August 2009
Beginner
298 pages
9h 5m
English
Content preview from Hacking: The Next GenerationBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Summary
In this chapter, we examined the crafty and emerging attack techniques that today’s new age of sophisticated attackers are employing. Whether they’re conducting complex XSS attacks, turning the perimeter inside out by way of CSRF, abusing domain-based content ownership issues, or exploiting the browser software itself, attackers are evolving and learning how to poke holes into the corporate perimeter, turning it into a porous castle. As we demonstrated in this chapter, these exploits are less focused on compromising or infecting entire systems and more focused on stealing corporate secrets and data. This shift in focus allows attackers to bypass all the typical security strategies and protection mechanisms that modern software and information systems employ. Typical protection measures, such as SSL, VPNs, strong password policies, expensive firewalls, and even fully patched systems, will not stop many of these attacks. These exploits will not trigger antivirus alerts, nor will they leave an easy forensic trail for investigators to follow. In most cases, once the attacker has successfully carried out the exploit, the victim experiences no noticeable change, as the system has no persistent change to detect.
We sincerely hope that the material we presented in this chapter raises awareness of the new breeds of attack vectors that criminals are employing today, and that organizations use this information to enforce proactive measures to better protect their customers and data ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.