Cameron H. Malin - Böcker

Linux Malware Incident Response is a "first look" at the Malware Forensics Field Guide for Linux Systems, exhibiting the first steps in investigating Linux-based incidents. The Syngress Digital Forensics Field Guides series includes companions for any digital and computer forensic investigator and analyst. Each book is a "toolkit" with checklists for specific tasks, case studies of difficult situations, and expert analyst tips. This compendium of tools for computer forensics analysts and investigators is presented in a succinct outline format with cross-references to supplemental appendices. It is designed to provide the digital investigator clear and concise guidance in an easily accessible format for responding to an incident or conducting analysis in a lab. Presented in a succinct outline format with cross-references to included supplemental components and appendices Covers volatile data collection methodology as well as non-volatile data collection from a live Linux system Addresses malware artifact discovery and extraction from a live Linux system

Deception in the Digital Age: Exploiting and Defending Human Targets Through Computer-Mediated Communication guides readers through the fascinating history and principles of deception-and how these techniques and stratagems are now being effectively used by cyber attackers. Users will find an in-depth guide that provides valuable insights into the cognitive, sensory and narrative bases of misdirection, used to shape the targeted audience's perceptions and beliefs.

The text provides a detailed analysis of the psychological, sensory, sociological, and technical precepts that reveal predictors of attacks-and conversely postmortem insight about attackers-presenting a unique resource that empowers readers to observe, understand and protect against cyber deception tactics.

Written by information security experts with real-world investigative experience, the text is the most instructional book available on the subject, providing practical guidance to readers with rich literature references, diagrams and examples that enhance the learning process.

Deeply examines the psychology of deception through the lens of misdirection and other techniques used by master magicians Explores cognitive vulnerabilities that cyber attackers use to exploit human targets Dissects the underpinnings and elements of deception narratives Examines group dynamics and deception factors in cyber attacker underground markets Provides deep coverage on how cyber attackers leverage psychological influence techniques in the trajectory of deception strategies Explores the deception strategies used in today's threat landscape-phishing, watering hole, scareware and ransomware attacks Gives unprecedented insight into deceptive Internet video communications Delves into the history and deception pathways of nation-state and cyber terrorism attackers Provides unique insight into honeypot technologies and strategies Explores the future of cyber deception

Synthetic Media, Deepfakes, and Cyber Deception: Attacks, Analysis, and Defenses introduces the only analytical Synthetic Media Analysis Framework (SMAF) to help describe cyber threats and help security professionals anticipate and analyze attacks. This framework encompasses seven dimensions: Credibility, Control, Medium, Interactivity, Familiarity, Intended Target, and Evocation. Synthetic media is a broad term that encompasses the artificial manipulation, modification, and production of information, covering a spectrum from audio-video deepfakes to text-based chatbots. Synthetic media provides cyber attackers and scammers with a game-changing advantage over traditional ROSE attacks because they have the potential to convincingly impersonate close associates through text, imagery, voice, and video. This burgeoning threat has yet to be meaningfully addressed through any written treatment on the topic. The book is co-authored by three cyber influence and deception experts who have gained deep knowledge and experience on the topic through diverse, true operational pathways and backgrounds. The diversity and perspectives of the author team makes the content in the book the broadest and deepest treatment of synthetic media attacks available to readers.

Introduces the authors’ Synthetic Media Assessment Framework (SMAF) to effectively and efficiently analyze threats based on discrete criteriaCovers case examples to contextualize threats and assess them through the SMAFProvides end-of-chapter questions to re-affirm knowledge of the audienceIncludes a SMAF Analysis worksheet for tactical use in assessing threats

Malware Forensics: Investigating and Analyzing Malicious Code covers the complete process of responding to a malicious code incident. Written by authors who have investigated and prosecuted federal malware cases, this book deals with the emerging and evolving field of live forensics, where investigators examine a computer system to collect and preserve critical live data that may be lost if the system is shut down. Unlike other forensic texts that discuss live forensics on a particular operating system, or in a generic context, this book emphasizes a live forensics and evidence collection methodology on both Windows and Linux operating systems in the context of identifying and capturing malicious code and evidence of its effect on the compromised system. It is the first book detailing how to perform live forensic techniques on malicious code.

The book gives deep coverage on the tools and techniques of conducting runtime behavioral malware analysis (such as file, registry, network and port monitoring) and static code analysis (such as file identification and profiling, strings discovery, armoring/packing detection, disassembling, debugging), and more. It explores over 150 different tools for malware incident response and analysis, including forensic tools for preserving and analyzing computer memory. Readers from all educational and technical backgrounds will benefit from the clear and concise explanations of the applicable legal case law and statutes covered in every chapter. In addition to the technical topics discussed, this book also offers critical legal considerations addressing the legal ramifications and requirements governing the subject matter.

This book is intended for system administrators, information security professionals, network personnel, forensic examiners, attorneys, and law enforcement working with the inner-workings of computer memory and malicious code.

Winner of Best Book Bejtlich read in 2008! http://taosecurity.blogspot.com/2008/12/best-book-bejtlich-read-in-2008.html Authors have investigated and prosecuted federal malware cases, which allows them to provide unparalleled insight to the reader First book to detail how to perform "live forensic" techniques on malicous code In addition to the technical topics discussed, this book also offers critical legal considerations addressing the legal ramifications and requirements governing the subject matter