When malware breaches your defenses, you need to act quickly to cure current infections and prevent future ones from occurring.For those who want to stay ahead of the latest malware, Practical Malware Analysis will teach you the tools and techniques used by professional analysts. With this book as your guide, you'll be able to safely analyze, debug, and disassemble any malicious software that comes your way.You'll learn how to:Set up a safe virtual environment to analyze malware Quickly extract network signatures and host-based indicators Use key analysis tools like IDA Pro, OllyDbg, and WinDbg Overcome malware tricks like obfuscation, anti-disassembly, anti-debugging, and anti-virtual machine techniques Use your newfound knowledge of Windows internals for malware analysis Develop a methodology for unpacking malware and get practical experience with five of the most popular packers Analyze special cases of malware with shellcode, C++, and 64-bit code Hands-on labs throughout the book challenge you to practice and synthesize your skills as you dissect real malware samples, and pages of detailed dissections offer an over-the-shoulder look at how the pros do it. You'll learn how to crack open malware to see how it really works, determine what damage it has done, thoroughly clean your network, and ensure that the malware never comes back.Malware analysis is a cat-and-mouse game with rules that are constantly changing, so make sure you have the fundamentals. Whether you're tasked with securing one network or a thousand networks, or you're making a living as a malware analyst, you'll find what you need to succeed in Practical Malware Analysis.

    Cryptography is vital to keeping information safe, in an era when the formula to do so becomes more and more challenging. Written by a team of world-renowned cryptography experts, this essential guide is the definitive introduction to all major areas of cryptography: message security, key negotiation, and key management. You'll learn how to think like a cryptographer. You'll discover techniques for building cryptography into products from the start and you'll examine the many technical changes in the field.After a basic overview of cryptography and what it means today, this indispensable resource covers such topics as block ciphers, block modes, hash functions, encryption modes, message authentication codes, implementation issues, negotiation protocols, and more. Helpful examples and hands-on exercises enhance your understanding of the multi-faceted field of cryptography.An author team of internationally recognized cryptography experts updates you on vital topics in the field of cryptography Shows you how to build cryptography into products from the start Examines updates and changes to cryptography Includes coverage on key servers, message security, authentication codes, new standards, block ciphers, message authentication codes, and more Cryptography Engineering gets you up to speed in the ever-evolving field of cryptography.

    And, the Director of Google Ideas, Jared Cohen, formerly an advisor to both Secretaries of State Condoleezza Rice and Hillary Clinton.Never before has the future been so vividly and transparently imagined. From technologies that will change lives (information systems that greatly increase productivity, safety and our quality of life, thought controlled motion technology that can revolutionize medical procedures, and near-perfect translation technology that allows us to have more diversified interactions) to our most important future considerations (curating our online identity and fighting those who would do harm with it) to the widespread political change that will transform the globe (through transformations in conflict, increasingly active and global citizenries, a new wave of cyber-terrorism and states operating simultaneously in the physical and virtual realms) to the ever present threats to our privacy and security, Schmidt and Cohen outline in great detail and scope all the promise and peril awaiting us in the coming decades.

    Their choices are limited by mountains, rivers, seas, and concrete. To understand world events, news organizations and other authorities often focus on people, ideas, and political movements, but without geography, we never have the full picture. Now, in the relevant and timely Prisoners of Geography, seasoned journalist Tim Marshall examines Russia, China, the USA, Latin America, the Middle East, Africa, Europe, Japan and Korea, and Greenland and the Arctic—their weather, seas, mountains, rivers, deserts, and borders—to provide a context often missing from our political reportage: how the physical characteristics of these countries affect their strengths and vulnerabilities and the decisions made by their leaders.In ten, up-to-date maps of each region, Marshall explains in clear and engaging prose the complex geo-political strategies of these key parts of the globe. What does it mean that Russia must have a navy, but also has frozen ports six months a year? How does this affect Putin’s treatment of Ukraine? How is China’s future constrained by its geography? Why will Europe never be united? Why will America never be invaded? Shining a light on the unavoidable physical realities that shape all of our aspirations and endeavors, Prisoners of Geography is the critical guide to one of the major (and most often overlooked) determining factors in world history.

    Steven Johnson proposes that a new model of political change is on the rise, transforming everything from local government to classrooms to health care. It’s a compelling new political worldview that breaks with traditional categories of liberal or conservative thinking. Johnson explores this innovative vision through a series of fascinating narratives: from the “Miracle on the Hudson” to the planning of the French railway system; from the battle against malnutrition in Vietnam to a mysterious outbreak of strange smells in downtown Manhattan; from underground music video artists to the invention of the Internet itself. At a time when the conventional wisdom holds that the political system is hopelessly gridlocked with old ideas, Future Perfect makes the timely and uplifting case that progress is still possible.

