Login
Search manual

Details

Title CYBERSECURITY THREATS, MALWARE TRENDS, AND STRATEGIES: MITIGATE EXPLOITS, MALWARE, PHISHING, AND OTHER SOCIAL ENGINEERING ATTACKS.
Creators Rains Tim.
Imprint [S.l.]: PACKT PUBLISHING, 2020
Collection Электронные книги зарубежных издательств ; Общая коллекция
Subjects Computer security. ; Cyberterrorism. ; Malware (Computer software) ; EBSCO eBooks
Document type Other
File type PDF
Language English
Rights Доступ по паролю из сети Интернет (чтение, печать, копирование)
Record key on1156996260
Record create date 6/7/2020

Allowed Actions

pdf/2490088.pdf
Action 'Read' will be available if you login or access site from another network Action 'Download' will be available if you login or access site from another network
epub/2490088.epub
Action 'Download' will be available if you login or access site from another network
Group Anonymous
Network Internet
Network User group Action
ILC SPbPU Local Network All
Read Print Download
Internet Authorized users SPbPU
Read Print Download
Internet Anonymous
  • Cover
  • Copyright
  • Packt Page
  • Contributors
  • Table of Contents
  • Preface
  • Chapter 1: Ingredients for a Successful Cybersecurity Strategy
    • What is a cybersecurity strategy?
    • How organizations get initially compromised and the cybersecurity fundamentals
      • Unpatched vulnerabilities
      • Security misconfigurations
      • Weak, leaked, and stolen credentials
      • Social engineering
      • Insider threats
      • Focus on the cybersecurity fundamentals
    • Understanding the difference between the attacker's motivations and tactics
    • Other ingredients for a successful strategy
      • Business objective alignment
      • Cybersecurity vision, mission, and imperatives
      • Senior executive and board support
      • Understand the risk appetite
      • Realistic view of current cybersecurity capabilities and technical talent
      • Compliance program and control framework alignment
      • An effective relationship between cybersecurity and IT
      • Security culture
    • Chapter summary
    • References
  • Chapter 2: Using Vulnerability Trends to Reduce Risk and Costs
    • Introduction
    • Vulnerability Management Primer
      • Vulnerability Disclosure Data Sources
      • Industry Vulnerability Disclosure Trends
      • Reducing Risk and Costs – Measuring Vendor and Product Improvement
        • Oracle Vulnerability Trends
        • Apple Vulnerability Trends
        • IBM Vulnerability Trends
        • Google Vulnerability Trends
        • Microsoft Vulnerability Trends
        • Vendor Vulnerability Trend Summary
      • Operating System Vulnerability Trends
        • Microsoft Operating System Vulnerability Trends
        • Windows XP Vulnerability Trends
        • Windows 7 Vulnerability Trends
        • Windows Server 2012 and 2016 Vulnerability Trends
        • Windows 10 Vulnerability Trends
        • Linux Kernel Vulnerability Trends
        • Google Android Vulnerability Trends
        • Apple macOS Vulnerability Trends
        • Operating Systems Vulnerability Trend Summary
      • Web Browser Vulnerability Trends
        • Internet Explorer Vulnerability Trends
        • Microsoft Edge Vulnerability Trends
        • Google Chrome Vulnerability Trends
        • Mozilla Firefox Vulnerability Trends
        • Apple Safari Vulnerability Trends
        • Web Browser Vulnerability Trend Summary
      • Vulnerability Management Guidance
    • Chapter summary
    • References
  • Chapter 3: The Evolution of the Threat Landscape – Malware
    • Introduction
    • Why is there so much malware on Windows compared to other platforms?
    • Data sources
      • The Malicious Software Removal Tool
      • Real-time anti-malware tools
      • Non-security data sources
    • About malware
      • How malware infections spread
      • Trojans
      • Potentially unwanted software
      • Exploits and exploit kits
      • Worms
      • Ransomware
      • Viruses
      • Browser modifiers
      • Measuring malware prevalence
    • Global windows malware infection analysis
    • Regional windows malware infection analysis
      • The long-term view of the threat landscape in the Middle East and Northern Africa
        • 10-year regional report card for the Middle East and Northern Africa
      • The long-term view of the threat landscape in the European Union and Eastern Europe
        • 10-year regional report card for the European Union
        • 10-year regional report card for select Eastern European locations
      • The long-term view of the threat landscape in select locations in Asia
        • 10-year regional report card for Asia
      • The long-term view of the threat landscape in select locations in the Americas
        • 10-year regional report card for the Americas
      • Regional Windows malware infection analysis conclusions
