Hacking the Holidays! Computer Security Book Gift Ideas

Santa Hacker 2

Got a computer security guru on your shopping list and don’t know what to get them? Or tired of getting socks and sweaters for Christmas and want something you can really use? We have put together a list of some of the best selling security books for 2014!

Check out these excellent computer security books:

 

Basic Security Testing Kali LinuxBasic Security Testing with Kali Linux

Great book for those new to the security field or seasoned expert looking for a reference guide. Learn computer security testing with easy to follow, step-by-step tutorials using Kali Linux. In-depth sections on Metasploit,  Exploiting Windows and Linux Systems, Wi-Fi security testing, Social Engineering attacks and much more. If you are looking for a security book to get you started in the field, this is it!

 

Red Team Field Manual 1RTFM: Red Team Field Manual

A no fluff, but thorough reference guide for serious Red Team members who routinely find themselves on a mission without Google or the time to scan through a man page. The RTFM contains the basic syntax for commonly used Linux and Windows command line tools, but it also encapsulates unique use cases for powerful tools such as Python and Windows PowerShell.

 

 

Black Hat PythonBlack Hat Python: Python Programming for Hackers and Pentesters

A follow-up to the perennial best-seller Gray Hat Python, Justin Seitz’s Black Hat Python explores the darker side of Python’s capabilities—writing network sniffers, manipulating packets, infecting virtual machines, creating stealthy trojans, extending the popular web hacking tool Burp Suite, and more.

 

 

Art of Memory ForensicsThe Art of Memory Forensics

Memory forensics provides cutting edge technology to help investigate digital attacks Memory forensics is the art of analyzing computer memory (RAM) to solve digital crimes. Experts in the fields of malware, security, and digital forensics bring you a step-by-step guide to memory forensics-now the most sought after skill in the digital forensics and incident response fields.

 

Hacker PlaybookThe Hacker Playbook: Practical Guide To Penetration Testing

Just as a professional athlete doesn’t show up without a solid game plan, ethical hackers, IT professionals, and security researchers should not be unprepared, either. The Hacker Playbook provides them their own game plans. Written by a longtime security professional and CEO of Secure Planet, LLC, this step-by-step guide to the “game” of penetration hacking features hands-on examples and helpful advice.

 

Looking for more ideas?

We hope you enjoyed the list, have a great Holiday season!

 

Advertisements

The Navy’s latest Ship falls to Red Team Hackers

/Users/Photo2/Desktop/IPTC.IPT

The Littoral Combat Ship (LCS), one of the Navy’s newest ships, has cyber vulnerabilities, a Navy Red Team testing group discovered during a recent security assessment.

LCS is a class of warships designed to flex military power close in to shore.The ships were made to be easily configured for several roles including recon & intelligence gathering, anti-surface & anti-submarine warfare, and mine countermeasure operations. Each vessel is capable of sprint speeds over 40 knots and has a range of over 3,500 miles.

The class flagship, the USS Freedom (shown below in a Lockheed Martin Promotional video), was tested for computer system exploits and found vulnerable.

The USS Freedom’s computer system was successfully compromised by  Navy hackers in the penetration test. According to an anonymous Navy official.We do these types of inspections across the fleet to find individual vulnerabilities, as well as fleet-wide trends,” the official stated. 

The Pentagon’s director of weapons testing “recommended those vulnerabilities be remediated without delay.” and rest assured, the Navy is moving to fix the issues as soon as possible.

The vulnerability is not serious enough to delay the ship’s current deployment.


Iran Practices Cyber Defense During Naval Drills

Iran Rear Admiral Rastegari

For the first time, Iranian Naval forces included a cyber attack scenario during maritime military drills. According to Iran’s Press TV, their Navy’s Cyber Defense group successfully detected and blocked a simulated attack against navy systems.

During six days of simulated naval defense drills, called Velayat 91, Iranian ships practiced defending coastal waters against suspected invasion tactics. Though not mentioned, the drills were obviously intended to give Iran’s navy practice against a possible attack by American warships.

But this year, the drills included a cyber war scenario putting their Naval Cyber Defense group through the paces. Iran’s Rear Admiral Amir Rastegari told reporters that during the drill, aggressive forces launched a cyber attack against the computer network of defensive forces in order to infiltrate the network and hack information or spread viruses.

According to Admiral Rastegari, the Navy’s Cyber Defense is tasked with monitoring all naval system and detects “all cyber infiltration and immediately takes necessary measures to counter them.

And apparently the group successfully stop the simulated red team attack.

But after how successful Stuxnet was in the past, I am curious how well the group would do against a real American cyber attack. Especially attacks that would likely coincide with other forms of electronic warfare and include the full force of American sea, air and land units if we did invade.