ITsecurity
twitter facebook rss

Still Pumping and Dumping

Posted by David Harley on April 25, 2017

David Harley photo

Pump and Dump spam campaign still piling on the improbabilities.

All Hands to the Pump (and Dump)

Posted by David Harley on April 19, 2017

David Harley photo

A few years ago, even before I started working directly with vendors in the security industry, ‘Pump and Dump’ scams were a major nuisance. Here’s a description from a paper Andrew Lee and I wrote after I started working with ESET. Pump and Dump (or Hype and Dump) mails are designed to inflate the value […]

Social Engineering v. Malware: Remembering VBS/Loveletter

Posted by David Harley on February 20, 2017

David Harley photo

VBS/Loveletter demonstrated that sometimes the quality of malcode doesn’t matter if the social engineering hits the spot.

Key Card Ransomware: News versus FUD

Posted by David Harley on January 30, 2017

David Harley photo

On the 28th January 2017, a news site reported that Hotel ransomed by hackers as guests locked out of rooms. The story initially claimed that a ransomware gang had been able to compromise systems in the Romantik Seehotel Jägerwirt in Austria including the key card registry system, even managing to lock guests into their rooms. The […]

Support Scams and Diagnostic Services

Posted by David Harley on November 24, 2016

David Harley photo

Sometimes the borderline between out-and-out support scams and sub-optimal diagnostic services is too blurry for comfort.

Misinformation, Memetics and Electoral Fallout

Posted by David Harley on November 12, 2016

David Harley photo

Why make judgements based on memetic misinformation when there’s plenty of live footage to work from?

Wire-Wire Scams: Evolution beyond the 419

Posted by David Harley on November 7, 2016

David Harley photo

West African cybercrime nowadays has moved on from unsophisticated 419s to technically-based, effective Wire-Wire attacks on businesses.

SANS, Signatures, Next-Gen and DIY Testing

Posted by David Harley on October 31, 2016

David Harley photo

SANS has done some good work in security, but its webcast on next-gen product evaluation is based on fallacies.

Trust Us, We’re Facebook

Posted by David Harley on October 25, 2016

David Harley photo

Facebook has inconspicuously announced that it intends ‘to begin allowing more items that people find newsworthy, significant, or important to the public interest — even if they might otherwise violate our standards.’ Facecrooks is understandably unenthusiastic: ‘This policy change … may help Facebook avoid controversies like … censoring a historic picture from the Vietnam War […]

Ransomware, Support Scams, and Old-School 419s

Posted by David Harley on October 21, 2016

David Harley photo

Ransomware is the buzzword of the moment, but other scams haven’t gone away. Some are even converging with ransomware.