Cargando…
Targeted cyber attacks : multi-staged attacks driven by exploits and malware /
Cyber-crime increasingly impacts both the online and offline world, and targeted attacks play a significant role in disrupting services in both. Targeted attacks are those that are aimed at a particular individual, group, or type of site or service. Unlike worms and viruses that usually attack indis...
| Clasificación: | Libro Electrónico |
|---|---|
| Autor principal: | |
| Otros Autores: | |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
Waltham, MA :
Syngress,
©2014.
|
| Temas: | |
| Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
MARC
| LEADER | 00000cam a2200000Ia 4500 | ||
|---|---|---|---|
| 001 | OR_ocn880372938 | ||
| 003 | OCoLC | ||
| 005 | 20231017213018.0 | ||
| 006 | m o d | ||
| 007 | cr unu|||||||| | ||
| 008 | 140522s2014 maua ob 000 0 eng d | ||
| 040 | |a UMI |b eng |e pn |c UMI |d OCLCO |d DEBBG |d DEBSZ |d EBLCP |d OCLCO |d OCLCQ |d OCLCO |d OCLCA |d OCLCQ |d COO |d MERUC |d OCLCA |d OCLCF |d CEF |d DEHBZ |d OCLCO |d OCLCA |d OCLCQ |d OCLCA |d AU@ |d OCLCQ |d OCLCO |d OCL |d OCLCQ |d OCLCO | ||
| 019 | |a 877770398 |a 966358602 | ||
| 020 | |a 9780128006191 | ||
| 020 | |a 0128006196 | ||
| 020 | |a 0128006048 | ||
| 020 | |a 9780128006047 | ||
| 020 | |z 9780128006047 | ||
| 029 | 1 | |a DEBBG |b BV042032533 | |
| 029 | 1 | |a DEBBG |b BV043608789 | |
| 029 | 1 | |a DEBSZ |b 414180038 | |
| 029 | 1 | |a DEBSZ |b 431671648 | |
| 029 | 1 | |a GBVCP |b 882730002 | |
| 035 | |a (OCoLC)880372938 |z (OCoLC)877770398 |z (OCoLC)966358602 | ||
| 037 | |a CL0500000429 |b Safari Books Online | ||
| 050 | 4 | |a TK5105.59 |b .S66 2014 | |
| 082 | 0 | 4 | |a 005.8 |
| 049 | |a UAMI | ||
| 100 | 1 | |a Sood, Aditya K. | |
| 245 | 1 | 0 | |a Targeted cyber attacks : |b multi-staged attacks driven by exploits and malware / |c Aditya K. Sood, Richard Enbody ; technical editor Peter Loshin. |
| 246 | 3 | 0 | |a Multi-staged attacks driven by exploits and malware |
| 260 | |a Waltham, MA : |b Syngress, |c ©2014. | ||
| 300 | |a 1 online resource (1 volume) : |b illustrations | ||
| 336 | |a text |b txt |2 rdacontent | ||
| 337 | |a computer |b c |2 rdamedia | ||
| 338 | |a online resource |b cr |2 rdacarrier | ||
| 588 | 0 | |a Online resource; title from title page (Safari, viewed May 6, 2014). | |
| 504 | |a Includes bibliographical references. | ||
| 505 | 0 | |a Front Cover; Targeted Cyber Attacks; Copyright Page; A Few Words About Targeted Cyber Attacks; Contents; Acknowledgments; About the Authors; Overview; 1 Introduction; References; 2 Intelligence Gathering; 2.1 Intelligence Gathering Process; 2.2 OSINT, CYBINT, and HUMINT; 2.3 OSNs: A Case Study; References; 3 Infecting the Target; 3.1 Elements Used in Incursion; 3.2 Model A: Spear Phishing Attack: Malicious Attachments; 3.3 Model B: Spear Phishing Attack: Embedded Malicious Links; 3.4 Model C: Waterholing Attack; 3.5 Model D: BYOD as Infection Carriers: USB. | |
| 505 | 8 | |a 3.6 Model E: Direct Incursion: Network ExploitationReferences; 4 System Exploitation; 4.1 Modeling Exploits in Targeted Attacks; 4.2 Elements Supporting System Exploitation; 4.2.1 Browser Exploit Packs (BEPs); 4.2.2 Zero-Day Vulnerabilities and Exploits; 4.3 Defense Mechanisms and Existing Mitigations; 4.4 Anatomy of Exploitation Techniques; 4.4.1 Return-to-Libc Attacks; 4.4.2 Return-oriented Programming; 4.4.3 Attacking DEP and ASLR; 4.4.4 Digging Inside Info Leak Vulnerabilities; 4.5 Browser Exploitation Paradigm; 4.6 Drive-By Download Attack Model; 4.6.1 Compromising a Web Site/Domain. | |
