XSS Attacks: Cross Site Scripting Exploits and Defense

Rating: 
Amazon Price: $44.52 (as of July 9, 2020 17:00 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

A cross site scripting attack is a very specific type of attack on a web application. It is used by hackers to mimic real sites and fool people into providing personal data.

Cross Site Scripting Attacks starts by defining the terms and laying out the ground work. It assumes that the reader is familiar with basic web programming (HTML) and JavaScript. First it discusses the concepts, methodology, and technology that makes XSS a valid concern. It then moves into the various types of XSS attacks, how they are implemented, used, and abused. After XSS is thoroughly explored, the next part provides examples of XSS malware and demonstrates real cases where XSS is a dangerous risk that exposes internet users to remote access, sensitive data theft, and monetary losses. Finally, the book closes by examining the ways developers can avoid XSS vulnerabilities in their web applications, and how users can avoid becoming a victim. The audience is web developers, security practitioners, and managers.
Continue reading “XSS Attacks: Cross Site Scripting Exploits and Defense”

Stealing The Network: How to Own the Box (Cyber-Fiction)

Rating: 
Amazon Price: $30.49 (as of July 9, 2020 17:00 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

"Stealing the Network: How to Own the Box" is NOT intended to be a "install, configure, update, troubleshoot, and defend book." It is also NOT another one of the countless Hacker books out there. So, what IS it? It is an edgy, provocative, attack-oriented series of chapters written in a first hand, conversational style. World-renowned network security personalities present a series of 25 to 30 page chapters written from the point of an attacker who is gaining access to a particular system. This book portrays the "street fighting" tactics used to attack networks and systems.

Not just another "hacker" book, it plays on "edgy" market success of Steal this Computer Book with first hand, eyewitness accounts
A highly provocative expose of advanced security exploits
Written by some of the most high profile "White Hats", "Black Hats" and "Gray Hats"
Gives readers a "first ever" look inside some of the most notorious network intrusions

Practical VoIP Security

Rating: 
Amazon Price: $29.97 (as of July 9, 2020 00:35 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Voice Over IP (VoIP) phone lines now represent over 50% of all new phone line installations. Every one of these new VoIP phone lines and handsets must now be protected from malicious hackers because these devices now reside on the network and are accessible from the Internet just like any server or workstation.

This book will cover a wide variety of the publicly available exploit tools and how they can be used specifically against VoIP (Voice over IP) Telephony systems. The book will cover the attack methodologies that are used against the SIP and H.323 protocols as well as VoIP network infrastructure. Significant emphasis will be placed on both attack and defense techniques. This book is designed to be very hands on and scenario intensive
Continue reading “Practical VoIP Security”

Cybercrime and Espionage: An Analysis of Subversive Multi-Vector Threats

Rating: 
Amazon Price: $59.95 $30.57 You save: $29.38 (49%) (as of July 9, 2020 06:16 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Cybercrime and Espionage provides a comprehensive analysis of the sophisticated patterns and subversive multi-vector threats (SMTs) associated with modern cybercrime, cyber terrorism, cyber warfare and cyber espionage. Whether the goal is to acquire and subsequently sell intellectual property from one organization to a competitor or the international black markets, to compromise financial data and systems, or undermine the security posture of a nation state by another nation state or sub-national entity, SMTs are real and growing at an alarming pace. This book contains a wealth of knowledge related to the realities seen in the execution of advanced attacks, their success from the perspective of exploitation and their presence within all industry. It will educate readers on the realities of advanced, next generation threats, which take form in a variety ways.

This book consists of 12 chapters covering a variety of topics such as the maturity of communications systems and the emergence of advanced web technology; how regulatory compliance has worsened the state of information security; the convergence of physical and logical security; asymmetric forms of gathering information; seven commonalities of SMTs; examples of compromise and presence of SMTs; next generation techniques and tools for avoidance and obfuscation; and next generation techniques and tools for detection, identification and analysis.
Continue reading “Cybercrime and Espionage: An Analysis of Subversive Multi-Vector Threats”

Malware Forensics Field Guide for Windows Systems: Digital Forensics Field Guides

Rating: 
Amazon Price: $16.17 (as of July 9, 2020 06:00 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Dissecting the dark side of the Internet with its infectious worms, botnets, rootkits, and Trojan horse programs (known as malware) is a treaterous condition for any forensic investigator or analyst. Written by information security experts with real-world investigative experience, Malware Forensics Field Guide for Windows Systems is a "tool" with checklists for specific tasks, case studies of difficult situations, and expert analyst tips.

*A condensed hand-held guide complete with on-the-job tasks and checklists
Continue reading “Malware Forensics Field Guide for Windows Systems: Digital Forensics Field Guides”