Hacking: The Next Generation
by Zeljka Zorz - Wednesday, 6 January 2010.
Authors: Nitesh Dhanjani, Billy Rios and Brett Hardin
Pages: 296
Publisher: O'Reilly
ISBN: 0596154577



Introduction

We have all been witnessing new kinds of attacks emerging thanks to new technologies and ways of using our computers and networks. The use of social media, an increasingly mobile workforce, cloud computing - these are just a few of the latest trends that increase the possibility of being breached. This book explains them all and gives you insight into the techniques and mindset of today's attackers.

About the authors

Nitesh Dhanjani is a well known information security researcher and speaker. He is the author of many books about hacking and computer security, and is Senior Manager in the Advisory practice At Ernst and Young.

Billy Rios is a security engineer and used to be a penetration tester for both VeriSign and Ernst and Young. He made his living by outsmarting security teams, bypassing security measures, and demonstrating the business risk of security exposures.

Brett Hardin is a Security Research Lead with McAfee. Before that, he was a penetration tester for Ernst and Young's Advanced Security Center assessing web application and intranet security for Fortune 500 companies.

Inside the book

If there is one adjective that fits all successful cyber attackers, it's "resourceful". They dig up information through any means they can find and use it effectively to reach their goal. Whether the reason behind the attack is vengeance, fame, political or plain, old fashion greed, they always seem to be one step ahead of the defenders.

But, that is not exactly true - for every attack that succeeds, there are hundreds or thousands that fail. And most of the time, they fail because they have come up against people who have knowledge about which attack vectors are likely to be deployed against a network and then securing it against them.

This book covers a lot of ground. It starts with enlightening us about the myriad of ways an attacker can gather information needed to execute the attack: dumpster giving, social engineering, scouring the social networks for information, etc.

Everyone should be made aware that the old division between trusted and untrusted zones and individuals can no longer be applied, that network protocols offer many dangers because they are were not built with security in mind and that every application has at least one vulnerability that can be exploited. It is not necessary for everyone to know how to fix these problems, but in this case, a little paranoia goes a long way.

There are all these helpful and wonderful tools and technologies out there, and we use them every day to work and play and run errands. This book gives us an insight into all the bad things that can happen - so that we can make sure they don't.

Final thoughts

Hacking: The Next Generation is an extremely thorough, enjoyable and easy read. The authors aimed the book at anyone interested in learning the techniques that attackers use presently. I would say that it should be read by everybody whose work depends on computers - well, at least some of the chapters.

It says everything it should without the endless repeating and rephrasing so that readers would understand the concept, because it was so clearly explained the first time. This is a book that will get and keep your attention, and a must-read book for everyone dealing with computer and information security.



Spotlight

Staples customers likely the latest victims of credit card breach

Posted on 21 October 2014.  |  Multiple banks say they have identified a pattern of credit and debit card fraud suggesting that several Staples Inc. office supply locations in the Northeastern United States are currently dealing with a data breach.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Oct 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //