The best
Computer Viruses books:
Reddit reviews
From 3.5 billion Reddit comments
The best of Computer Viruses books by number of unique Reddit comments:
Top Reddit reviews mentioning Computer Viruses books:
Come on man at least credit the author Justin Seitz and give him a chance to sell his works: Black Hat Python: Python Programming for Hackers and Pentesters https://www.amazon.com/dp/1593275900/ref=cm_sw_r_cp_api_WNwIAbYTWGWZH
Edit: seitz not Switzerland
Because they are aggressive, good at what they do and often times very reckless. Andy Greenberg wrote a very good account of the activity of a single Russian military intelligence unit in the fanatic book Sandworm
Practical Malware Analysis by Andrew Honig and Mike Sikorski:
I’m a proud owner of a signed copy by Andrew 😁
I hope to take Net+ right after Sec+, so Im watching a Net+ vid at the same time I prep for Sec+ as Dion stressed that you need that info.
For sec+ I think the Neil book is very focused, not what some would call wordy. I would like to have bought the Pearson guide, but it wont be available for another month.
Good luck,
You should read Sandworm by Andy Greenberg. Or this free article. It explains all about the largest cyberattack in history, who did it, how, and why. I'll bet you never knew that in 2017, 80% of the world's shipping was suddenly paralyzed for weeks.
CompTIA Security+: SY0-601 Certification Guide: Complete coverage of the new CompTIA Security+ (SY0-601) exam to help you pass on the first attempt, 2nd Edition https://www.amazon.com/dp/1800564244/ref=cm_sw_r_u_apa_glt_fabc_SSK1WMH053BJ3KFZ8ARY
The book was honestly really good and Practice questions and PBQs I used from https://gcgapremium.com/security-online-study-materials/
I was pretty knowledgeable, the book and the practice tests helped alot, the questions explain why the answer is right or wrong and why it isn't the other answers, the questions do prepare you, but the problem was how the questions were asked on the test kind of confusing.
It’s laughable to read a lot of you don’t think they’re linked to the Kremlin. You can turn a corner and run into evidence. There are literal books written on this very subject.
https://www.amazon.com/Sandworm-Cyberwar-Kremlins-Dangerous-Hackers/dp/0385544405
Don’t be naive
I'd recommend everyone to read the book "Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers" ( https://www.amazon.com/Sandworm-Cyberwar-Kremlins-Dangerous-Hackers/dp/0385544405 ) - although it focuses mainly on Russian hackers, a significant portion talks about the capacity of other players as well.
The book says that there are three major players - the US, Russia and China (after them Iran, Israel and North Korea)
But each uses cyber weapons differently and with different purposes.
The US uses specific surgical attacks on specific targets and most covertly.
China uses them on a large scale, hitting all sorts of targets en masse, but their primary target is industrial espionage, patents, know-how, just about anything that can be acquired.
Russia uses attacks as part of an ideological method, they make little secret of the fact that they are perpetrating them and combine them with political and psychological influence (as with other types of attacks) - basically saying - Look what we can do, be afraid, leave us alone. That's also why the most publicly known info is about Russian hackers.
Those interested in the subject might want to check this out: https://www.amazon.com/Sandworm-Cyberwar-Kremlins-Dangerous-Hackers/dp/0385544405/ref=nodl_
I just finished it and while it’s not exactly conspiracy focused it seems very relevant to the now and future. These guys could bend a whole country over a barrel (and have) with a handful of lines of code.
https://www.amazon.co.uk/Practical-Malware-Analysis-Hands-Dissecting/dp/1593272901/
The above is the best book written on the subject.
I know it's fairly old but it's still the definitive work in malwar analysis and is used as the standard book in cyber forensics university modules. There is no better place to start.
https://www.amazon.com/This-They-Tell-World-Ends/dp/1635576059
The zero day market, the shit going down in cybersec and infosec, APT groups, etc. It’s written by a journalist, so it reads a little less heady than the more technical books.
A+ is only good if you want to stay at the customer service or help desk level.
Sec+ on the other hand is basically required for Cyber. Not sure where you've been applying, but if you want to get into Cybersecurity in DoD, Sec+ is required. DoD will also nearly always require a security clearance, which is hard to get your foot in the door.
I feel like commercial (non-DoD) cyber will probably want something like Sec+ as a baseline to indicate you at least know something about Cybersecurity. Certified Ethical Hacker is another cert that is kinda meh but seems prized by recruiters and hiring managers. Your coworkers will know it doesn't mean you know jack shit, but it can help you get hired.
I dunno man, tryna get hired in Cyber without Sec+ seems like a huge waste of time, DoD or no.
This is the study guide you need if you want to give Sec+ a crack. Good luck with your career, I hope you find what you're looking for! :D
Nju i powershell sam pojeo - ful korisne i praktične stvari.
Trenutno sam na Practical Malware Analysis
A škicam si od Kevina Mitnicka - Ghost in the Wires, Art of Invisibility i Art of Deception.
Good to know thx! Would you recommend this book for security +
Article reminds me of a book im reading, from the few chapters ive read im glad the world is turning on Russia as they were the ones to start using stolen hacking tools against Ukraine and the US. They opened pandoras box and must now deal with the consequences.
Although the US used Stuxnet at keast they dont attack critical infrastructure like power utilities and banking like the damn orcs.
