»
Seven Deadliest USB Attacks
 
 

Seven Deadliest USB Attacks, 1st Edition

 
Seven Deadliest USB Attacks, 1st Edition,Brian Anderson,Barbara Anderson,ISBN9781597495530
 
 
Up to
25%
off
 

  &      

Syngress

9781597495530

9781597495547

256

235 X 191

Know what you are up against; discover what the deadliest USB attacks are and how to defend against them!

Print Book + eBook

USD 31.14
USD 51.90

Buy both together and save 40%

Print Book

Paperback

In Stock

Estimated Delivery Time
USD 20.21
USD 26.95

eBook
eBook Overview

VST format:

DRM Free included formats: EPub, Mobi, PDF

USD 18.71
USD 24.95
Add to Cart
 
 

Key Features

  • Knowledge is power, find out about the most dominant attacks currently waging war on computers and networks globally
  • Discover the best ways to defend against these vicious attacks; step-by-step instruction shows you how
  • Institute countermeasures, don’t be caught defenseless again, and learn techniques to make your computer and network impenetrable

Description

Seven Deadliest USB Attacks provides a comprehensive view of the most serious types of Universal Serial Bus (USB) attacks. While the book focuses on Windows systems, Mac, Linux, and UNIX systems are equally susceptible to similar attacks. The book consists of seven chapters that cover the following: (i) USB Hacksaw; (ii) the USB Switchblade; (iii) viruses and malicious codes; (iv) USB-based heap overflow; (v) the evolution of forensics in computer security; (vi) pod slurping; and (vii) the human element of security, including the risks, rewards, and controversy surrounding social-engineering engagements. This book was written to target a vast audience including students, technical staff, business leaders, or anyone seeking to understand fully the removable-media risk for Windows systems. It provides the tools, tricks, and detailed instructions necessary to reconstruct and mitigate these activities while peering into the risks and future aspects surrounding the respective technologies. The attacks outlined in this book are intended for individuals with moderate Microsoft Windows proficiency.

Readership

Information security professionals of all levels; web application developers; recreational hackers

Brian Anderson

Brian Anderson started his security career as a USMC Military Police officer. During his tour in the USMC Brian also served as an instructor for weapons marksmanship, urban combat, building entry techniques and less than lethal munitions. He also took part in the Somalia humanitarian efforts and several training engagements in the Middle East. Brian’s technical experience began when he joined EDS where he became part of a leveraged team and specialized in infrastructure problem resolution, disaster recovery and design and security. His career progression was swift carrying him through security engineering and into architecture where he earned a lead role. Brian was a key participant in many high level security projects driven by HIPAA, PCI, SOX, FIPS and other regulatory compliance which included infrastructure dependent services, multi-tenant directories, IdM, RBAC, SSO, WLAN, full disk and removable media encryption, leveraged perimeter design and strategy. He has earned multiple certifications for client, server and network technologies. Brian has written numerous viewpoint and whitepapers for current and emerging technologies and is a sought out expert on matters of security, privacy and penetration testing. Brian is an avid security researcher with expertise in reverse engineering focusing on vulnerabilities and exploits and advising clients on proper remediation.

Affiliations and Expertise

An avid security researcher with expertise in reverse engineering focusing on vulnerabilities and exploits and advising clients on proper remediation.

Barbara Anderson

Barbara Anderson has worked in the information technology industry as a network and server security professional for over eleven years. During that time, she has been acting as a senior network security engineer who provides consulting and support for all aspects of network and security design. Barbara comes from a strong network security background and has extensive experience in enterprise design, implementation and life-cycle management. Barbara proudly served her country for over four years in the United States Air force and has enjoyed successful positions at EDS, SMU, Fujitsu, ACS and Fishnet Security. These experiences and interactions have allowed her to become an expert in enterprise security, product deployment and training.

