David Harley

Job title:
CEO, Small Blue-Green World, and independent author

Areas of expertise:
Apple security, malware, anti-malware testing, psychosocial aspects of security, user education, email management, social media, medical informatics

Biography:
The Apple Security Blog, by David Harley David Harley, CITP, FBCS, CISSP, is an IT security researcher, author and consultant living in the UK. He has worked in IT (largely in medical informatics) since the 1980s, increasingly focused on security and anti-malware research since 1989. Between 2001 and 2006 he managed the UK National Health Service’s Threat Assessment Centre, and since 2006 he has provided authoring and consultancy services to the anti-virus industry. Since 2009 he has been a director of the Anti-Malware Testing Standards Organization (AMTSO). He runs the Mac Virus website and AVIEN (the Anti-Virus Information Exchange Network), and is a Fellow of the British Computer Society (now the BCS Institute). He was principle author and technical editor of “The AVIEN Malware Defense Guide for the Enterprise” and co-authored “Viruses Revealed”, as well as contributing to many other books including “OS X Exploits and Defense”. He has a daunting back-catalog of research papers and articles, and also blogs for Mac Virus, AVIEN, ESET (where he holds the title Senior Research Fellow), (ISC)², and numerous other websites.

Tag Cloud

Bloggers

Blog

Follow and talk to Infosecurity's bloggers.

Follow Infosecurity's bloggers as they share their thoughts on the industry, technology, and much more. Our bloggers have been selected for their industry expertise. They welcome interaction, so we encourage you to add your opinions to theirs.