    In 2005, the U.S. Air Force boasted it would now fly, fight, and win in cyberspace, the "fifth domain" of warfare. This book takes stock, twenty years on: is cyber war really coming? Has war indeed entered the fifth domain? Cyber War Will Not Take Place cuts through the hype and takes a fresh look at cyber security. Thomas Rid argues that the focus on war and winning distracts from the real challenge of cyberspace: non-violent confrontation that may rival or even replace violence in surprising ways. The threat consists of three different vectors: espionage, sabotage, and subversion. The author traces the most significant hacks and attacks, exploring the full spectrum of case studies from the shadowy world of computer espionage and weaponised code. With a mix of technical detail and rigorous political analysis, the book explores some key questions: What are cyber weapons? How have they changed the meaning of violence? How likely and how dangerous is crowd-sourced subversive activity? Why has there never been a lethal cyber attack against a country's critical infrastructure? How serious is the threat of "pure" cyber espionage, of exfiltrating data without infiltrating humans first? And who is most vulnerable: which countries, industries, individuals?

    Alexander Klimburg was a member of the generation for whom it was a utopian ideal turned reality: a place where ideas, information, and knowledge could be shared and new freedoms found and enjoyed. Two decades later, the future isn't so bright any more: increasingly, the Internet is used as a weapon and a means of domination by states eager to exploit or curtail global connectivity in order to further their national interests. Klimburg is a leading voice in the conversation on the implications of this dangerous shift, and in The Darkening Web, he explains why we underestimate the consequences of states' ambitions to project power in cyberspace at our peril: Not only have hacking and cyber operations fundamentally changed the nature of political conflict--ensnaring states in a struggle to maintain a precarious peace that could rapidly collapse into all-out war--but the rise of covert influencing and information warfare has enabled these same global powers to create and disseminate their own distorted versions of reality in which anything is possible. At stake are not only our personal data or the electrical grid, but the Internet as we know it today--and with it the very existence of open and democratic societies. Blending anecdote with argument, Klimburg brings us face-to-face with the range of threats the struggle for cyberspace presents, from an apocalyptic scenario of debilitated civilian infrastructure to a 1984-like erosion of privacy and freedom of expression. Focusing on different approaches to cyber-conflict in the US, Russia and China, he reveals the extent to which the battle for control of the Internet is as complex and perilous as the one surrounding nuclear weapons during the Cold War--and quite possibly as dangerous for humanity as a whole. Authoritative, thought-provoking, and compellingly argued, The Darkening Web makes clear that the debate about the different aspirations for cyberspace is nothing short of a war over our global values.

    Revised and updated using feedback from Instructors and students, learn security operations in the areas of telecommunications, cryptography, management practices, and more. Plan for continuity and disaster recovery. Update your knowledge of laws, investigations, and ethics. Plus, run the CD-ROM and practice with more than 500 all new simulated exam questions. Browse the all new electronic book for studying on the go. Let security consultant and author Shon Harris lead you to successful completion of the CISSP.

    That same year, a trove of Michael Jackson memorabilia—including his iconic crystal-encrusted white glove—was sold at auction for over $1 million to a guy who was, officially, just the lowly forestry minister of the tiny nation of Equatorial Guinea. And in 2014, Ukrainian revolutionaries raided the palace of their ousted president and found a zoo of peacocks, gilded toilets, and a floating restaurant modeled after a Spanish galleon. Unlikely as it might seem, there is a thread connecting these events, and Rachel Maddow follows it to its crooked source: the unimaginably lucrative and equally corrupting oil and gas industry. With her trademark black humor, Maddow takes us on a switchback journey around the globe, revealing the greed and incompetence of Big Oil and Gas along the way, and drawing a surprising conclusion about why the Russian government hacked the 2016 U.S. election. She deftly shows how Russia’s rich reserves of crude have, paradoxically, stunted its growth, forcing Putin to maintain his power by spreading Russia’s rot into its rivals, its neighbors, the West’s most important alliances, and the United States. Chevron, BP, and a host of other industry players get their star turn, most notably ExxonMobil and the deceptively well-behaved Rex Tillerson. The oil and gas industry has weakened democracies in developed and developing countries, fouled oceans and rivers, and propped up authoritarian thieves and killers. But being outraged at it is, according to Maddow, “like being indignant when a lion takes down and eats a gazelle. You can’t really blame the lion. It’s in her nature.” Blowout is a call to contain the lion: to stop subsidizing the wealthiest businesses on earth, to fight for transparency, and to check the influence of the world’s most destructive industry and its enablers. The stakes have never been higher. As Maddow writes, “Democracy either wins this one or disappears.”

