Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers
by Andy Greenberg
“In 2014, the world witnessed the start of a mysterious series of cyberattacks. Targeting American utility companies, NATO, and electric grids in Eastern Europe, the strikes grew ever more brazen. They culminated in the summer of 2017, when the malware known as NotPetya was unleashed, penetrating, disrupting, and paralyzing some of the world’s largest businesses—from drug manufacturers to software developers to shipping companies. At the attack’s epicenter in Ukraine, ATMs froze. The railway and postal systems shut down. Hospitals went dark. NotPetya spread around the world, inflicting an unprecedented ten billion dollars in damage—the largest, most destructive cyberattack the world had ever seen.
The hackers behind these attacks are quickly gaining a reputation as the most dangerous team of cyberwarriors in history: a group known as Sandworm. Working in the service of Russia’s military intelligence agency, they represent a persistent, highly skilled force, one whose talents are matched by their willingness to launch broad, unrestrained attacks on the most critical infrastructure of their adversaries. They target government and private sector, military and civilians alike.
A chilling, globe-spanning detective story, Sandworm considers the danger this force poses to our national security and stability. As the Kremlin’s role in foreign government manipulation comes into greater focus, Sandworm exposes the realities not just of Russia’s global digital offensive, but of an era where warfare ceases to be waged on the battlefield. It reveals how the lines between digital and physical conflict, between wartime and peacetime, have begun to blur—with world-shaking implications.”
We Are Bellingcat: Global Crime, Online Sleuths, and the Bold Future of News
by Eliot Higgins
“In 2018, Russian exile Sergei Skripal and his daughter were nearly killed in an audacious poisoning attempt in Salisbury, England. Soon, the identity of one of the suspects was revealed: he was a Russian spy. This huge investigative coup wasn’t pulled off by an intelligence agency or a traditional news outlet. Instead, the scoop came from Bellingcat, the open-source investigative team that is redefining the way we think about news, politics, and the digital future.
We Are Bellingcat tells the inspiring story of how a college dropout pioneered a new category of reporting and galvanized citizen journalists―working together from their computer screens around the globe―to crack major cases, at a time when fact-based journalism is under assault from authoritarian forces. Founder Eliot Higgins introduces readers to the tools Bellingcat investigators use, tools available to anyone, from software that helps you pinpoint the location of an image, to an app that can nail down the time that photo was taken. This book digs deep into some of Bellingcat’s most important investigations―the downing of flight MH17 over Ukraine, Assad’s use of chemical weapons in Syria, the identities of alt-right protestors in Charlottesville―with the drama and gripping detail of a spy novel.”
The Ransomware Hunting Team: A Band of Misfits’ Improbable Crusade to Save the World from Cybercrime
by Renee Dudley and Daniel Golden
“Scattered across the world, an elite team of code crackers is working tirelessly to thwart the defining cyber scourge of our time. You’ve probably never heard of them. But if you work for a school, a business, a hospital, or a municipal government, or simply cherish your digital data, you may be painfully familiar with the team’s sworn enemy: ransomware. Again and again, an unlikely band of misfits, mostly self-taught and often struggling to make ends meet, have outwitted the underworld of hackers who lock computer networks and demand huge payments in return for the keys.
The Ransomware Hunting Team traces the adventures of these unassuming heroes and how they have used their skills to save millions of ransomware victims from paying billions of dollars to criminals. Working tirelessly from bedrooms and back offices, and refusing payment, they’ve rescued those whom the often hapless FBI has been unwilling or unable to help. Foremost among them is Michael Gillespie, a cancer survivor and cat lover who got his start cracking ransomware while working at a Nerds on Call store in the town of Normal, Illinois. Other teammates include the brilliant, reclusive Fabian Wosar, a high school dropout from Germany who enjoys bantering with the attackers he foils, and his protégé, the British computer science prodigy Sarah White. Together, they have established themselves as the most effective force against an escalating global threat. This book follows them as they put their health, personal relationships, and financial security on the line to navigate the technological and moral challenges of combating digital hostage taking.
Urgent, uplifting, and entertaining, Renee Dudley and Daniel Golden’s The Ransomware Hunting Team is a real-life technological thriller that illuminates a dangerous new era of cybercrime.”
Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency
by Andy Greenberg
“Over the last decade, a single innovation has massively fueled digital black markets: cryptocurrency. Crime lords inhabiting lawless corners of the internet have operated more freely—whether in drug dealing, money laundering, or human trafficking—than their analog counterparts could have ever dreamed of. By transacting not in dollars or pounds but in currencies with anonymous ledgers, overseen by no government, beholden to no bankers, these black marketeers have sought to rob law enforcement of their chief method of cracking down on illicit finance: following the money.
