Rick Howard, the Chief Security Officer, Chief Analyst, and Senior fellow at The Cyberwire, challenges the conventional wisdom of current cybersecurity best practices, strategy, and tactics and makes the case that the profession needs to get back to first principles.

Cult of the Dead Cow is the tale of the oldest, most respected, and most famous American hacking group of all time. Though until now it has remained mostly anonymous, its members invented the concept of hacktivism. Today, the group and its followers are battling electoral misinformation, making personal data safer, and battling to keep technology a force for good instead of for surveillance and oppression. Cult of the Dead Cow shows how governments, corporations, and criminals came to hold immense power over individuals and how we can fight back against them.

In Project Zero Trust: A Story About a Strategy for Aligning Security and the Business, George Finney, chief security officer at Southern Methodist University, delivers an insightful and practical discussion of Zero Trust implementation. Presented in the form of a fictional narrative involving a breach at a company, the book tracks the actions of the company's new IT security director. Listeners will learn John Kindervag's 5-Step methodology for implementing Zero Trust, the four Zero Trust design principles, and how to limit the impact of a breach.

It’s a signal paradox of our times that we live in an information society but do not know how it works. And without understanding how our information is stored, used, and protected, we are vulnerable to having it exploited. In Fancy Bear Goes Phishing, Scott J. Shapiro draws on his popular Yale University class about hacking to expose the secrets of the digital age. With lucidity and wit, he establishes that cybercrime has less to do with defective programming than with the faulty wiring of our psyches and society.

In 2014, the world witnessed the start of a mysterious series of cyberattacks. Targeting American utility companies, NATO, and electric grids in Eastern Europe, the strikes grew ever more brazen. They culminated in the summer of 2017, when the malware known as NotPetya was unleashed, penetrating, disrupting, and paralyzing some of the world's largest businesses—from drug manufacturers to software developers to shipping companies. At the attack's epicenter in Ukraine, ATMs froze. The railway and postal systems shut down. Hospitals went dark.

Thoroughly updated for the latest release of the Certified Information Systems Security Professional exam, this comprehensive resource covers all objectives in the 2021 CISSP exam developed by the International Information Systems Security Certification Consortium (ISC)2®. CISSP All-in-One Exam Guide, Ninth Edition features learning objectives at the beginning of each chapter, exam tips, practice questions, and in-depth explanations.

Kevin Mitnick was the most elusive computer break-in artist in history. He accessed computers and networks at the world’s biggest companies—and however fast the authorities were, Mitnick was faster, sprinting through phone switches, computer systems, and cellular networks. He spent years skipping through cyberspace, always three steps ahead and labeled unstoppable.

Over the last decade, a single innovation has massively fueled digital black markets: cryptocurrency. Crime lords inhabiting lawless corners of the internet have operated more freely—whether in drug dealing, money laundering, or human trafficking—than their analog counterparts could have ever dreamed of. By transacting not in dollars or pounds but in currencies with anonymous ledgers, overseen by no government, beholden to no bankers, these black marketeers have sought to rob law enforcement of their chief method of cracking down on illicit finance: following the money.

The virus now known as Stuxnet was unlike any other piece of malware built before: Rather than simply hijacking targeted computers or stealing information from them, it proved that a piece of code could escape the digital realm and wreak actual, physical destruction—in this case, on an Iranian nuclear facility.

Like it or not, your every move is being watched and analyzed. Consumers' identities are being stolen, and a person's every step is being tracked and stored. What once might have been dismissed as paranoia is now a hard truth, and privacy is a luxury few can afford or understand. In this explosive yet practical book, Kevin Mitnick illustrates what is happening without your knowledge - and he teaches you "the art of invisibility".

Zero day: a software bug that allows a hacker to break into your devices and move around undetected. One of the most coveted tools in a spy's arsenal, a zero day has the power to silently spy on your iPhone, dismantle the safety controls at a chemical plant, alter an election and shut down the electric grid (just ask Ukraine). For decades, under cover of classification levels and non-disclosure agreements, the United States government became the world’s dominant hoarder of zero days.

While outright mimicry is obviously out of the question, you can certainly seek to mirror the communication styles of the people you're engaging with, in order to help you establish rapport and common ground. Suppose someone looks at you for just a couple of seconds before looking down, or goes past you and then looks back at you. This nonverbal style tells you something important about the person you're engaging - sustained eye contact is undesirable.

Before the internet became widely known as a global tool for terrorists, one perceptive US citizen recognized its ominous potential. Armed with clear evidence of computer espionage, he began a highly personal quest to expose a hidden network of spies that threatened national security. But would the authorities back him up? Cliff Stoll's dramatic firsthand account is "a computer-age detective story, instantly fascinating [and] astonishingly gripping" - Smithsonian.

Meet the Lazarus Group, a shadowy cabal of hackers accused of working on behalf of the North Korean state. It's claimed that they form one of the most dangerous criminal enterprises on the planet, having stolen more than $1bn in an international crime spree. Their targets allegedly include central banks, Hollywood film studios and even the British National Health Service. North Korea denies the allegations, saying the accusations are American attempts to tarnish its image.

Scattered across the world, an elite team of code crackers is working tirelessly to thwart the defining cyber scourge of our time. You’ve probably never heard of them. But if you work for a school, a business, a hospital, or a municipal government, or simply cherish your digital data, you may be painfully familiar with the team’s sworn enemy: ransomware. Again and again, an unlikely band of misfits, mostly self-taught and often struggling to make ends meet, have outwitted the underworld of hackers who lock computer networks and demand huge payments in return for the keys.

