twitter facebook rss

Phishing, Spoofing, and Looking a Glyph Horse in the Mouth

Posted by David Harley on January 12, 2015

I recently posted an article on the ESET blog about recognizing phishing messages. It covers quite a lot of ground that I don’t intend to go over again here, though I’ll include a quick summary at the end of this article, to give you an idea as to whether it’s worth reading – or recommending […]

Hoaxes, Facebook, and the Mother of Parliaments

Posted by David Harley on December 10, 2014

Yesterday, I put up a new post about Trust, Truth and Hoaxes in Social Media. Among other things, it referred to misleading posts seen on Facebook and other social media suggesting that British politicians only turn up to debates that concern their own financial wellbeing. I still don’t think that’s at all the case – which […]

OS X malware: I hear you KnockKnocking but you can’t come in*

Posted by David Harley on October 29, 2014

Patrick Wardle’s KnockKnock is useful for the generic detection of OS X programs that maintain ‘persistence’, but it isn’t a replacement for anti-malware.

(Alleged) support scam site knocked back

Posted by David Harley on October 26, 2014

Cold calling tech support scams: misleading advice, fake viruses, fake support package deals. Sadly, the FTC’s efforts only reach a few of the offenders.

Mobile Malware: Should I Keep Taking The Tablets?

Posted by David Harley on October 14, 2014

I recently came across a comment to one of my blogs – it doesn’t matter which, because it didn’t actually relate directly to the article it was attached to. The commenter wanted to know whether she needed to install anti-virus onto her tablet, because ‘tablets can’t get viruses’, as her son had told her, and […]

The economics of benevolence: mean memes

Posted by David Harley on September 16, 2014

Sadly, even the anally-retentive security community can forget that social media are not real life: memes are likelier to be factoids than facts.

Back-to-school advice

Posted by David Harley on August 23, 2014

I apologize in advance: I don’t intend to pack my occasional posts here with references to my colleagues at ESET, and I’m sure there’s good advice on similar topics around from other bloggers, but for obvious reasons, I tend to see a lot of the writing they produce even before it’s published, whereas there are […]

Security Certificate #FAIL: No FT, No Comment

Posted by David Harley on July 25, 2014

The Financial Times is running a Cyber Security Conference, but maybe it should be more scrupulous about its own website security practices.

Support Scams and Developer Data Harvesting: is there a Connection?

Posted by David Harley on June 23, 2014

Richard Hay tells us that a cold-caller ostensibly from the DVLUP programme may actually be hoping to harvest some sensitive personal data. Is this human trojan horse from the same stable as tech support scams?

Antipodean iOS ransomware

Posted by David Harley on May 28, 2014

Wherever you live, now is the time to take advantage of Apple’s 2FA for Apple ID credentials.