But what if the centerpiece of this dark economy held a secret, fatal flaw? What if their currency wasn’t so cryptic after all? An investigator using the right mixture of technical wizardry, financial forensics, and old-fashioned persistence could uncover an entire world of wrongdoing.
Tracers in the Dark is a story of crime and pursuit unlike any other. With unprecedented access to the major players in federal law enforcement and private industry, veteran cybersecurity reporter Andy Greenberg tells an astonishing saga of criminal empires built and destroyed. He introduces an IRS agent with a defiant streak, a Bitcoin-tracing Danish entrepreneur, and a colorful ensemble of hardboiled agents and prosecutors as they delve deep into the crypto-underworld. The result is a thrilling, globe-spanning story of dirty cops, drug bazaars, trafficking rings, and the biggest takedown of an online narcotics market in the history of the Internet.
Utterly of our time, Tracers in the Dark is a cat-and-mouse story and a tale of a technological one-upmanship. Filled with canny maneuvering and shocking twists, it answers a provocative question: How would some of the world’s most brazen criminals behave if they were sure they could never get caught?”
The Breach: The Untold Story of the Investigation into January 6th
by Denver Riggleman
“Make no mistake: modern information warfare is here and January 6th was just the first battle. That day, an unhinged mindset led to an attack on the Capitol, the most serious assault on American democracy since the end of the Civil War. And that thinking portends even darker days ahead.
In The Breach, a former House Republican and the first member of Congress to sound the alarm about QAnon, Denver Riggleman, provides readers with an unprecedented behind-the-scenes look at the January 6th select committee’s investigation. Riggleman, who joined the committee as senior technical advisor after he was asked to help, lays out the full intent and scope of the plot to overturn the election. The book includes previously unpublished texts from key political leaders. And it also contains shocking details about the Trump White House’s links to militant extremist groups―even during the almost-eight-hour period on January 6th when the White House supposedly had no phone calls. The man responsible for unearthing Mark Meadows’s infamous texts shows how data analysis shapes the contours of our new war, telling how the committee uncovered many of its explosive findings and sharing revealing stories from his time in the Trump-era GOP.
With unique insights from within the far-right movement and from the front lines of the courageous team investigating it, Riggleman shows how our democracy is balanced on a knife’s edge between disinformation and truth. Here is a revelatory peek at the inner workings of the January 6th committee and a clear-eyed look at the existential threats facing our republic―and a blueprint for how America can fight to survive the darkest night before the dawn.”
The Art of Invisibility
by Kevin Mitnick
“In this explosive yet practical book, Kevin Mitnick illustrates what is happening without your knowledge–and he teaches you “the art of invisibility.” Mitnick is the world’s most famous–and formerly the Most Wanted–computer hacker. He has hacked into some of the country’s most powerful and seemingly impenetrable agencies and companies, and at one point he was on a three-year run from the FBI.
In The Art of Invisibility Mitnick provides both online and real-life tactics and inexpensive methods to protect you and your family, in easy step-by-step instructions. He even talks about more advanced “elite” techniques, which, if used properly, can maximize your privacy. Invisibility isn’t just for superheroes–privacy is a power you deserve and need in this modern age.”
Ghost in the Wires
by Kevin Mitnick
“Ghost in the Wires is a thrilling true story of intrigue, suspense, and unbelievable escape, and a portrait of a visionary whose creativity, skills, and persistence forced the authorities to rethink the way they pursued him, inspiring ripples that brought permanent changes in the way people and companies protect their most sensitive information.”
Cyber Wars: Hacks that Shocked the Business World
by Charles Arthur
“Cyber Wars gives you the dramatic inside stories of some of the world’s biggest cyber attacks. These are the game changing hacks that make organizations around the world tremble and leaders stop and consider just how safe they really are. Charles Arthur provides a gripping account of why each hack happened, what techniques were used, what the consequences were and how they could have been prevented. Cyber attacks are some of the most frightening threats currently facing business leaders and this book provides a deep insight into understanding how they work, how hackers think as well as giving invaluable advice on staying vigilant and avoiding the security mistakes and oversights that can lead to downfall. No organization is safe but by understanding the context within which we now live and what the hacks of the future might look like, you can minimize the threat.”