    But while Metasploit is used by security professionals everywhere, the tool can be hard to grasp for first-time users. Metasploit: The Penetration Tester's Guide fills this gap by teaching you how to harness the Framework and interact with the vibrant community of Metasploit contributors.Once you've built your foundation for penetration testing, you'll learn the Framework's conventions, interfaces, and module system as you launch simulated attacks. You'll move on to advanced penetration testing techniques, including network reconnaissance and enumeration, client-side attacks, wireless attacks, and targeted social-engineering attacks.Learn how to:Find and exploit unmaintained, misconfigured, and unpatched systems Perform reconnaissance and find valuable information about your target Bypass anti-virus technologies and circumvent security controls Integrate Nmap, NeXpose, and Nessus with Metasploit to automate discovery Use the Meterpreter shell to launch further attacks from inside the network Harness standalone Metasploit utilities, third-party tools, and plug-ins Learn how to write your own Meterpreter post exploitation modules and scripts You'll even touch on exploit discovery for zero-day research, write a fuzzer, port existing exploits into the Framework, and learn how to cover your tracks. Whether your goal is to secure your own networks or to put someone else's to the test, Metasploit: The Penetration Tester's Guide will take you there and beyond.

    Bleak tools of the cold war, they embodied the rigid organization and mechanical conformity that made the military-industrial complex possible. But by the 1990s—and the dawn of the Internet—computers started to represent a very different kind of world: a collaborative and digital utopia modeled on the communal ideals of the hippies who so vehemently rebelled against the cold war establishment in the first place. From Counterculture to Cyberculture is the first book to explore this extraordinary and ironic transformation. Fred Turner here traces the previously untold story of a highly influential group of San Francisco Bay–area entrepreneurs: Stewart Brand and the Whole Earth network. Between 1968 and 1998, via such familiar venues as the National Book Award–winning Whole Earth Catalog, the computer conferencing system known as WELL, and, ultimately, the launch of the wildly successful Wired magazine, Brand and his colleagues brokered a long-running collaboration between San Francisco flower power and the emerging technological hub of Silicon Valley. Thanks to their vision, counterculturalists and technologists alike joined together to reimagine computers as tools for personal liberation, the building of virtual and decidedly alternative communities, and the exploration of bold new social frontiers. Shedding new light on how our networked culture came to be, this fascinating book reminds us that the distance between the Grateful Dead and Google, between Ken Kesey and the computer itself, is not as great as we might think.

    Who are these people, what motivates them, and why should you care?Consider these facts: Everything around us is turning into computers. Your typewriter is gone, replaced by a computer. Your phone has turned into a computer. So has your camera. Soon your TV will. Your car was not only designed on computers, but has more processing power in it than a room-sized mainframe did in 1970. Letters, encyclopedias, newspapers, and even your local store are being replaced by the Internet.Hackers & Painters: Big Ideas from the Computer Age, by Paul Graham, explains this world and the motivations of the people who occupy it. In clear, thoughtful prose that draws on illuminating historical examples, Graham takes readers on an unflinching exploration into what he calls “an intellectual Wild West.”The ideas discussed in this book will have a powerful and lasting impact on how we think, how we work, how we develop technology, and how we live. Topics include the importance of beauty in software design, how to make wealth, heresy and free speech, the programming language renaissance, the open-source movement, digital design, internet startups, and more.

    The RTFM contains the basic syntax for commonly used Linux and Windows command line tools, but it also encapsulates unique use cases for powerful tools such as Python and Windows PowerShell. The RTFM will repeatedly save you time looking up the hard to remember Windows nuances such as Windows wmic and dsquery command line tools, key registry values, scheduled tasks syntax, startup locations and Windows scripting. More importantly, it should teach you some new red team techniques.

    Dobbs Jolt Award Finalist since Bruce Schneier's Secrets and Lies and Applied Cryptography!Adam Shostack is responsible for security development lifecycle threat modeling at Microsoft and is one of a handful of threat modeling experts in the world. Now, he is sharing his considerable expertise into this unique book. With pages of specific actionable advice, he details how to build better security into the design of systems, software, or services from the outset. You'll explore various threat modeling approaches, find out how to test your designs against threats, and learn effective ways to address threats that have been validated at Microsoft and other top companies.Systems security managers, you'll find tools and a framework for structured thinking about what can go wrong. Software developers, you'll appreciate the jargon-free and accessible introduction to this essential skill. Security professionals, you'll learn to discern changing threats and discover the easiest ways to adopt a structured approach to threat modeling.Provides a unique how-to for security and software developers who need to design secure products and systems and test their designs Explains how to threat model and explores various threat modeling approaches, such as asset-centric, attacker-centric and software-centric Provides effective approaches and techniques that have been proven at Microsoft and elsewhere Offers actionable how-to advice not tied to any specific software, operating system, or programming language Authored by a Microsoft professional who is one of the most prominent threat modeling experts in the world As more software is delivered on the Internet or operates on Internet-connected devices, the design of secure software is absolutely critical. Make sure you're ready with Threat Modeling: Designing for Security.

    CNN host and best-selling author Fareed Zakaria helps readers to understand the nature of a post-pandemic world: the political, social, technological, and economic impacts that may take years to unfold.In the form of ten straightforward “lessons,” covering topics from globalization and threat-preparedness to inequality and technological advancement, Zakaria creates a structure for readers to begin thinking beyond the immediate impacts of COVID-19. Ten Lessons for a Post-Pandemic World speaks to past, present, and future, and, while urgent and timely, is sure to become an enduring staple.