Affiliations and Expertise

CCSP, CISSP, CCNP, CCDP

Seven Deadliest USB Attacks, 1st Edition


About the Authors

Introduction

Chapter 1 USB Hacksaw

    Sharing Away Your Future

    Anatomy of the Attack

         Universal Serial Bus

         U3 and Flash Drive CD-ROM Emulation

         Inside the Hacksaw Attack

         Hacksaw Removal

    What Is the Big Deal?

         Regulators, Mount Up

    Evolution of the Portable Platform

         Portable Platforms

         Hacksaw Development

    Defending against This Attack

    Summary

    Endnotes

Chapter 2 USB Switchblade

    Passing Grades

    Inside the Switchblade

         Switchblade Tool Summaries

         Switchblade Assembly

    Why Should I Care?

    Evolving Aspects

         Privilege Elevation

    Defensive Techniques

         System Execution Prevention and USB Antidote

         Biometrics and Token Security

         Password Protection Practices

         Windows Group Policy Options

         Browser Settings and Screen Savers

    Summary

Chapter 3 USB-Based Virus/Malicious Code Launch

    Invasive Species among Us

         An Uncomfortable Presentation

    Anatomy of the Attack

         Malicious Code Methodologies

         Autorun

         How to Recreate the Attack

    Evolution of the Attack

    Why All the Fuss?

         Botnets

         Distributed Denial-of-Service Attacks

         E-mail Spamming

         Infecting New Hosts

         Identity Theft

         Transporting Illegal Software

         Google AdSense and Advertisement Add-On Abuse

    Defending against This Attack

         Antimalware

    Summary

    Endnotes

Chapter 4 USB Device Overflow

    Overflow Overview

    Analyzing This Attack

         Device Drivers

         Going with the Overflow

         USB Development and the Hole in the Heap

    Ever-Present Exposures

    Overflow Outlook

    Defensive Strategies

         Drivers

         Physical Protection Mechanisms

    Summary

    Endnote

Chapter 5 RAM dump

    Gadgets Gone Astray

    Digital Forensic Acquisition Examination

         Computer Online Forensic Evidence Extractor or Detect and Eliminate Computer-Assisted Forensics?

         Memory Gatherings

         Reconstructing the Attack

    Mind Your Memory

    Advancements in Memory Analysis

         ManTech DD

         Additional Analysis Tools

         Future Memories

         The Room with an Evil View

    Hindering the Gatherers

         Security Framework, Programs, and Governance

         Trackers and Remote Management

         BIOS Features

         Trustless Execution Technology and Module Platform

         Enhancing the Encryption Experience

         BitLocker and TrueCrypt

    Summary

    Endnotes

Chapter 6 Pod Slurping

    Attack of the Data Snatchers

    Anatomy of a Slurp

         How to Recreate the Attack

    Risky Business

         Pod Proliferation

    Advancements in This Attack

         Breaking Out of Jobs’ Jail

    Mitigating Measures

         Put Your Clients on a Data Diet

         Hijacking an iPhone

    Summary

    Endnotes

Chapter 7 Social Engineering and USB Come Together for a Brutal Attack

    Brain Games

    Hacking the Wetware

         Reverse Social Engineering

         Penetration of a Vulnerable Kind

    Elevated Hazards

         Legitimate Social Engineering Concerns

    Generations of Influences

         USB Multipass

    Thwarting These Behaviors

         Security Awareness and Training

         Behavioral Biometrics

         Windows Enhancements

    Summary

    Overview

    Endnotes

Index






Quotes and reviews

"Seven Deadliest USB Attacks provides real-world insight into issues a good deal of computer users don't even realize exist. The author's clear voice profiles attack scenarios, tools, as well as mitigation techniques. This book raises the right questions and provides the right answers" - Mirko Zorz, Editor in Chief of Help Net Security and (IN)SECURE Magazine

 
 
Save up to 25% on all Books
Shop with Confidence

Free Shipping around the world
▪ Broad range of products
▪ 30 days return policy
FAQ

Contact Us