Practical Mobile Forensics
by Rohit Tamma, Oleg Sulkin, Heather Mahalik, and Satish Bommisetty
“The book focuses on teaching you the latest forensic techniques to investigate mobile devices across various mobile platforms. You will learn forensic techniques for multiple OS versions, including iOS 11 to iOS 13, Android 8 to Android 10, and Windows 10. The book then takes you through the latest open source and commercial mobile forensic tools, enabling you to analyze and retrieve data effectively. From inspecting the device and retrieving data from the cloud, through to successfully documenting reports of your investigations, you’ll explore new techniques while building on your practical knowledge. Toward the end, you will understand the reverse engineering of applications and ways to identify malware. Finally, the book guides you through parsing popular third-party applications, including Facebook and WhatsApp.”
Mobile Forensic Investigations
by Lee Reiber
“Conduct mobile forensic investigations that are legal, ethical, and highly effective using the detailed information contained in this practical guide. Mobile Forensic Investigations: A Guide to Evidence Collection, Analysis, and Presentation, Second Edition fully explains the latest tools and methods along with features, examples, and real-world case studies. Find out how to assemble a mobile forensics lab, collect prosecutable evidence, uncover hidden files, and lock down the chain of custody. This comprehensive resource shows not only how to collect and analyze mobile device data but also how to accurately document your investigations to deliver court-ready documents.”
Seeking the Truth from Mobile Evidence
by John Bair
“Seeking the Truth from Mobile Evidence: Basic Fundamentals, Intermediate and Advanced Overview of Current Mobile Forensic Investigations will assist those who have never collected mobile evidence and augment the work of professionals who are not currently performing advanced destructive techniques. This book is intended for any professional that is interested in pursuing work that involves mobile forensics and is designed around the outcomes of criminal investigations that involve mobile digital evidence. Author John Bair brings to life the techniques and concepts that can assist those in the private or corporate sector.”
by Paul Sanderson
“SQLite is a self-contained SQL database engine that is used on every smartphone (including all iOS and Android devices) and most computers (including all Macs and Windows 10 machines). Each computer or phone using SQLite often has hundreds of SQLite databases and it is estimated that there are over one trillion SQLite databases in active use. Given the above, the importance of examining all of the data held in these databases in an investigation is paramount, and of course this includes examining deleted data whenever possible.In this book we cover the format of the SQLite database, and associated journal and Write-Ahead Logs (WAL) in great detail. We show how records are encoded, how to decode them manually and how to decode records that are partially overwritten. We also describe how the workings of SQLite, and in particular the journal and WAL, can be used to ascertain what has happened in a manner that cannot be determined from the data alone. We cover basic SQL queries and how they can be used to create a custom report that includes data from different tables, and we show how we can use SQL queries to test hypothesises about the relationships of data in different tables.This book is aimed mainly at forensic practitioners, and it is assumed that the reader has some basic knowledge of computer forensics; it will also be of interest to computer professionals in general particularly those who have an interest in the SQLite file format.”
iOS Forensics for Investigators
by Gianluca Tiepolo
“This book is a comprehensive, how-to guide that leads investigators through the process of collecting mobile devices and preserving, extracting, and analyzing data, as well as building a report. Complete with step-by-step explanations of essential concepts, practical examples, and self-assessment questions, this book starts by covering the fundamentals of mobile forensics and how to overcome challenges in extracting data from iOS devices. Once you’ve walked through the basics of iOS, you’ll learn how to use commercial tools to extract and process data and manually search for artifacts stored in database files. Next, you’ll find out the correct workflows for handling iOS devices and understand how to extract valuable information to track device usage. You’ll also get to grips with analyzing key artifacts, such as browser history, the pattern of life data, location data, and social network forensics.”
by Lisa Bock
“This updated second edition of Learn Wireshark starts by outlining the benefits of traffic analysis. You’ll discover the process of installing Wireshark and become more familiar with the interface. Next, you’ll focus on the Internet Suite and then explore deep packet analysis of common protocols such as DNS, DHCP, HTTP, and ARP. The book also guides you through working with the expert system to detect network latency issues, create I/O and stream graphs, subset traffic, and save and export captures. Finally, you’ll understand how to share captures using CloudShark, a browser-based solution for analyzing packet captures.”
Real-World Bug Hunting
by Peter Yaworski
“Real-World Bug Hunting is the premier field guide to finding software bugs. Whether you’re a cyber-security beginner who wants to make the internet safer or a seasoned developer who wants to write secure code, ethical hacker Peter Yaworski will show you how it’s done.
You’ll learn about the most common types of bugs like cross-site scripting, insecure direct object references, and server-side request forgery. Using real-life case studies of rewarded vulnerabilities from applications like Twitter, Facebook, Google, and Uber, you’ll see how hackers manage to invoke race conditions while transferring money, use URL parameter to cause users to like unintended tweets, and more.”
