Implement a systematic approach to security in your mobile application development with help from this practical guide. Featuring case studies, code examples, and best practices, Mobile Application Security details how to protect against vulnerabilities in the latest smartphone and PDA platforms. Maximize isolation, lockdown internal and removable storage, work with sandboxing and signing, and encrypt sensitive user information. Safeguards against viruses, worms, malware, and buffer overflow exploits are also covered in this comprehensive resource.
Voice over Internet Protocol (VoIP) networks have freed users from the tyranny of big telecom, allowing people to make phone calls over the Internet at very low or no cost. But while VoIP is easy and cheap, it’s notoriously lacking in security. With minimal effort, hackers can eavesdrop on conversations, disrupt phone calls, change caller IDs, insert unwanted audio into existing phone calls, and access sensitive information.
Protect your Web 2.0 architecture against the latest wave of cybercrime using expert tactics from Internet security professionals. Hacking Exposed Web 2.0 shows how hackers perform reconnaissance, choose their entry point, and attack Web 2.0-based services, and reveals detailed countermeasures and defense techniques. You’ll learn how to avoid injection and buffer overflow attacks, fix browser and plug-in flaws, and secure AJAX, Flash, and XML-driven applications. Real-world case studies illustrate social networking site weaknesses, cross-site attack methods, migration vulnerabilities, and IE7 shortcomings.
Every day, hackers are devising new ways to break into your network. Do you have what it takes to stop them? Find out in Hacker’s Challenge 3. Inside, top-tier security experts offer 20 brand-new, real-world network security incidents to test your computer forensics and response skills. All the latest hot-button topics are covered, including phishing and pharming scams, internal corporate hacking, Cisco IOS, wireless, iSCSI storage, VoIP, Windows, Mac OS X, and UNIX/Linux hacks, and much more. Each challenge includes a detailed explanation of the incident–how the break-in was detected, evidence and clues, technical background such as log files and network maps, and a series of questions for you to solve. In Part II, you’ll get a detailed analysis of how the experts solved each incident.
The security of data, as shown by several recent high-profile cases, is weak. It is but a question of time before courts begin requiring more thorough steps to be taken–users and courts want data security. This book not only helps IT meet those growing needs, but shows the vendors where they need to improve. Regulations have highlighted an overlying issue of data protection. Data, whether it is financial data, non-public private information, or medical data, needs to be protected from unauthorized external and internal entities at all times. Much valuable data (i.e. customer and patient data) spends most of its lifetime in a storage device–not on computers, servers, or networks. Local failures and outside intruders can change, destroy, or compromise stored data even if the main network is secure: storage requires its own security. This book is a must read for IT personnel responsible for data security and security consultants who perform compliance audits at companies that use storage devices.
Prevent unwanted hacker attacks! This detailed guide will show you how to strengthen your company system’s defenses, keep critical data secure, and add to the functionality of your network by deploying SSH. Security expert Himanshu Dwivedi shows you ways to implement SSH on virtually all operating systems, desktops, and servers, so your system is safe, secure, and stable. Learn how SSH fulfills all the core items in security, including authentication, authorization, encryption, integrity, and auditing. Also, discover methods to optimize the protocol for security and functionality on Unix, Windows, and network architecture environments. Additionally, find out about the similarities and differences of the major SSH servers and clients.