In Project Zero Trust: A Story About a Strategy for Aligning Security and the Business, George Finney, chief security officer at Southern Methodist University, delivers an insightful and practical discussion of Zero Trust implementation. Presented in the form of a fictional narrative involving a breach at a company, the book tracks the actions of the company's new IT security director. Listeners will learn John Kindervag's 5-Step methodology for implementing Zero Trust, the four Zero Trust design principles, and how to limit the impact of a breach.

Like it or not, your every move is being watched and analyzed. Consumers' identities are being stolen, and a person's every step is being tracked and stored. What once might have been dismissed as paranoia is now a hard truth, and privacy is a luxury few can afford or understand. In this explosive yet practical book, Kevin Mitnick illustrates what is happening without your knowledge - and he teaches you "the art of invisibility".

Kevin Mitnick was the most elusive computer break-in artist in history. He accessed computers and networks at the world’s biggest companies—and however fast the authorities were, Mitnick was faster, sprinting through phone switches, computer systems, and cellular networks. He spent years skipping through cyberspace, always three steps ahead and labeled unstoppable.

Rick Howard, the Chief Security Officer, Chief Analyst, and Senior fellow at The Cyberwire, challenges the conventional wisdom of current cybersecurity best practices, strategy, and tactics and makes the case that the profession needs to get back to first principles.

The virus now known as Stuxnet was unlike any other piece of malware built before: Rather than simply hijacking targeted computers or stealing information from them, it proved that a piece of code could escape the digital realm and wreak actual, physical destruction—in this case, on an Iranian nuclear facility.

Social Engineering: The Science of Human Hacking reveals the craftier side of the hacker's repertoire - why hack into something when you could just ask for access? Undetectable by firewalls and antivirus software, social engineering relies on human fault to gain access to sensitive spaces; in this book, renowned expert Christopher Hadnagy explains the most commonly used techniques that fool even the most robust security personnel and reveals how these techniques have been used in the past.

Cult of the Dead Cow is the tale of the oldest, most respected, and most famous American hacking group of all time. Though until now it has remained mostly anonymous, its members invented the concept of hacktivism. Today, the group and its followers are battling electoral misinformation, making personal data safer, and battling to keep technology a force for good instead of for surveillance and oppression. Cult of the Dead Cow shows how governments, corporations, and criminals came to hold immense power over individuals and how we can fight back against them.

The world's most infamous hacker offers an insider's view of the low-tech threats to high-tech security. Kevin Mitnick's exploits as a cyber-desperado and fugitive form one of the most exhaustive FBI manhunts in history and have spawned dozens of articles, books, films, and documentaries. Since his release from federal prison, in 1998, Mitnick has turned his life around and established himself as one of the most sought-after computer security experts worldwide.

With cyberattacks resulting in often devastating results, it’s no wonder executives hire the best and brightest of the IT world for protection. But are you doing enough? Do you understand your risks? What if the brightest aren’t always the best choice for your company? In The Smartest Person in the Room, Christian Espinosa shows you how to leverage your company’s smartest minds to your benefit and theirs. Learn from Christian’s own journey from cybersecurity engineer to company CEO.

It’s a signal paradox of our times that we live in an information society but do not know how it works. And without understanding how our information is stored, used, and protected, we are vulnerable to having it exploited. In Fancy Bear Goes Phishing, Scott J. Shapiro draws on his popular Yale University class about hacking to expose the secrets of the digital age. With lucidity and wit, he establishes that cybercrime has less to do with defective programming than with the faulty wiring of our psyches and society.

In Cybersecurity Myths and Misconceptions: Avoiding the Hazards and Pitfalls that Derail Us, three cybersecurity pioneers don't just deliver the first comprehensive collection of falsehoods that derail security from the frontlines to the boardroom; they offer expert practical advice for avoiding or overcoming each myth.

Beginning in 2018, a powerful app for secure communications, called Anom, began to take root among drug dealers and other criminals. It had extraordinary safeguards to keep out prying eyes--the power to quickly wipe data, voice-masking technology, and more. It was better than other apps popular among organized crime syndicates, except for one thing: it was secretly run by law enforcement. Over the next few years, the FBI, along with law enforcement partners in Australia and parts of Europe, got a front row seat to the global criminal underworld.

Laurent Richard and Sandrine Rigaud's Pegasus: How a Spy in Our Pocket Threatens the End of Privacy, Dignity, and Democracy is the story of the one of the most sophisticated and invasive surveillance weapons ever created, used by governments around the world.

Steven Levy's classic book traces the exploits of the computer revolution's original hackers - those brilliant and eccentric nerds from the late 1950s through the early '80s who took risks, bent the rules, and pushed the world in a radical new direction. With updated material from noteworthy hackers such as Bill Gates, Mark Zuckerberg, Richard Stallman, and Steve Wozniak, Hackers is a fascinating story that begins in early computer research labs and leads to the first home computers.

Scattered across the world, an elite team of code crackers is working tirelessly to thwart the defining cyber scourge of our time. You’ve probably never heard of them. But if you work for a school, a business, a hospital, or a municipal government, or simply cherish your digital data, you may be painfully familiar with the team’s sworn enemy: ransomware. Again and again, an unlikely band of misfits, mostly self-taught and often struggling to make ends meet, have outwitted the underworld of hackers who lock computer networks and demand huge payments in return for the keys.