Security First Books

The Complete Guide to Security Testing by Justin Peltier

Posted by admin on January 20th, 2010

Explains how an effective security testing strategy can be implemented to protect an IT infrastructure from internal or external attack. This book offers details of testing techniques, such as assessments, penetration tests, anticipating security breeches, and formats for preparing reports at the conclusion of testing.

It is a common belief that the use of commercial vulnerability scanning tools is all that is required to determine whether an IT infrastructure is secure. Unfortunately, due to the evolving nature of Internet-based malicious input, this is no longer true. This book explains how an effective security testing strategy can be implemented to protect an IT infrastructure from internal or external attack. Details of testing techniques, such as assessments, penetration tests, anticipating security breeches, and formats for preparing reports at the conclusion of testing are all covered. In addition, the text helps prepare IT security management professionals for the Certified Ethical Hacker Exam.

Microsoft responds to international criticism of Internet Explorer and advises that upgrade to IE8 is the best tactic

Posted by admin on January 19th, 2010

Microsoft has hit back at criticism by French and German cyber security offices over vulnerabilities in its Internet Explorer browser.

Over the past few days, the German Bundesamt für Sicherheit in der Informationstechnik and the French CERTA (Centre d’Expertise Gouvernemental de Réponse et de Traitement des Attaques informatique) have issued advisories recommending users temporarily ‘switch to an alternative browser while waiting for Microsoft’s patch’.

Roadmap to Information Security For IT and Infosec Managers

Posted by admin on November 20th, 2009

This is the latest book from Cengage Learning on Roadmap to Information Security: For IT and Infosec Managers.

Gizmodo, world’s biggest gadget website, hit by malware in ad

Posted by admin on October 29th, 2009

Charles Arthur at the Guardian reports that “Hackers have been running viruses hidden in adverts on the world’s biggest gadget website, Gizmodo, which receives more than 3m visitors per day, the site’s editor warned on Tuesday.

Gizmodo says the ‘malware’ was on its site ‘for a little while last week’. Its announcement did not specify the nature of the problem, but some attacks are now able to infect some Windows machines simply when an advert is viewed. Others flash up warnings that encourage people to download and pay for programs that claim to protect them from fake viruses.”

The Web: An Unprecedented Challenge for Security Services

Posted by admin on June 7th, 2009

Ex-spy chief Sir David Pepper has told BBC Two programme Who’s Watching You? the web presents an unprecedented challenge for the intelligence services.

In his first broadcast television interview, the former director of listening service GCHQ says it has a major bearing on the way suspected terrorists are monitored.

Security by Lucia Zedner

Posted by admin on May 19th, 2009

Just a decade ago security had little claim to criminological attention. Today a combination of disciplinary paradigm shifts, policy changes, and world political events have pushed security to the forefront of the criminological agenda. Distinctions between public safety and private protection, policing and security services, national and international security are being eroded. Post-9/11 the pursuit of security has been hotly debated not least because countering terrorism raises the stakes and licenses extraordinary measures.

Security has become a central plank of public policy, a topical political issue, and lucrative focus of private venture but it is not without costs, problems, and paradoxes. As security governs our lives, governing security become a priority. This book provides a brief, authoritative introduction to the history of security from Hobbes to the present day and a timely guide to contemporary security politics and dilemmas.

It argues that the pursuit of security poses a significant challenge for criminal justice practice and values. And it defends security as public good and suggests a framework of principles by which it might better be governed. Engaging with major academic debates in criminology, law, international relations, politics, and sociology, this book stands at the vanguard of interdisciplinary writing on security.

Identity Thieves Arrested – Millions Stolen Through Home-Equity Scams

Posted by admin on March 1st, 2009

Over 11 arrests have been made in both New Jersey and Virginia in related crimes involving global identity theft ring. As if banks, mortgage lenders and home-equity line holders haven’t suffered enough challenges recently, this group has stolen over $10 million through home equity scams. The identity theft ring hijacked home-equity lines that had been issued to thousands of customers using what has been called a combination of “high-tech equipment and old-fashioned con-artistry.”