The Art of Memory Forensics
by Michael Hale Ligh, Andrew Case, Jamie Levy, and AAron Walters
“Memory forensics is the art of analyzing computer memory (RAM) to solve digital crimes. As a follow-up to the best seller Malware Analyst’s Cookbook, experts in the fields of malware, security, and digital forensics bring you a step-by-step guide to memory forensics—now the most sought after skill in the digital forensics and incident response fields.
Beginning with introductory concepts and moving toward the advanced, The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory is based on a five day training course that the authors have presented to hundreds of students. It is the only book on the market that focuses exclusively on memory forensics and how to deploy such techniques properly.”
Practical Forensic Imaging
by Bruce Nikkel
“Practical Forensic Imaging takes a detailed look at how to secure and manage digital evidence using Linux-based command line tools. This essential guide walks you through the entire forensic acquisition process and covers a wide range of practical scenarios and situations related to the imaging of storage media.”
MacOS and iOS Internals, Volume 1
by Jonathan Levin
“In this first volume of the “Mac OS and *OS Internals” trilogy, Jonathan Levin takes on the user mode components of Apple’s operating systems. Starting with an introduction as to their layered architecture, touring private frameworks and libraries, and then delving into the internals of applications, process, thread and memory management, Mach messaging, launchd and XPC internals, and wrapping up with advanced debugging and tracing techniques using the most powerful APIs that were hitherto unknown and unused outside Apple’s own applications. As with the other books in this series, the approach taken is that of deep reverse engineering, with plenty of hands-on examples, illustrations, pointers to Apple’s open sources (when available) and decompilation of code (when not). This volume (v1.3) has been expanded with over 15 more pages for Darwin 19 (MacOS 15/iOS13) , with brand new content of MacOS and iOS installation images and procedures. ”
MacOS and iOS Internals, Volume 2
by Jonathan Levin
“In this second volume of the “Mac OS and *OS Internals” trilogy, Jonathan Levin takes on the kernel and hardware aspects of Macs and i-Devices. Starting with an examination of the kernel sources, then going off the beaten path to undocumented portions, especially in the *OS variants. This book explains in detail the various components of XNU – BSD, Mach, platform expert, Kernel Extensions and the IOKit environment. It goes further into memory management (vm_map , pmap and the kernel zone allocator), processes, threads, Mach IPC internals, the Virtual Filesystem Switch, and more. Never before published details about the Apple File System (APFS), Secure Enclave Processor OS (SEPOS), iBoot, Mac EFI and more are explained in meticulous detail and fine illustrations. Numerous experiments allow a hands-on approach, making this invaluable to anyone who wishes to learn more about how the XNU kernel operates – and how to interface with its darkest and most powerful mechanisms.”
Offensive Cyber Operations: Understanding Intangible Warfare
by Daniel Moore
“Cyber-warfare is often discussed, but rarely truly seen. When does an intrusion turn into an attack, and what does that entail? How do nations fold offensive cyber operations into their strategies? Operations against networks mostly occur to collect intelligence, in peacetime. Understanding the lifecycle and complexity of targeting adversary networks is key to doing so effectively in conflict.
Rather than discussing the spectre of cyber war, Daniel Moore seeks to observe the spectrum of cyber operations. By piecing together operational case studies, military strategy and technical analysis, he shows that modern cyber operations are neither altogether unique, nor entirely novel. Offensive cyber operations are the latest incarnation of intangible warfare–conflict waged through non-physical means, such as the information space or the electromagnetic spectrum.
Not all offensive operations are created equal. Some are slow-paced, clandestine infiltrations requiring discipline and patience for a big payoff; others are short-lived attacks meant to create temporary tactical disruptions. This book first seeks to understand the possibilities, before turning to look at some of the most prolific actors: the United States, Russia, China and Iran. Each has their own unique take, advantages and challenges when attacking networks for effect.”
On Cyber: Towards and Operational Art for Cyber Conflict
by Gregory Conti, David Raymond, and John Nelson
“On Cyber is a groundbreaking work that fuses information security and military science to lay the foundation of an operational art for cyberspace operations. Hundreds of books have been written on the tactics of cybersecurity and dozens have been written that discuss the strategic implications of cyber conflict. But missing is a book that links the two. On Cyber fills that gap.
After millennia of conflict, traditional kinetic war fighting is highly refined and captured in mature and vetted military doctrine. Cyber operations, however is constantly evolving and affords tremendous benefits alongside significant challenges. Nations around the world have raced to build cyber organizations and capabilities, but are struggling to employ cyber operations to their benefit. Some have stumbled, while others have had dramatic impact on the battlefield and global geopolitics. At the same time, companies and even individuals are now facing nation state and nation state enabled threat actors in cyberspace while their governments remain apparently powerless to protect them.
