ITsecurity
twitter facebook rss

Wire-Wire Scams: Evolution beyond the 419

Posted by David Harley on November 7, 2016

David Harley photo

West African cybercrime nowadays has moved on from unsophisticated 419s to technically-based, effective Wire-Wire attacks on businesses.

SANS, Signatures, Next-Gen and DIY Testing

Posted by David Harley on October 31, 2016

David Harley photo

SANS has done some good work in security, but its webcast on next-gen product evaluation is based on fallacies.

Trust Us, We’re Facebook

Posted by David Harley on October 25, 2016

David Harley photo

Facebook has inconspicuously announced that it intends ‘to begin allowing more items that people find newsworthy, significant, or important to the public interest — even if they might otherwise violate our standards.’ Facecrooks is understandably unenthusiastic: ‘This policy change … may help Facebook avoid controversies like … censoring a historic picture from the Vietnam War […]

Ransomware, Support Scams, and Old-School 419s

Posted by David Harley on October 21, 2016

David Harley photo

Ransomware is the buzzword of the moment, but other scams haven’t gone away. Some are even converging with ransomware.

Ransomware at the University of Hard Knocks

Posted by David Harley on September 3, 2016

David Harley photo

I recently happened across an article by ‘next-gen’ provider SentinelOne about ransomware attacks experienced by universities in the UK: Freedom of Information requests reveal 6 out of 10 universities have been ransomware victims and almost 2/3 of targets were hit multiple times. SentinelOne drew its conclusions from responses to Freedom of Information requests for information […]

Robocalls: Automating Nuisance Calls

Posted by David Harley on August 8, 2016

David Harley photo

Recently I received an email from Nikki Courtney of Radio KTRH, in Houston, requesting a radio interview on robocalls. Why me, I’m not sure, unless it was because of an article I wrote earlier this year for ESET. It’s academic really, as I live in entirely the wrong time zone, and was in any case out of […]

What makes a good CISO?

Posted by David Harley on July 9, 2016

David Harley photo

The role of the CISO is a little different to the stuff I usually post here, but my ESET colleague Stephen Cobb is currently running a research project, ‘a study of what it takes to be an effective manager of information system security for an organization.’ As part of the project, he’s running a survey, of which he […]

Facebook’s not-so-smart algorithms

Posted by David Harley on June 26, 2016

David Harley photo

Facebook’s suggestions for pages I might like are a constant source of amusement and bewilderment. Music stuff, OK. I’m not quite at the stage yet where my life is more focused on music than on security-related writing, but it’s getting there.  IT stuff, OK. Some of it is even relevant to what I do. Stuff […]

Healthcare, IoT, and security marketing

Posted by David Harley on June 24, 2016

David Harley photo

I’ve grown blasé about the way that some sectors of the security industry badmouth mainstream antimalware in a bid to capture some of that market. And, believe it or not, I don’t have a problem with it in principle. While I’m not in marketing myself, I understand perfectly that even good products need to be […]

Stuxnet: more historical than hysterical, I hope

Posted by David Harley on June 7, 2016

David Harley photo

I don’t make a habit of using this blog to advertise another, but the article I’m going to talk about is just too long to rewrite for this blog. And in fact, I’m not generally a fan of articles that revisit antique malware that ceased to matter years or even decades ago. However, it appears […]