Thinking Security: Stopping Next Year’s Hackers (Addison-Wesley Professional Computing Series)

Rating: 
Amazon Price: $555.00 (as of January 24, 2021 21:52 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

You already know the endless list of security "do's and don'ts": run AV software and firewalls, lock everything down, encrypt everything, watch all your network traffic, follow checklists… But even if you're spending a fortune doing all that, you're at greater risk than ever: even the world's most security-focused organizations are being victimized by massive attacks. Something is terribly wrong. We're protecting the wrong things, damaging productivity, and making it way too hard for our people to help us.

Today, getting security right requires more than checklists; it requires careful thinking about your actual threats and technologies. That's what this book is about: how to think about security. Most security books just give you "do's and don'ts." Thinking Security tells you why, and helps you design a security architecture that truly fits your organization.
Continue reading “Thinking Security: Stopping Next Year's Hackers (Addison-Wesley Professional Computing Series)”

Exploiting Online Games: Cheating Massively Distributed Systems

Rating: 
Amazon Price: $54.99 $49.49 You save: $5.50 (10%) (as of January 24, 2021 22:58 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

"Imagine trying to play defense in football without ever studying offense. You would not know when a run was coming, how to defend pass patterns, nor when to blitz. In computer systems, as in football, a defender must be able to think like an attacker. I say it in my class every semester, you don't want to be the last person to attack your own system–you should be the first.
"The world is quickly going online. While I caution against online voting, it is clear that online gaming is taking the Internet by storm. In our new age where virtual items carry real dollar value, and fortunes are won and lost over items that do not really exist, the new threats to the intrepid gamer are all too real. To protect against these hazards, you must understand them, and this groundbreaking book is the only comprehensive source of information on how to exploit computer games. Every White Hat should read it. It's their only hope of staying only one step behind the bad guys."
–Aviel D. Rubin, Ph.D.
Professor, Computer Science
Technical Director, Information Security Institute
Johns Hopkins University
"Everyone's talking about virtual worlds. But no one's talking about virtual-world security. Greg Hoglund and Gary McGraw are the perfect pair to show just how vulnerable these online games can be."
–Cade Metz
Senior Editor
PC Magazine
"If we're going to improve our security practices, frank discussions like the ones in this book are the only way forward. Or as the authors of this book might say, when you're facing off against Heinous Demons of Insecurity, you need experienced companions, not to mention a Vorpal Sword of Security Knowledge."
–Edward W. Felten, Ph.D.
Professor of Computer Science and Public Affairs
Director, Center for Information Technology Policy
Princeton University
"Historically, games have been used by warfighters to develop new capabilities and to hone existing skills–especially in the Air Force. The authors turn this simple concept on itself, making games themselves the subject and target of the 'hacking game,' and along the way creating a masterly publication that is as meaningful to the gamer as it is to the serious security system professional.
"Massively distributed systems will define the software field of play for at least the next quarter century. Understanding how they work is important, but understanding how they can be manipulated is essential for the security professional. This book provides the cornerstone for that knowledge."
–Daniel McGarvey
Chief, Information Protection Directorate
United States Air Force
"Like a lot of kids, Gary and I came to computing (and later to computer security) through games. At first, we were fascinated with playing games on our Apple ][s, but then became bored with the few games we could afford. We tried copying each other's games, but ran up against copy-protection schemes. So we set out to understand those schemes and how they could be defeated. Pretty quickly, we realized that it was a lot more fun to disassemble and work around the protections in a game than it was to play it.
"With the thriving economies of today's online games, people not only have the classic hacker's motivation to understand and bypass the security of games, but also the criminal motivation of cold, hard cash. That's a combination that's hard to stop. The first step, taken by this book, is revealing the techniques that are being used today."
–Greg Morrisett, Ph.D.
Allen B. Cutting Professor of Computer Science
School of Engineering and Applied Sciences
Harvard University
"If you're playing online games today and you don't understand security, you're at a real disadvantage. If you're designing the massive distributed systems of tomorrow and you don't learn from games, you're just plain sunk."
–Brian Chess, Ph.D.
Founder/Chief Scientist, Fortify Software
Coauthor of Secure Programming with Static Analysis
"This book offers up a fascinating tour of the battle for software security on a whole new front: attacking an online game. Newcomers will find it incredibly eye opening and even veterans of the field will enjoy some of the same old programming mistakes given brilliant new light in a way that only massively-multiplayer-supermega-blow-em-up games can deliver. w00t!"
–Pravir Chandra
Principal Consultant, Cigital
Coauthor of Network Security with OpenSSL
If you are a gamer, a game developer, a software security professional, or an interested bystander, this book exposes the inner workings of online-game security for all to see.
From the authors of the best-selling Exploiting Software, Exploiting Online Games takes a frank look at controversial security issues surrounding MMORPGs, such as World of Warcraft™ and Second Life®. This no-holds-barred book comes fully loaded with code examples, debuggers, bots, and hacks.
This book covers Why online games are a harbinger of software security issues to come How millions of gamers have created billion-dollar virtual economies How game companies invade personal privacy Why some gamers cheat Techniques for breaking online game security How to build a bot to play a game for you Methods for total conversion and advanced mods
Written by the world's foremost software security experts, this book takes a close look at security problems associated with advanced, massively distributed software. With hundreds of thousands of interacting users, today's online games are a bellwether of modern software. The kinds of attack and defense techniques described in Exploiting Online Games are tomorrow's security techniques on display today.