All Bloggers » David Harley
0
comments
This year’s Virus Bulletin conference, the ‘must-go-to’ event for most anti-malware researchers, was light on (directly) Mac-related content. Unsurprising perhaps: there has been no recent high-profile, high-volume malware event equivalent to the great Flashback Flashflood of 2012. ...
Posted 08 October 2013 by David Harley
0
comments
Jerome Segura has blogged for Malwarebytes about a ransomware attack of sorts that poses a potential problem for OS X users. We’ve become all too familiar with malware that targets Windows users, telling them they have to pay the FBI or the police a fine for some infraction, often involving po ...
Posted 17 July 2013 by David Harley
0
comments
Mac Phisheries
I recently came across a Kaspersky report – Apple of Discord – by Nadezhda Demidova. Primarily, it’s about a dramatic rise in phishing attacks directed at those of us who use Apple devices (presumably including Macs as well as iOS iGadgets). According to the report, Kaspe ...
Posted 10 July 2013 by David Harley
0
comments
A (Very) Brief History of (Mac) Time…
I came across a brief article on Forbes by Andy Greenberg on a bug in the beta version of iOS 7 that makes it possible to bypass its lockscreen in order to access (not to mention delete, tweet etc.) the phone owner’s photographs. Well, it’s not the worst news ever to come out of Cupertin ...
Posted 15 June 2013 by David Harley
0
comments
If Your iPhone Could Talk...
Andy Greenberg at Forbes has shown us the information that law enforcement can recover via a seized iPhone. The article is essentially in response to one published by the American Civil Liberties Union highlighting the amount of information the US Immigration and Customs Enforcement (ICE) agency was ...
Posted 25 March 2013 by David Harley
0
comments
Cruising the Misinformation Superhighway
  Long before there was a World Wide Web, when the internet was largely a playground for academics and the military, and most people still thought spam was a canned meat, there were already hoaxes and scams (pyramid schemes, Ponzi schemes, lures into premium rate phone services, fake friends a ...
Posted 28 February 2013 by David Harley
0
comments
Mac AV Testing: How Useful Is It?
  I commented recently (on an independent AV testing-related blog) on a blog article from Intego in which Lysa Myers commented not only on the infamous Imperva pseudo-test, but on a test report from Thomas' Tech Corner.   On January 28, Thomas Reed returned to the fray with a further ro ...
Posted 29 January 2013 by David Harley
0
comments
I just came across an interesting blog by Lysa Myers (for Intego) on jailbreaking: The Latest in Jailbreaking: Will Malware Follow? Ironically, while there are rumours of an imminent untethered jailbreak for iOS 6.0.2, the most recent high-profile jailbreak is for Windows RT, approximately equivale ...
Posted 09 January 2013 by David Harley
0
comments
Send in the Clones
  The longer you stay in this game, the more obsolete information you have cluttering up your memory cells. Technology moves quickly, and in the tug o’ war o’ attrition between malware and anti-malware, the effective lifetime of a specific malicious binary is often very short indee ...
Posted 17 December 2012 by David Harley
0
comments
  As the pseudonymous Old Mac Bloggit – my colleague at Mac Virus – has already noted, there’s some interesting Mac-related content included in the Sophos Security Threat Report 2012 (some of it already summarized in an Infosecurity article here: Malware set to take a big bit ...
Posted 07 December 2012 by David Harley
0
comments
OSX/Dockster Spyware
On November 30th, Intego blogged about OS X spyware it calls OSX/Dockster.A. This relatively simple backdoor trojan, found on Virus Total, provides a remote shell to give a remote attacker access to the system, provides a channel for downloading additional files, and has keylogger functionality. The ...
Posted 03 December 2012 by David Harley
0
comments
McAfee & Michelangelo
  Without breaking any confidences, it’s fair to say that the present troubles of John McAfee, founder of the AV company that still bears his name, has inspired a lot of comment in the security industry, a lot of it not particularly complimentary to him.   Despite having been conn ...
Posted 19 November 2012 by David Harley
1
comment
  In an IT Pro Portal article whose title says it all – Windows vs Apple OS X security: market share more important than product – Will Dalton gives Team Cymru's Steve Santorelli the chance to make the  point that operating system vendors aren't really in the bu ...
Posted 08 November 2012 by David Harley
0
comments
The Test of Time
  So you’ve seen all the stories about the rising tide of Mac malware. Maybe you’ve noticed that the fanboi cries of “Macs are secure! There are no Mac viruses!” have been a little muted lately, and that OSX/Flashback managed to recruit a sizeable number of Macs into a ...
Posted 13 October 2012 by David Harley
0
comments
Trusting the Oracle: Truth or Dare
  It’s been claimed that Oracle has known since April about the latest Java vulnerabilities to which so many of us are exposed. Even if Oracle does actually step outside its patch cycle to provide remediation before October – which seems far from certain at the moment – that ...
Posted 30 August 2012 by David Harley
0
comments
Apple Support and Anti-Social Engineering
When Infosecurity Magazine originally wrote about the attack on Mat Honan, the focus was on Apple’s culpability, though it’s become clearer since that there’ve been a multitude of security sins committed here that weren’t all Apple’s (notably Amazon and Honan himself). ...
Posted 08 August 2012 by David Harley
0
comments
Pickpockets in the (app) Marketplace
Suddenly, it seems, the App Store is having a (very small) taste of the sort of criticism previously reserved for Android outlets, recently with regard to ZonD80’s provision of a service by which Apple’s in-app purchasing mechanism can be subverted, hard on the heels of reports of a prob ...
Posted 20 July 2012 by David Harley
0
comments
Kelly Jackson Higgins has noted “4 Signs That Apple's Sharpening Its Security Game”. And indeed, there are indications that Apple’s hard-line “We don’t have any security problems” attitude as getting a bit smoother at the edges, as the Mac threatscape has started ...
Posted 02 July 2012 by David Harley
0
comments
Apples and Oranges = Apple and Microsoft?
Several people have asked me for a response to Eugene Kaspersky’s views on Apple, as expressed at Infosecurity Europe last week, suggesting that Apple is ten years behind on security. But having spent some time on an analysis that no-one has used, I guess I’ll use it here – it ...
Posted 02 May 2012 by David Harley
1
comment
Apple OS X and Risk Reduction
Some of the confidence Mac users have in the security of their chosen operating system derives from over-reliance on proactive patching. This outbreak highlights the need to be aware that patching of known vulnerabilities in system software or applications is not necessarily prompt enough to foresta ...
Posted 16 April 2012 by David Harley
Showing 1 - 20 of 45 blogs
View the RSS feed for this blog »
We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×