Whether you are a network defender or cyber operator, On Cyber is a seminal book and the lessons you learn will help you do your job better. Importantly, network defenders will understand how nation-state threat actors think, organize, operate, and target your organization. Cyber operators will gain a glimpse into the future of cyber doctrine.
The authors are perhaps the best two people to author such an ambitious work, having served on the faculty of West Point for a combined 20 years, participated in military cyber operations and training, helped architect the U.S. Army’s Cyber Branch, and together possess more than 50 years of military experience.”
The Basics of Digital Forensics (2nd Edition)
“The Basics of Digital Forensics provides a foundation for people new to the digital forensics field. This book offers guidance on how to conduct examinations by discussing what digital forensics is, the methodologies used, key tactical concepts, and the tools needed to perform examinations. Details on digital forensics for computers, networks, cell phones, GPS, the cloud and the Internet are discussed. Also, learn how to collect evidence, document the scene, and how deleted data can be recovered. The new Second Edition of this book provides the reader with real-world examples and all the key technologies used in digital forensics, as well as new coverage of network intrusion response, how hard drives are organized, and electronic discovery. This valuable resource also covers how to incorporate quality assurance into an investigation, how to prioritize evidence items to examine (triage), case processing, and what goes into making an expert witness.”
Digital Forensics Trial Graphics
by John Sammons and Lars Daniel
“Digital Forensics Trial Graphics: Teaching the Jury Through Effective Use of Visuals helps digital forensic practitioners explain complex technical material to laypeople (i.e., juries, judges, etc.). The book includes professional quality illustrations of technology that help anyone understand the complex concepts behind the science. Users will find invaluable information on theory and best practices along with guidance on how to design and deliver successful explanations.”
The Basics of Cyber Safety
by John Sammons and Michael Cross
“The Basics of Cyber Safety: Computer and Mobile Device Safety Made Easy presents modern tactics on how to secure computer and mobile devices, including what behaviors are safe while surfing, searching, and interacting with others in the virtual world. The book’s author, Professor John Sammons, who teaches information security at Marshall University, introduces readers to the basic concepts of protecting their computer, mobile devices, and data during a time that is described as the most connected in history.
This timely resource provides useful information for readers who know very little about the basic principles of keeping the devices they are connected to—or themselves—secure while online. In addition, the text discusses, in a non-technical way, the cost of connectedness to your privacy, and what you can do to it, including how to avoid all kinds of viruses, malware, cybercrime, and identity theft. Final sections provide the latest information on safe computing in the workplace and at school, and give parents steps they can take to keep young kids and teens safe online.”
Digital Forensics: Threatscape and Best Practices
“Digital Forensics: Threatscape and Best Practices surveys the problems and challenges confronting digital forensic professionals today, including massive data sets and everchanging technology. This book provides a coherent overview of the threatscape in a broad range of topics, providing practitioners and students alike with a comprehensive, coherent overview of the threat landscape and what can be done to manage and prepare for it. Digital Forensics: Threatscape and Best Practices delivers you with incisive analysis and best practices from a panel of expert authors, led by John Sammons, bestselling author of The Basics of Digital Forensics.”
Digital Forensics with the AccessData Forensic Toolkit
“Learn how to use AccessData’s Forensic Toolkit (FTK) while mastering the fundamentals of digital forensics:
Digital Forensics with the AccessData Forensic Toolkit (FTK) provides a comprehensive review of essential digital forensics concepts and builds on this information to teach you how to conduct digital investigations with AccessData’s FTK―the industry-standard, court-accepted digital investigations platform.
Part I covers the technology all digital forensics investigators need to understand, specifically data, storage media, file systems, and registry files. Part II explains how best to use FTK 5 tools, including FTK imager, FTK registry viewer, and the Password Recovery Toolkit (PRTK), to conduct legally defensible investigations.“
Carrier Assignment and Packet Scheduling in LTE-A and Wi-Fi
“The highly competitive environment in today’s wireless and cellular network industries is making the management of systems seek for better and more advance techniques to keep masses of data, complexity of systems and deadline constrains under control with a lower cost and higher efficiency. Therefore, the management is getting significant attentions by researchers in order to increase the efficiency of the resource usage to provide high quality services. Two of the cornerstones of the management system in wireless and cellular network are carrier assignment and packet scheduling. Therefore, this work focuses on analysis and development of carrier assignment and packet scheduling methods in multi-band Wi-Fi and LTE-A networks.”