Monday, 6 January 2020

And an update...

It occurs to me that while I updated most of my security blogs when I (more or less) retired from the security industry at the start of 2019, I forgot about this one.

Well, I no longer work with ESET, which means I don't have a regular job in security. I did put in quite a lot of work in 2019 on the English edition of Eddy Willems' book 'Cyberdanger', and I might be tempted to do a little more editing/authoring/translation, but I've basically reverted to an earlier career as a musician/writer. I'm not actually making any money out of it right now, but that's what my pension is for. :)

But watch this space: this blog might just start to reflect my current career rather than what I used to do.

David Harley

Saturday, 26 May 2018

No news is good news + privacy policy

(1) I'm afraid this blog has become a bit cobwebby. If you were enjoying reading it, I'm sorry, but it was getting a bit time-consuming to maintain. You might say that the more recent blog at AVIEN has largely replaced it. Of course, I may come back to it at some point.
(2) I just use (sometimes) this blog to write articles. It’s not used for e-commerce. I don’t use this blog to collect any sort of personal information about its readers or subscribers, and of course I certainly don’t share or sell on any such information. I do not maintain any kind of mailing list and I don’t send out a newsletter, so I don’t have a reader/subscriber database.  When and if I answer comments or comment threads, that’s as far as it goes: I don’t use them to collect information about people who choose to comment.
When you provide some form of feedback to a  blog, comment, follow or subscribe by email and so on, you do provide information to the provider, in this case Google. While some of that information may be available to me, I don’t actually collect it or make use of it except as described above: I value your privacy as much as my own.
David Harley

Tuesday, 1 August 2017

So what's this about?

Since it seems that there are actually people in the world who have no idea who I am, let me first direct you to this Wikipedia article about me (blushes becomingly...), which was, the last time I looked, reasonably accurate. And now, to business.

Some time ago, I started a blog also called Geek Peninsula on Wordpress, and dithered about which to use. The original idea was to have somewhere I could flag all my security blog posts, articles, papers etc. as they came online, but it became too much of a drag maintaining it.

And I'm not sure which is most appropriate. Wordpress is more versatile, but the adverts on free versions are annoying and can screw up formatting. Still, the Wordpress blog is now burdened with all those papers and such. (See below.)

Here's where you can find some of those security blogs:
  • The Geek Peninsula (the other one) includes most of my papers and links to many of my security blogs/articles/papers and the occasional interview.
  • We Live Security is the current home of what used to be the ESET Threatblog,
  • The AVIEN blog is far less active than it used to be, but I do maintain a tech support scam resources page there, and another about ransomware
  • I no longer post for the (ISC)2 blog as I dropped my subscription to the organization some time ago: there's an archive of my own articles here.
  • IT Security UK is a highly independent blog run by Kevin Townsend for which I blog fairly regularly
  • I haven't written for Infosecurity Magazine recently, but I may do so again. In any case, I've done quite a few articles there.
  • Anti-Malware Testing is about testing (who'd have thought it?), especially product testing. Launched originally as a home for blog articles orphaned when AMTSO (the Anti-Malware Testing Standards Organization) decided that it was bad for its image to have independent commentary posted under the AMTSO banner and asked for the AMTSO blog to be removed. 
  • Chain Mail Check and Hoaxes Originally focused on chainletters and hoaxes, but also addresses various types of scam, spam, fraud and general misinformation. Basically all mine, with occasional input from Old Mac and the legendary Letitia Teaspoon.
  • Mac Virus is the current incarnation of the site I inherited many years ago from Susan Lesch. It's not as busy as it used to be, but it's now about all sorts of malware and other security issues, and is concerned not only with Macs but also iGadgets, Android and such.
  • Small Blue-Green World is me wearing my independent consultancy hat. It's not a hat I put on very often, though. 
  • Securiteam is a blog with a wide range of bloggers, often taking advantage of the site to represent themselves to present their own thoughts, rather than representing the companies they work for. We all need to do that from time to time... I haven't blogged there in years, though.
Most of my activity on Twitter comes from @DavidHarleyBlog, but that's not all security. @dharleyatESET, @dharleyatAVIEN, and @macviruscom just carry the security tweets. 

And here are some blogs that aren't primarily security-focused. 
  • As I drift deeper into semi-retirement and music supplants security, Wheal Alice Music is becoming the focus for more musical activity. Some of the stuff that already exists elsewhere is gradually drifting into Cornwall, virtually speaking. 
  • You'll never guess what David Harley's Miscellaneous Prose is about. Or David Harley's Songs, Or David Harley's Verse. Or Parodies Regained - .
  • Sabrinaflu is a blog site based on a site formerly maintained by Fliss Burke, devoted to folk music along the course of the Severn and beyond. Unfortunately, I'm not able to devote as much time to it as I did before I moved out of the area, but I'm doing my best.
  • Shropshire Blues was my main site for Shropshire-oriented material: it's getting a bit dusty since I moved to the West Country, though. 
  • Shropshire Laddishness is particularly focused on Housman-related material. Well, Housman-ish...
  • Dataholics: the IT Addiction satisfies my occasional urge to inflict a cartoon or other short sharp shock on my innocent readers. It's IT-oriented, but not strictly, and often strays far from security issues. More about humour, cheesy cartoons, and raw sarcasm. 
  • David Harley Photos is mostly for photos and artwork. 
  • David Harley Words and Music is mostly a repository for stuff like MP3s, but the main articles that link to them are generally elsewhere. 

So what is this one for? Well, I've just come back to it because it seemed like a good idea (partly owed to my friend and colleague Stephen Cobb over at ESET North America - he has a similar but more sophisticated blog here) to have somewhere to put links to stuff I find interesting (including but not restricted to my own output, and definitely not restricted to security). 

Watch this space. But you might want to blink occasionally. 

David Harley

Friday, 6 January 2017

Support Scammers hit Mac users with DoS attacks.

Support Scammers hit Mac users with DoS attacks: avien.net/blog/2286-2/

 for Malwarebytes examines another attack somewhere on the thin borderline between ransomware and tech support scams: Tech support scam page triggers denial-of-service attack on Macs

Thursday, 5 January 2017

Ransomware roundup for AVIEN blog

Posted for AVIEN:

Ransomware Roundup – Koolova, KillDisk and more


To be more precise, Koolova, KillDisk, GoldenEye, CryptoMix, DeriaLock, and unnamed PHP not-quite-ransomware.

David Harley

Friday, 30 December 2016

Ransomware Update

Yes, it has been a while since I posted anything here. Sorry about that, to both my readers. Here are a couple of things that have just come to my attention.

An article by Catalin Cimpanu for Bleeping Computer: It's Almost 2017 and Users Are Still Getting Infected with Malware via Fake AV Software. It includes instances of a Remote Access Trojan and ransomware distributed as security software.

While KillDisk moves from disk-wiping to ransomware - avien.net/blog/2262-2/

David Harley



Thursday, 24 November 2016

Support Scams and Diagnostic Services

Every so often I get requests for help from people with a computer problem that may or may not be malware-related.
When I have to refuse help, which is more often than I’d like, I try to refer the people concerned to a more appropriate person or forum, and to suggest they do what they can to ensure that the advice is from a reputable and competent source. I’m more cautious about recommending specific resources, even well-known commercial organizations, unless I’m in a position to confirm their competence and bona fides.
Sadly, this reluctance has been reinforced by accusations against Office Depot, which is alleged to have tricked customers into paying for unnecessary repairs to their systems. I'm not sure it's that simple.
Support Scams and Diagnostic Services: an article for ITSecurity UK.