相關主題
商品描述
Learn how to detect, analyze, and respond to phishing emails, the top infection vector used by cybercriminals. The repeatable process described in this book has been cultivated and tested in real-life incidents and validated across multiple threat landscapes and environments.
Every organization and individual with an email account is susceptible to deceptive emails sent by attackers with nefarious intentions. This activity, known as phishing, involves an attacker attempting to lure individuals into providing sensitive information or performing a predetermined action. Attacks vary in sophistication, but the core skills and process to detect, analyze, and respond to a suspicious message does not change.
Attackers have preyed on victims with convincing and not-so-convincing phishing emails to gain initial footholds into networks around the world for over 30 years. This attack method has been rapidly growing in popularity and continues to be the number one method that organizations and individuals struggle to defend against. Regardless of what any vendor or organization will tell you, no infallible tool exists to eliminate this threat completely.
This book teaches you how to analyze suspicious messages using free tools and resources. You will understand the basics of email, tactics used by attackers, and a repeatable process to systematically analyze messages and respond to suspicious activity.
You Will Learn How to:
- Safely save email messages as attachments for analysis
- Identify what information is in an email header
- Review header information and extract key indicators or patterns used for detection
- Identify signs of a suspicious or malicious email message
- Detect the tactics that attackers use in phishing emails
- Safely examine email links and attachments
- Use a variety of free and simple tools to analyze email messages
Who This Book Is For
Cybersecurity professionals and interested computer security enthusiasts currently holding or aspiring to obtain positions such as IT Security Analyst, Network Defender, Security Operations Center Analyst, or Help Desk Technician. Readers should have a general understanding of how email works and some ways that attackers use this platform for initial access.
商品描述(中文翻譯)
學習如何檢測、分析和回應釣魚電子郵件,這是網路犯罪分子使用的主要感染途徑。本書中描述的可重複過程已在實際事件中培養和測試,並在多個威脅環境中得到驗證。
每個擁有電子郵件帳戶的組織和個人都容易受到攻擊者發送的欺騙性電子郵件的影響。這種活動稱為釣魚,涉及攻擊者試圖引誘個人提供敏感信息或執行預定的行動。攻擊的複雜程度各不相同,但檢測、分析和回應可疑消息的核心技能和過程並不改變。
攻擊者已經利用令人信服和不那麼令人信服的釣魚電子郵件,對全球的受害者進行捕獵,這種方法已經持續了超過30年。這種攻擊方法的受歡迎程度迅速增長,並且仍然是組織和個人最難以防範的首要方法。無論任何供應商或組織告訴你什麼,並不存在可以完全消除這一威脅的萬無一失的工具。
本書教你如何使用免費工具和資源來分析可疑消息。你將了解電子郵件的基本知識、攻擊者使用的戰術,以及一個可重複的過程來系統性地分析消息並回應可疑活動。
你將學會如何:
- 安全地將電子郵件消息保存為附件以進行分析
- 確定電子郵件標頭中的信息
- 審查標頭信息並提取用於檢測的關鍵指標或模式
- 確定可疑或惡意電子郵件消息的跡象
- 檢測攻擊者在釣魚電子郵件中使用的戰術
- 安全地檢查電子郵件鏈接和附件
- 使用各種免費和簡單的工具來分析電子郵件消息
本書的讀者對象:
網路安全專業人士和有興趣的計算機安全愛好者,目前擔任或希望獲得IT安全分析師、網路防禦者、安全運營中心分析師或幫助台技術人員等職位。讀者應該對電子郵件的運作有一般了解,以及攻擊者如何利用這一平台進行初步訪問的某些方式。
作者簡介
Nick Oles is a cybersecurity expert with more than 10 years of operational experience in military, industry, and academic environments. He has worked on incident response and threat hunting, and consulted with Fortune 150 organizations, small businesses, and Department of Defense entities. Nick has served his country for more than a decade in the cyber and special operations communities, earning multiple military accolades, industry certifications, and awards. He has advised award-winning academic centers on cyber program development and management, as well as created and taught academic and certification courses on a variety of cyber security topics. Nick currently works full-time for the Department of Defense and has detected, analyzed, and responded to thousands of security incidents over his career. He continues to actively contribute to the community and teach students at all skill levels.
作者簡介(中文翻譯)
Nick Oles 是一位擁有超過 10 年軍事、產業和學術環境操作經驗的網路安全專家。他曾參與事件回應和威脅獵捕,並為《財富》150 強企業、小型企業及國防部機構提供諮詢服務。Nick 在網路和特種作戰社群中為國服務超過十年,獲得多項軍事榮譽、產業認證和獎項。他曾為獲獎的學術中心提供有關網路計畫開發和管理的建議,並創建及教授多種網路安全主題的學術和認證課程。Nick 目前全職於國防部工作,並在其職業生涯中檢測、分析和回應了數千起安全事件。他持續積極貢獻於社群,並教授各技能水平的學生。