        • What does this all mean for CISOs and enterprise security teams?
    • Global malware evolution
      • Global malware evolution conclusions
    • The great debate – are anti-malware solutions really worthwhile?
    • Threat intelligence best practices and tips
      • Tip #1 – data sources
      • Tip #2 – time periods
      • Tip #3 – recognizing hype
      • Tip #4 – predictions about the future
      • Tip #5 – vendors' motives
    • Chapter summary
    • References
  • Chapter 4: Internet-Based Threats
    • Introduction
    • A typical attack
    • Phishing attacks
      • Mitigating phishing
    • Drive-by download attacks
      • Mitigating drive-by download attacks
    • Malware hosting sites
      • Mitigating malware distribution
    • Post compromise – botnets and DDoS attacks
    • Chapter summary
    • References
  • Chapter 5: Cybersecurity Strategies
    • Introduction
    • Measuring the efficacy of cybersecurity strategies
    • Cybersecurity strategies
      • Protect and Recover Strategy
        • Cybersecurity fundamentals scoring system score
        • Protect and Recover Strategy summary
      • Endpoint Protection Strategy
        • Cybersecurity fundamentals scoring system score
        • Endpoint Protection Strategy summary
      • Physical control and security clearances as a security strategy
        • Cybersecurity fundamentals scoring system score
        • Physical Control and Security Clearances Strategy summary
      • Compliance as a Security Strategy
        • Cybersecurity fundamentals scoring system score
        • Compliance as a Security Strategy summary
      • Application-Centric Strategy
        • Cybersecurity fundamentals scoring system score
        • Application-Centric Strategy summary
      • Identity-Centric Strategy
        • Cybersecurity fundamentals scoring system score
        • Identity-Centric Strategy summary
      • Data-Centric Strategy
        • Cybersecurity fundamentals scoring system score
        • Data-Centric Strategy summary
      • Attack-Centric Strategy
        • Cybersecurity fundamentals scoring system score
        • Attack-Centric Strategy summary
      • Cybersecurity strategies summary
      • DevOps and DevSecOps
      • Zero Trust
    • Chapter summary
    • References
  • Chapter 6: Strategy Implementation
    • Introduction
    • What is an Intrusion Kill Chain?
    • Modernizing the kill chain
      • Mapping the cybersecurity usual suspects
      • Updating the matrix
    • Getting started
      • Maturity of current cybersecurity capabilities
      • Who consumes the data?
      • Cybersecurity license renewals
    • Implementing this strategy
      • Rationalizing the matrix – gaps, under-investments, and over-investments
      • Planning your implementation
      • Designing control sets
        • Attack phase – Reconnaissance I
        • Attack phase – Delivery
        • Attack phase – Exploitation
        • Attack phase – Installation
        • Attack phase – Command and Control (C2)
        • Attack phase – Reconnaissance II
        • Attack phase – Actions on Objectives
    • Conclusion
    • Chapter summary
    • References
  • Chapter 7: Measuring Performance and Effectiveness
    • Introduction
    • Using vulnerability management data
      • Assets under management versus total assets
      • Known unpatched vulnerabilities
      • Unpatched vulnerabilities by severity
      • Vulnerabilities by product type
    • Measuring performance and efficacy of an Attack-Centric Strategy
      • Performing intrusion reconstructions
      • Using intrusion reconstruction results
        • Identifying lame controls
        • Learning from failure
        • Identifying helpful vendors
        • Informing internal assessments
    • Chapter summary
    • References
  • Chapter 8: The Cloud – A Modern Approach to Security and Compliance
    • Introduction
    • How is cloud computing different?
    • Security and compliance game changers
      • The power of APIs
      • The advantages of automation
        • Mitigating insider threat and social engineering
        • Mitigating unpatched vulnerabilities
        • Mitigating security misconfigurations
        • Mitigating weak, leaked and stolen passwords
      • Security and compliance game changers: Summary
    • Using cybersecurity strategies in the cloud
      • Using the protect and recover strategy in the cloud
      • Compliance as a cybersecurity strategy in the cloud
      • Using the attack-centric strategy in the cloud
      • DevOps – A modern approach to security in the cloud
    • Encryption and key management
    • Conclusion
    • Chapter summary
    • References
  • Other Books You May Enjoy
  • Index
pdf/2490088.pdf

Access count: 1 
Last 30 days: 0

Detailed usage statistics

epub/2490088.epub

Access count: 0 
Last 30 days: 0

Detailed usage statistics