Identity Thieves Under Arrest

Recently, three men plead guilty to charges of conspiracy to commit bank fraud in the U.S. District Court for the Eastern District of Virginia. Authorities say over $10 million was involved.

This week four more men (four were charged earlier this year) were charged in New Jersey’s U.S. District Court. The identity thieves in this case scammed several credit unions and banks into wiring over $2.5 million from home-equity lines to members of a fraud ring in China, South Korea, Vietnam, Japan and Canada.

The Equity-Line Transfer Scam: The Targets, The Identity Theft and the Phone Tag

This criminal ring targeted people with good credit who had large but untapped home-equity lines of credit.

How did they steal the victims’ identities?

The identity thieves used:

• public records, such as property deeds and mortgages
• internet databases to obtain credit reports.
• fee based internet databases to find documents that provided birthdates, social security numbers and mother’s maiden names (which is a common security question answer)

Once armed with the victims’ personal information the identity theft ring acknowledges that they used a variety of technologies to avoid exposing their phone numbers when calling banks including caller-ID spoofs, prepaid cell phones and PC wireless phones. In at least one case Hakeem Olokodana allegedly called Verizon, posing as a victim and complaining of phone problems. He finally persuaded Verizon to forward all incoming calls to a separate number so when the bank returned the “customers” call, they would reach Olokodana.

Verizon spokesman Eric Rabe admits that they are a “frequent target of these kinds of attacks” and adds “we certainly have lots of measures in place to prevent this sort of thing.” Remember, however that the criminals had already accessed so much personal information that they would easily pass any security question test.

Protect Your Identity and Your Home-Equity Line

According to New Jersey U.S. Attorney Christopher J. Christie, “”Home-equity lines of credit are an expanding front in the battle against mortgage fraud. Homeowners should carefully review their statements to make sure their hard-earned equity is not disappearing from under their noses.”

Many customers with good credit apply for and are issued a home-equity line of credit that they don’t intend to use right away. For many, it is a “just in case I need it” cushion that they enjoy having in place.

The Credit Union Information Security Professionals Association claims a number of credit unions have beefed up security in response to an increase in home-equity fraud, but those precautions have come with their own drawbacks including longer call times to customer service and legitimate customers who fail the security questions.

Anne Wallace, president of the Identity Theft Assistance Center, a nonprofit industry group, said properly training bank employees to detect fraud is critical but customers should also protect themselves by getting the free copies of credit reports and keeping an eye on bank statements.

If you have been approved for a home-equity line, take Wallace’s advice and make sure you check your credit reports and open and review your statements regularly. You take measures to keep thieves out of your home, take steps to keep them out of your home-equity line too.

Lisa Carey is a contributing author for Identity Theft Secrets: prevention and protection. You can get tips on Identity theft protection, software, and monitoring your credit as well as learn more about the secrets used by identity thieves at the Identity Theft Secrets blog.

CCTV: networking and digital technology By Vlado Damjanovski

Posted by admin on June 7th, 2005

CCTV has witnessed a technological leap – using digital imaging techniques and the Internet.

The new edition of this enterprise level reference book retains the particulars that made the first edition such a success, including details of CCD cameras, lenses, coaxial cables, fiber-optics, and system design, but has been expanded to cover video compression techniques used in the ever increasing assortment of digital video recorders (DVRs). It also attempts to clarify data networking.

The theory section details various compression techniques, such as MPEG-1, MPEG-2, JPEG, Wavelet, H.261/263, JPEG-2000, MPEG-4, etc. Networking is also a new and unknown area for many CCTV installers and this is explained in a brand new section.
The challenge of selecting the right system from such a wide variety of new technologies available in CCTV has been compounded by the advent of DVRs.

This new edition of the book CCTV attempts to demystify DVR technology.

- Covers brand new digital video recorder (DVR) compression techniques, image quality, measuring and networking
- Fully illustrated with dozens of photographs, tables, checklists, charts, diagrams and instructions
- Encompasses CCTV standards for U.S., Europe, and Australia