A review for Virus Bulletin of two recent eBooks that aim to provide security guidance and tips to consumers.
An comment piece originally published in Virus Bulletin* observing a slightly unexpected relationship between hoaxes (and electronic chain messages in general) and botnets.
Virus Bulletin speaks to VB2013 presenters Lysa Myers and David Harley about their research interests and what they aim to bring to the conference.
An article originally published in Virus Bulletin*, considering the current spate of 'AV is dead' hype. What would a world without for-fee antivirus be like?
An article for Computer Weekly's Security Think Tank column on why targeted attacks have moved on from being a problem that only affects governments and big companies.
A comment piece on how apparently innocuous Facebook games might be used as part of a data aggregation attack.
Originally published in Virus Bulletin, February 2012 *
An article for Network Security - now available purchase from Elsevier - that looks at the present state of the Anti-Malware Testing Standards Organization. Can AMTSO really continue to build on its achievements so far? A no-fee pre-edit version of the article without graphics, publisher edits or formatting, is also available on the AMTSO blog-site here
An article originally published in Hakin9 Magazine's 50th issue documenting interesting growth trends in complex threats, especially those targeting Microsoft Windows 64-bit.
An article for (SC)2's Security Zone column in Computer Weekly, on how businesses should empower all IT users to play an active part in protecting corporate data.
An article for Virus Bulletin offering preliminary results from research into selection strategies for numeric passcodes such as ATM and smartphone PINs.
Originally published in Virus Bulletin, September 2011. *
An article for Computer Weekly (May 2011) that suggests that the latest paper approved and released by AMTSO may be its most important document in years.
Considers and contrasts the distribution and installation of the TDL3 and TDL4 bootkits.
Looks in more depth at the internals of the TDSS malware.
David Harley meditates on security soothsaying and takes a peek into his own crystal ball.
nalysis of bottom feeder malware that climbed onto the Stuxnet 0-day bandwagon.
Originally published in Virus Bulletin, September 2010. *
Is the UK's National Health Service betraying its own principles by allowing Facebook to track visitors to its NHS Choices site?
How the Anti-Malware Testing Standards Organization's new subscription model will enable the community at large to participate in its activities.
This article for Virus Bulletin describes a utility for dumping the TDSS rootkit's file system.
Originally published in Virus Bulletin, October 2010. *
An interview with ESET's David Harley, former manager of the Threat Assessment Centre in the United Kingdom's National Health Service, in which he talks about security and the NHS.
An article for (ISC)2's regular column in Computer Weekly on the similarities between rogue AV and fake support scams.
Article for Security Week on the vulnerabilities and incident dispersion behind Stuxnet, perhaps 2010's most interesting malware.
An article for Security Week on the .LNK vulnerability classified as CVE-2010-2568 and exploited by Win32/Stuxnet, among other malicious programs.
An article for Security Week, about scammers cold-calling potential victims to offer to clean non-existent malware and install pirated antivirus software.
By David Harley, June 2010
An article for Virus Bulletin on the implications of the PWN2KILL challenge at iAWACS 2010: is this the new face of AV testing?
Originally published in Virus Bulletin, June 2010. *
ESET's Sr. Research Fellow and member of AMTSO's Board of Directors considers whether AMTSO is engaging with the public as well as it might.
Subtitled "Account of an Investigation into a Cybercrime Group", this is a comprehensive consideration, by researchers with ESET's partners in Russia, of the distribution and the internals of the TDL3 Rootkit, and the involvement of the Dogma Millions group.
A short presentation on Apple security for InfoSecurity Europe, based on a paper subsequently presented in more detail at EICAR 2010 and available here.
A Spotlight article about what AMTSO has achieved so far and what might lie ahead. Featured in January 2010's Virus Bulletin and hosted on the AMTSO web site.
Originally published in Virus Bulletin, June 2010. *
Article in CTO Edge that explains how social engineering is used to trick computer users into downloading malware.
Article for Infosecurity Magazine that reviews both the tried-and-true and the latest methods that online criminals are using to steal information, and your money.
An article in Global Security Mag that discusses the evolution of yesterday's virus hoaxes and other chain letters to social networking sites like Facebook and Twitter.
Discusses the increasing dangers of incautious use of social networking in an age where the regulation and use of data by financial and other institutions has not kept pace with a changing online world.
Review of "Is it safe? Protecting your computer, your business, and yourself online" by Michael Miller (Que).
Originally published in Virus Bulletin, March 2009. *
Commissioned article on the CARO (Computer Antivirus Researchers Organization) and AMTSO (Anti-Malware Testing Standards Organization) workshops in Budapest in May.
Originally published in Virus Bulletin, June 2009. *
Published in Infosecurity magazine, Volume 6, Issue 2. Why the traditional naming conventions for malware no longe
r make sense. For purchase from Elsevier.
In "Information Security Technical Report". For purchase from Elsevier. Addresses the problems around anti-malware testing and evaluation, and describes the industry's initiatives for mitigation.
A pre-print version of the above article in "Information Security Technical Report" is available on David's personal web site, with the permission of the publisher.
Considers the early impact of AMTSO, the Anti-Malware Testing Standards Organization, on the testing industry.
A detailed analysis of the Rustock.C rootkit and some of its self-defensive measures.
Originally published in Virus Bulletin, August 2008. *
Reviews some of the reasons why Macintosh computers in corporate environments need protection.
An overview of the problems that make most anti-malware tests so unreliable.
Takes a realistic look at how far Vista can be expected to mitigate the user's exposure to malicious code.
Review of "Phishing Exposed", Lance James's book for Syngress.
Originally published in Virus Bulletin, July 2006. *
Reviews of Robert Slade's "Dictionary of Information Security" and "Combating Spyware in the Enterprise", by Baskin et al., both published by Syngress.
Originally published in Virus Bulletin, September 2006. *
A paper originally presented at the 1998 EICAR conference, but which is currently being cited by a number of other resources due to its still topical taxonomical content and observations on good password practice.