Exploits have the power to cause major damage and there should be conventions similar to the geneva ones also treaties banning chemical and biological weapons. How long do we wait till something really bad happens. https://www.amazon.com/This-They-Tell-World-Ends/dp/1635576059
This is the book I used to learn it. Practical Malware Analysis is a great resource to get started. With the purchase of the book, you get a code so you can download benign "malware" and get a hands on learning experience.
Only because they were attacked by a literal nation state (China) in 2009 and started to take security seriously.
https://en.wikipedia.org/wiki/Operation_Aurora
Fun fact, Google engineers at the time did not have the skills to understand or stop the attack and they had to hire some outside suits to resolve the issue for them.
This book describes the event, along with others, in great detail:
https://www.amazon.com/This-They-Tell-World-Ends/dp/1635576059
I’ve taken two extensive courses on malware analysis and they’re both based on the info in this book. It’s worth the investment. Even if you’re never going to get to the point where you’re breaking down binaries with IDA pro or Ghidra, it’s good to know basic static and dynamic analysis.
Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software https://www.amazon.com/dp/1593272901/ref=cm_sw_r_cp_api_glt_i_PK2CE29QSFS1YC20D4PB
Not sure it’s allowed, so mods fee free to remove if needed, but the primary one I used was:
CompTIA Security+ All-in-One Exam Guide, Sixth Edition (Exam SY0-601)) https://www.amazon.com/dp/1260464008/ref=cm_sw_r_cp_api_glt_fabc_243Y750WRXTF59D8GQQ8?_encoding=UTF8&psc=1
With a secondary:
Mike Meyers' CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601) https://www.amazon.com/dp/1260473694/ref=cm_sw_r_cp_api_glt_fabc_SMBDC86B2T1XPJ5BT84J?_encoding=UTF8&psc=1
That is still a very grey world. There are legit bug bounty programs but if you have the right exploit for the right device, there are guys in dark suits who only give first names that are willing to buy your exploit for a bunch of cash or crypto. Usually the gangs and governments of the world are willing to pay a lot better than Apple or Microsoft would.
https://www.amazon.com/This-They-Tell-World-Ends/dp/1635576059
CompTIA Security+: SY0-601 Certification Guide: Complete coverage of the new CompTIA Security+ (SY0-601) exam to help you pass on the first attempt, 2nd Edition https://www.amazon.com/dp/1800564244/ref=cm_sw_r_cp_api_glt_fabc_NEEKCYR5NB3BWS0RAFWR. I used this book.
CompTIA Security+: SY0-601 Certification Guide: Complete coverage of the new CompTIA Security+ (SY0-601) exam to help you pass on the first attempt, 2nd Edition https://www.amazon.com/dp/1800564244/ref=cm_sw_r_cp_api_glt_fabc_S5QW2MYA90Y7YS9X55PP?_encoding=UTF8&psc=1
Also, messers and dion course on Udemy
Read this book:
CompTIA Security+: SY0-601 Certification Guide: Complete coverage of the new CompTIA Security+ (SY0-601) exam to help you pass on the first attempt, 2nd Edition https://www.amazon.com/dp/1800564244/ref=cm_sw_r_cp_api_glt_fabc_C314XQ0KAFAHMEFQYXDJ
Read this book:
CompTIA Security+: SY0-601 Certification Guide: Complete coverage of the new CompTIA Security+ (SY0-601) exam to help you pass on the first attempt, 2nd Edition https://www.amazon.com/dp/1800564244/ref=cm_sw_r_cp_api_glt_fabc_C314XQ0KAFAHMEFQYXDJ
If you genuinely want to know I'd recommend this book that was recently released that can walk you through a lot better than I can.
https://www.amazon.ca/This-They-Tell-World-Ends/dp/1635576059
But overall, yes they will, they can sell directly to the NSA or to middle-men or directly to foreign governments. It chronicles accounts of exploit devs who get approached immediately after giving talks at def-con being approached by a slew of state sponsored buyers of zero days. Damn near every country in the world is looking for a way to purchase zero-days. The reality is while the NSA did have the best exploit devs in the world they had them on salary while simultaneously paying top dollar for exploits. Much more lucrative for those devs to go free lance. It's happening across the industry doesn't matter if you're a FAANG or not, you can't really come close to what nation states are willing to pay.
Jason Dions practice exams are extremely important. Other materials are: Books:
CompTIA Security+: SY0-601 Certification Guide: Complete coverage of the new CompTIA Security+ (SY0-601) exam to help you pass on the first attempt, 2nd Edition https://www.amazon.com/dp/1800564244/ref=cm_sw_r_cp_api_glt_fabc_PTNEQCJRXJ46RNRGA9Q0?_encoding=UTF8&psc=1
Mike Meyers' CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601) https://www.amazon.com/dp/1260473694/ref=cm_sw_r_cp_api_glt_fabc_5KPW79WP0TG81HYZTHHJ?_encoding=UTF8&psc=1
Start your malware analysis riiiight here:
Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software https://smile.amazon.com/dp/1593272901/ref=cm_sw_r_cp_api_glt_fabc_GVVTE41HWPPG25D50HWM
It’s a super good book, a great primer on MA. Goes through setting up your environment and both basic and advanced static and dynamic analysis. It’s not dreadfully boring either.
This book is what I used in grad school. It goes through alot of tools and techniques and has labs that you can download and try on. Just make sure to set up your VM with a good revert once all your tools are downloaded. That said I dont recommend looking for it on any free book torrent/download sites...