Explore the vast range of titles available.

Cyber attacks cost the global economy approximately $445 billion per year. To mitigate attacks, many companies rely on cyber threat intelligence (CTI), or threat intelligence related to computers, networks, and information technology (IT). However, CTI traditionally analyzes attacks after they have already happened, resulting in reactive advice. While useful, researchers and practitioners have been seeking to develop proactive CTI by better understanding the threats present in hacker communities. This study contributes a novel CTI framework by leveraging an automated and principled web, data, and text mining approach to collect and analyze vast amounts of malicious hacker tools directly from large, international underground hacker communities. By using this framework, we identified many freely available malicious assets such as crypters, keyloggers, web, and database exploits. Some of these tools may have been the cause of recent breaches against organizations such as the Office of Personnel Management (OPM). The study contributes to our understanding and practice of the timely proactive identification of cyber threats.

Examines what social engineering is, the methods used by hackers to gather information, and ways to prevent social engineering threats.

This paper examines messages posted in a hacker forum and constructs four user profiles based on the observed behavior patterns. It starts with the development of an automated forum post classification system to understand the knowledge transfer pattern exhibited by each user over time. Two patterns, knowledge acquisition and knowledge provision, are noted to be particularly informative. Based on these two and other user characteristics, user profiles are classified into four types: guru hackers, casual hackers, learning hackers, and novice hackers. Guru hackers are knowledgeable and respectable. They usually share ideas and advice with others. Casual hackers tend to act as observers. They can be skilled hackers who show interest mainly in deriving usable information from the forum. Learning hackers are also expert hackers who utilize the forum basically for learning. They actively seek knowledge and tend to share more of it over time. Novice hackers are new learners who typically join the forum for a short period. Overall, it is found that hacker communities very much represent learning communities where meritocracy is in place.

Learn to exploit vulnerable database applications using SQL injection tools and techniques, while understanding how to effectively prevent attacks Key Features * Understand SQL injection and its effects on websites and other systems * Get hands-on with SQL injection using both manual and automated tools * Explore practical tips for various attack and defense strategies relating to SQL injection Book Description SQL injection (SQLi) is probably the most infamous attack that can be unleashed against applications on the internet. SQL Injection Strategies is an end-to-end guide for beginners looking to learn how to perform SQL injection and test the security of web applications, websites, or databases, using both manual and automated techniques. The book serves as both a theoretical and practical guide to take you through the important aspects of SQL injection, both from an attack and a defense perspective. You'll start with a thorough introduction to SQL injection and its impact on websites and systems. Later, the book features steps to configure a virtual environment, so you can try SQL injection techniques safely on your own computer. These tests can be performed not only on web applications but also on web services and mobile applications that can be used for managing IoT environments. Tools such as sqlmap and others are then covered, helping you understand how to use them effectively to perform SQL injection attacks. By the end of this book, you will be well-versed with SQL injection, from both the attack and defense perspective. What you will learn * Focus on how to defend against SQL injection attacks * Understand web application security * Get up and running with a variety of SQL injection concepts * Become well-versed with different SQL injection scenarios * Discover SQL injection manual attack techniques * Delve into SQL injection automated techniques Who this book is for This book is ideal for penetration testers, ethical hackers, or anyone who wants to learn about SQL injection and the various attack and defense strategies against this web security vulnerability. No prior knowledge of SQL injection is needed to get started with this book.

Secure your container environment against cyberattacks and deliver robust deployments with this practical guide Key Features * Explore a variety of Kubernetes components that help you to prevent cyberattacks * Perform effective resource management and monitoring with Prometheus and built-in Kubernetes tools * Learn techniques to prevent attackers from compromising applications and accessing resources for crypto-coin mining Book Description Kubernetes is an open source orchestration platform for managing containerized applications. Despite widespread adoption of the technology, DevOps engineers might be unaware of the pitfalls of containerized environments. With this comprehensive book, you'll learn how to use the different security integrations available on the Kubernetes platform to safeguard your deployments in a variety of scenarios. Learn Kubernetes Security starts by taking you through the Kubernetes architecture and the networking model. You'll then learn about the Kubernetes threat model and get to grips with securing clusters. Throughout the book, you'll cover various security aspects such as authentication, authorization, image scanning, and resource monitoring. As you advance, you'll learn about securing cluster components (the kube-apiserver, CoreDNS, and kubelet) and pods (hardening image, security context, and PodSecurityPolicy). With the help of hands-on examples, you'll also learn how to use open source tools such as Anchore, Prometheus, OPA, and Falco to protect your deployments. By the end of this Kubernetes book, you'll have gained a solid understanding of container security and be able to protect your clusters from cyberattacks and mitigate cybersecurity threats. What you will learn * Understand the basics of Kubernetes architecture and networking * Gain insights into different security integrations provided by the Kubernetes platform * Delve into Kubernetes' threat modeling and security domains * Explore different security configurations from a variety of practical examples * Get to grips with using and deploying open source tools to protect your deployments * Discover techniques to mitigate or prevent known Kubernetes hacks Who this book is for This book is for security consultants, cloud administrators, system administrators, and DevOps engineers interested in securing their container deployments. If you're looking to secure your Kubernetes clusters and cloud-based deployments, you'll find this book useful. A basic understanding of cloud computing and containerization is necessary to make the most of this book.

