote shell onto the victim machine, which can be used for further exploitation.

A buffer overflow is an unexpected behavior that exists in certain programming languages. This book provides specific, real code examples on exploiting buffer overflow attacks from a hacker’s perspective and defending against these attacks for the software developer.

*Over half of the “SANS TOP 10 Software Vulnerabilities” are related to buffer overflows.

*None of the current-best selling software security books focus exclusively on buffer overflows.

*This book provides specific, real code examples on exploiting buffer overflow attacks from a hacker’s perspective and defending against these attacks for the software developer.

Price: $36.95

Click here to buy from Amazon

By

Hacking: The Next Generation (Animal Guide)

Hacking: The Next Generation (Animal Guide)With the advent of rich Internet applications, the explosion of social media, and the increased use of powerful cloud computing infrastructures, a new generation of attackers has added cunning new techniques to its arsenal. For anyone involved in defending an application or a network of systems, Hacking: The Next Generation is one of the few books to identify a variety of emerging attack vectors.

You’ll not only find valuable information on new hacks that attempt to exploit technical flaws, you’ll also learn how attackers take advantage of individuals via social networking sites, and abuse vulnerabilities in wireless technologies and cloud infrastructures. Written by seasoned Internet security professionals, this book helps you understand the motives and psychology of hackers behind these attacks, enabling you to better prepare and defend against them.

 

  • Learn how “inside out” techniques can poke holes into protected networks
  • Understand the new wave of “blended threats” that take advantage of multiple application vulnerabilities to steal corporate data
  • Recognize weaknesses in today’s powerful cloud infrastructures and how they can be exploited
  • Prevent attacks against the mobile workforce and their devices containing valuable data
  • Be aware of attacks via social networking sites to obtain confidential information from executives and their assistants
  • Get case studies that show how several layers of vulnerabilities can be used to compromise multinational corporations

Price: $39.99

Click here to buy from Amazon

/* */