ITsecurity
twitter facebook rss

What makes a good CISO?

Posted by David Harley on July 9, 2016

David Harley photo

The role of the CISO is a little different to the stuff I usually post here, but my ESET colleague Stephen Cobb is currently running a research project, ‘a study of what it takes to be an effective manager of information system security for an organization.’ As part of the project, he’s running a survey, of which he […]

Facebook’s not-so-smart algorithms

Posted by David Harley on June 26, 2016

David Harley photo

Facebook’s suggestions for pages I might like are a constant source of amusement and bewilderment. Music stuff, OK. I’m not quite at the stage yet where my life is more focused on music than on security-related writing, but it’s getting there.  IT stuff, OK. Some of it is even relevant to what I do. Stuff […]

Healthcare, IoT, and security marketing

Posted by David Harley on June 24, 2016

David Harley photo

I’ve grown blasé about the way that some sectors of the security industry badmouth mainstream antimalware in a bid to capture some of that market. And, believe it or not, I don’t have a problem with it in principle. While I’m not in marketing myself, I understand perfectly that even good products need to be […]

Stuxnet: more historical than hysterical, I hope

Posted by David Harley on June 7, 2016

David Harley photo

I don’t make a habit of using this blog to advertise another, but the article I’m going to talk about is just too long to rewrite for this blog. And in fact, I’m not generally a fan of articles that revisit antique malware that ceased to matter years or even decades ago. However, it appears […]

Bank Fraud: Whose Fault?

Posted by David Harley on May 31, 2016

David Harley photo

Owing to a houseful of grandchildren, I’ve not been giving quite the same attention to security news just lately as I do normally, so I nearly missed an article by John Leyden for The Register: Bank in the UK? Plans afoot to make YOU liable for bank fraud. While I don’t feel a lot of love […]

TeslaCrypt: We’re Sorry, Here’s the Decryption Key

Posted by David Harley on May 19, 2016

David Harley photo

Are the TeslaCrypt operators genuinely apologizing? Probably not, since it seems that they may well have moved on to CryptXXX rather than retiring to a monastery to flagellate themselves with birch twigs. However, after an ESET analyst, noticing that the TeslaCrypt project seemed to be shutting down, contacted them via the Tesla support/payment site and asked them […]

Ransomwhere? – detecting new ransomware

Posted by David Harley on April 21, 2016

David Harley photo

Patrick Wardle’s Ransomwhere? for OS X flags processes as dangerous if they seem to encrypt files.

Healthcare Security and your Doctor’s Cellphone

Posted by David Harley on April 7, 2016

David Harley photo

Healthcare security: does your doctor’s cellphone endanger your medical data?

Patches (and Vulnerabilities, and Exploits)

Posted by David Harley on April 7, 2016

David Harley photo

Exploits, vulnerabilities, why patches really do matter, and thoughts on how to live with them.

Virus hoaxes still thrive while ‘Sonia disowns Rahul’

Posted by David Harley on March 21, 2016

David Harley photo

Sonia may have disowned Rahul, but virus hoaxes are still with us, though nowadays more often found in social media than in email.