Technocrime: Policing and Surveillance (Routledge Frontiers of Criminal Justice)

Rating: 
Amazon Price: $160.00 $55.98 You save: $104.02 (65%) (as of January 24, 2021 16:06 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

The growth of technology allows us to imagine entirely new ways of committing, combating and thinking about criminality, criminals, police, courts, victims and citizens. Technology offers not only new tools for committing and fighting crime, but new ways to look for, unveil, label crimes and new ways to know, watch, prosecute and punish criminals. This book attempts to disentangle the realities, the myths, the politics, the theories and the practices of our new, technology-assisted, era of crime and policing.

Technocrime, policing and surveillance explores new areas of technocrime and technopolicing, such as credit card fraud, the use of DNA and fingerprint databases, the work of media in creating new crimes and new criminals, as well as the "proper" way of doing policing, and the everyday work of police investigators and intelligence officers, as seen through their own eyes. These chapters offer new avenues for studying technology, crime and control, through innovative social science methodologies.
Continue reading “Technocrime: Policing and Surveillance (Routledge Frontiers of Criminal Justice)”

Cybercrime and Digital Forensics: An Introduction

Rating: 
Amazon Price: $79.95 $49.11 You save: $30.84 (39%) (as of January 24, 2021 22:58 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

This book offers a comprehensive and integrative introduction to cybercrime. It offers an authoritative synthesis of the disparate literature on the various types of cybercrime, the investigation and detection of cybercrime and the role of digital information, and the wider role of technology as a facilitator for social relationships between deviants and criminals. It includes coverage of:

key theoretical and methodological perspectives,
Continue reading “Cybercrime and Digital Forensics: An Introduction”

Ethical Hacking and Penetration Testing Guide

Rating: 
Amazon Price: $50.01 (as of January 24, 2021 22:10 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Requiring no prior hacking experience, Ethical Hacking and Penetration Testing Guide supplies a complete introduction to the steps required to complete a penetration test, or ethical hack, from beginning to end. You will learn how to properly utilize and interpret the results of modern-day hacking tools, which are required to complete a penetration test.

The book covers a wide range of tools, including Backtrack Linux, Google reconnaissance, MetaGooFil, dig, Nmap, Nessus, Metasploit, Fast Track Autopwn, Netcat, and Hacker Defender rootkit. Supplying a simple and clean explanation of how to effectively utilize these tools, it details a four-step methodology for conducting an effective penetration test or hack.
Continue reading “Ethical Hacking and Penetration Testing Guide”