| 505 | 8 | |a 4.6.2 Infecting a Web Site4.6.3 Hosting BEPs and Distributing Links; 4.6.4 Fingerprinting the User Environment; 4.6.5 Attacking Heap-Model of Exploitation; 4.6.6 Heap Spraying; 4.6.7 Heap Feng Shui/Heap Massage; 4.7 Stealth Malware Design and Tactics; 4.7.1 Hooking; 4.7.2 Bypassing Static and Dynamic Detection Mechanisms; References; 5 Data Exfiltration Mechanisms; 5.1 Phase 1: Data Gathering Mechanisms; 5.2 Phase 2: Data Transmission; References; 6 Maintaining Control and Lateral Movement; 6.1 Maintaining Control; 6.1.1 Deploying BackConnect Servers; 6.1.2 Local Privilege Escalation. | |
| 505 | 8 | |a 6.2 Lateral Movement and Network Reconnaissance6.2.1 Information Reuse Attacks; 6.2.1.1 Credentials Dumping; 6.2.1.2 Pass-the-Hash Attack Model; 6.2.2 File Sharing Services (Shared Access); 6.2.3 Batch Scripting: Command Execution and Scheduling; 6.2.4 USB Spreading; References; 7 Why Targeted Cyber Attacks Are Easy to Conduct?; 7.1 Step 1: Building Targeted Attack Infrastructure; 7.2 Step 2: Exploring or Purchasing Stolen Information About Targets; 7.3 Step 3: Exploits Selection; 7.4 Step 4: Malware Selection; 7.5 Step 5: Initiating the Attack; 7.6 Role of Freely Available Tools; References. | |
| 505 | 8 | |a 8 Challenges and Countermeasures8.1 Real-Time Challenges; 8.1.1 Persisting False Sense of Security; 8.1.2 Myths About Malware Infections and Protection; 8.2 Countermeasures and Future Developments; 8.2.1 Building a Strong Response Plan; 8.2.2 End System Security; 8.2.3 User Centric Security; 8.2.4 Network Level Security; 8.2.5 Security Assessment and Patch Management; 8.2.6 Next-generation Defenses; References; 9 Conclusion; References; Abbreviations. | |
| 520 | |a Cyber-crime increasingly impacts both the online and offline world, and targeted attacks play a significant role in disrupting services in both. Targeted attacks are those that are aimed at a particular individual, group, or type of site or service. Unlike worms and viruses that usually attack indiscriminately, targeted attacks involve intelligence-gathering and planning to a degree that drastically changes its profile. Individuals, corporations, and even governments are facing new threats from targeted attacks. Targeted Cyber Attacks examines real-world examples of dir. | ||
| 590 | |a O'Reilly |b O'Reilly Online Learning: Academic/Public Library Edition | ||
| 650 | 0 | |a Computer networks |x Security measures. | |
| 650 | 0 | |a Cyberspace |x Security measures. | |
| 650 | 0 | |a Computer crimes |x Prevention. | |
| 650 | 6 | |a Réseaux d'ordinateurs |x Sécurité |x Mesures. | |
| 650 | 7 | |a Cyberspace |x Security measures |2 fast | |
| 650 | 7 | |a Computer crimes |x Prevention |2 fast | |
| 650 | 7 | |a Computer networks |x Security measures |2 fast | |
| 650 | 7 | |a Internetkriminalität |2 gnd | |
| 650 | 7 | |a Malware |2 gnd | |
| 700 | 1 | |a Enbody, Richard J. | |
| 776 | 0 | 8 | |i Print version: |a Sood, Aditya. |t Targeted Cyber Attacks : Multi-staged Attacks Driven by Exploits and Malware. |d Burlington : Elsevier Science, ©2014 |z 9780128006047 |
| 856 | 4 | 0 | |u https://learning.oreilly.com/library/view/~/9780128006047/?ar |z Texto completo (Requiere registro previo con correo institucional) |
| 938 | |a EBL - Ebook Library |b EBLB |n EBL1673591 | ||
| 994 | |a 92 |b IZTAP | ||