Online hacker forums offer a prominent avenue for sharing hacking knowledge. Using a field dataset culled from multiple sources, we find that online discussion of distributed denial of service (DDOS) attacks in hackforums.net decreases the number of DDOS-attack victims. A 1% increase in discussion decreases DDOS attacks by 0.032% to 0.122%. This means that two DDOS-attack posts per day could reduce the number of victims by 700 to 2,600 per day. We find that discussion topics with similar keywords can variously increase or decrease DDOS attacks, meaning we cannot ascertain the impact of the discussion just by the post nature. Mentioning botnets, especially new botnets, increases the attacks, but the follow-up discussion decreases the attacks. Our results suggest that online-hacker-forum discussion may exhibit the dual-use characteristic. That is, it can be used for both good and bad purposes. We draw related managerial implications.

Aim: The aim of this study is to present the relationship between critical infrastructures and operational technology (OT) and to explore the cybersecurity challenges arising from the integration of IT and OT systems. The central research question is: What are the main vulnerabilities that emerge in critical infrastructures due to the interconnection of OT and IT systems, and what defense strategies can mitigate these risks? Methodology: The research adopts an interdisciplinary approach that combines theoretical-logical analysis, literature review, case study analysis, and the examination of practical examples. The following hypotheses were investigated: H1: The convergence of IT and OT systems results in an increased attack surface, as OT systems become vulnerable through IT networks. H2: The security mechanisms applied in critical infrastructures do not always meet the specific security requirements of OT, increasing system vulnerabilities. H3: Proper segmentation strategies and the establishment of controlled communication channels between IT and OT networks can reduce the risk of cyberattacks. The research also includes comparative analyses examining security measures applied in industrial and critical infrastructure settings. To gain a deeper understanding of the cybersecurity challenges of OT systems, industry reports and case studies were also analysed. Findings: The protection of operational technology systems in critical infrastructures is crucial for maintaining social and economic stability. The digitalization of OT systems and their increasing integration with IT systems create new cybersecurity challenges that require a complex and multi-layered approach to address. The study highlights that proper segmentation and secure interconnection of IT and OT systems are key to effectively managing cyber threats. Value: This research provides a comprehensive overview of the cybersecurity challenges associated with operational technology, with a particular focus on critical infrastructures. It offers valuable guidance for developing defense strategies from both scientific and practical perspectives, supporting the secure integration of IT and OT systems. Cél: A tanulmány célja, hogy bemutassa a kritikus infrastruktúrák és az operatív technológia (OT) kapcsolatát, valamint feltárja az IT-és OT-rendszerek integrációjából adódó kiberbiztonsági kihívásokat. A kutatás központi kérdése: Melyek a legfőbb sebezhetőségek, amelyek az OT- és IT-rendszerek összekapcsolása révén merülnek fel a kritikus infrastruktúrákban, és milyen védelmi stratégiák csökkenthetik ezek kockázatait? Módszertan: A kutatás interdiszciplináris megközelítést alkalmaz, amely ötvözi az elméleti-logikai vizsgálatokat, szakirodalmi áttekintést, esettanulmányok elemzését és gyakorlati példák feldolgozását. A kutatás során a következő hipotéziseket vizsgáltuk. H1: Az IT- és OT-rendszerek konvergenciája fokozott támadási felületet eredményez, mivel az IT-hálózatokon keresztül az OT-rendszerek is sérülékennyé válhatnak. H2: A kritikus infrastruktúrákban alkalmazott védelmi mechanizmusok nem minden esetben felelnek meg az OT sajátos biztonsági követelményeinek, ami növeli a rendszerek sérülékenységét. H3: A megfelelő szegmentációs stratégiák, valamint az IT- és OT-hálózatok közötti ellenőrzött kommunikációs csatornák kialakítása csökkentheti a kibertámadások kockázatát. A kutatás összehasonlító elemzéseket is tartalmaz, amely során az ipari és kritikus infrastruktúrákban alkalmazott védelmi intézkedéseket vizsgáljuk. Az OT-rendszerek kiberbiztonsági kihívásainak jobb megértése érdekében iparági jelentések és esettanulmányok elemzése is történt. Megállapítások: A kritikus infrastruktúrák operatív technológiai rendszereinek védelme kiemelten fontos a társadalmi és gazdasági stabilitás fenntartásának érdekében. Az OT-rendszerek digitalizációja és az IT-rendszerekkel való egyre szorosabb integrációja új kiberbiztonsági kihívásokat teremt, amelyek kezelése komplex és többszintű megközelítést igényel. A tanulmány rávilágít arra, hogy az IT- és OT-rendszerek megfelelő szegmentációja és biztonságos összekapcsolása kulcsfontosságú a kiberfenyegetések hatékony kezeléséhez. Érték: A kutatás átfogó képet nyújt az operatív technológia kiberbiztonsági kihívásairól, különös tekintettel a kritikus infrastruktúrákra. Tudományos és gyakorlati szempontból egyaránt hasznos útmutatást kínál a védekezési stratégiák fejlesztéséhez, segítve ezzel az IT- és OT-rendszerek biztonságos integrációját.

Underground hacking has evolved from its early countercultural roots to become a complex and varied phenomenon. By combining a historical review of the literature with a content analysis of 30 years of underground hacker communication, we show that hacking has evolved in three waves to embrace learning and creativity, intrusion and crime, as well as politics and cyberwarfare. We uncover a paradoxical relationship between hackers and society at large where underground hacking is considered a digital crime while at the same time inspiring and driving corporate innovation, cybersecurity, and even cyberwarfare. The outcome of our research provides a nuanced picture of the hacker underground by highlighting differences between competing discursive themes across time. Moreover, by translating these themes into a set of six contrasting personas of IS professionals, we discuss how knowledge, technologies, and creative practices of underground hackers are being professionalized. We use this discussion to provide implications and a research agenda for IS studies in cybersecurity, innovation, and cyberwarfare.