RSS Alerts

David Harley

Job title:
CEO, Small Blue-Green World, and independent author

Areas of expertise:
Apple security, malware, anti-malware testing, psychosocial aspects of security, user education, email management, social media, medical informatics

Biography:
The Apple Security Blog, by David Harley David Harley, CITP, FBCS, CISSP, is an IT security researcher, author and consultant living in the UK. He has worked in IT (largely in medical informatics) since the 1980s, increasingly focused on security and anti-malware research since 1989. Between 2001 and 2006 he managed the UK National Health Service’s Threat Assessment Centre, and since 2006 he has provided authoring and consultancy services to the anti-virus industry. Since 2009 he has been a director of the Anti-Malware Testing Standards Organization (AMTSO). He runs the Mac Virus website and AVIEN (the Anti-Virus Information Exchange Network), and is a Fellow of the British Computer Society (now the BCS Institute). He was principle author and technical editor of “The AVIEN Malware Defense Guide for the Enterprise” and co-authored “Viruses Revealed”, as well as contributing to many other books including “OS X Exploits and Defense”. He has a daunting back-catalog of research papers and articles, and also blogs for Mac Virus, AVIEN, ESET (where he holds the title Senior Research Fellow), (ISC)², and numerous other websites.

Tag Cloud

Security Cloud cloud computing David Harley cybersecurity compliance cloud security encryption

Bloggers

Blog

Follow and talk to Infosecurity's bloggers.

Follow Infosecurity's bloggers as they share their thoughts on the industry, technology, and much more. Our bloggers have been selected for their industry expertise. They welcome interaction, so we encourage you to add your opinions to theirs.

All Bloggers » David Harley
0
comments
A (Very) Brief History of (Mac) Time…
I came across a brief article on Forbes by Andy Greenberg on a bug in the beta version of iOS 7 that makes it possible to bypass its lockscreen in order to access (not to mention delete, tweet etc.) the phone owner’s photographs. Well, it’s not the worst news ever to come out of Cupertin ...
Posted 15 June 2013 by David Harley
tags: David Harley, David Perry, Andy Greenberg, iOS 7, Elk Cloner, Skrenta, Apple II, Mac, OS X, Charlie Miller, George Hotz, Comex
0
comments
If Your iPhone Could Talk...
Andy Greenberg at Forbes has shown us the information that law enforcement can recover via a seized iPhone. The article is essentially in response to one published by the American Civil Liberties Union highlighting the amount of information the US Immigration and Customs Enforcement (ICE) agency was ...
Posted 25 March 2013 by David Harley
tags: Forbes, Andy Greenberg, forensics, iPhone, smartphone, ACLU, David Harley
0
comments
Cruising the Misinformation Superhighway
  Long before there was a World Wide Web, when the internet was largely a playground for academics and the military, and most people still thought spam was a canned meat, there were already hoaxes and scams (pyramid schemes, Ponzi schemes, lures into premium rate phone services, fake friends a ...
Posted 28 February 2013 by David Harley
tags: David Harley, hoax, social media, web 2.0, ESET, Facebook, social engineering
0
comments
Mac AV Testing: How Useful Is It?
  I commented recently (on an independent AV testing-related blog) on a blog article from Intego in which Lysa Myers commented not only on the infamous Imperva pseudo-test, but on a test report from Thomas' Tech Corner.   On January 28, Thomas Reed returned to the fray with a further ro ...
Posted 29 January 2013 by David Harley
tags: David Harley, Mac malware, Mac AV, AV product testing, anti-malware testing
0
comments
Jailbreaking: Not Just a Sport for iPhone Users
I just came across an interesting blog by Lysa Myers (for Intego) on jailbreaking: The Latest in Jailbreaking: Will Malware Follow? Ironically, while there are rumours of an imminent untethered jailbreak for iOS 6.0.2, the most recent high-profile jailbreak is for Windows RT, approximately equivale ...
Posted 09 January 2013 by David Harley
tags: David Harley, Intego, Codeproof, Lysa Myers, jailbreaking, iOS, tethered jailbreaking, untethered jailbreaking, Android, Windows RT
0
comments
Send in the Clones
  The longer you stay in this game, the more obsolete information you have cluttering up your memory cells. Technology moves quickly, and in the tug o’ war o’ attrition between malware and anti-malware, the effective lifetime of a specific malicious binary is often very short indee ...
Posted 17 December 2012 by David Harley
tags: David Harley, John Leyden, Mikko Hypponen, Michelangelo, Elk Cloner, Brain, viruses, malware, Apple II
0
comments
OSX/Flashback isn't Necessarily the Newsflash
  As the pseudonymous Old Mac Bloggit – my colleague at Mac Virus – has already noted, there’s some interesting Mac-related content included in the Sophos Security Threat Report 2012 (some of it already summarized in an Infosecurity article here: Malware set to take a big bit ...
Posted 07 December 2012 by David Harley
tags: David Harley, OSX/Flashback, Mac Virus, Sophos, Apple, mac malware, Forrester, OSX/FkCodec-A, WildList, INF/Autorun
0
comments
OSX/Dockster Spyware
On November 30th, Intego blogged about OS X spyware it calls OSX/Dockster.A. This relatively simple backdoor trojan, found on Virus Total, provides a remote shell to give a remote attacker access to the system, provides a channel for downloading additional files, and has keylogger functionality. The ...
Posted 03 December 2012 by David Harley
tags: David Harley, Intego, Sophos, F-Secure, Dockster, spyware, Virus Total, Dalai Lam, CVE-2012-0507, Sabpab, Flashback
0
comments
McAfee & Michelangelo
  Without breaking any confidences, it’s fair to say that the present troubles of John McAfee, founder of the AV company that still bears his name, has inspired a lot of comment in the security industry, a lot of it not particularly complimentary to him.   Despite having been conn ...
Posted 19 November 2012 by David Harley
tags: David Harley, Aryeh Goretsky, John McAfee, Michelangelo, hype, media virus, boot sector virus, Dr. Alan Solomon
1
comment
Are Operating System Vendors Really Selling Security?
  In an IT Pro Portal article whose title says it all – Windows vs Apple OS X security: market share more important than product – Will Dalton gives Team Cymru's Steve Santorelli the chance to make the  point that operating system vendors aren't really in the bu ...
Posted 08 November 2012 by David Harley
tags: David Harley, Steve Santorelli, IT Pro Portal, Will Dalton, Team Cymru, Operating System, security versus convenience
0
comments
The Test of Time
  So you’ve seen all the stories about the rising tide of Mac malware. Maybe you’ve noticed that the fanboi cries of “Macs are secure! There are no Mac viruses!” have been a little muted lately, and that OSX/Flashback managed to recruit a sizeable number of Macs into a ...
Posted 13 October 2012 by David Harley
tags: OSX, David Harley, malware, AV-Comparatives, ICSA Labs, AMTSO, antivirus testing, methodology, Anti-Malware Testing Standards Organization
0
comments
Trusting the Oracle: Truth or Dare
  It’s been claimed that Oracle has known since April about the latest Java vulnerabilities to which so many of us are exposed. Even if Oracle does actually step outside its patch cycle to provide remediation before October – which seems far from certain at the moment – that ...
Posted 30 August 2012 by David Harley
tags: Oracle, David Harley, Java, Lion, Mountain Lion, OS X, Kevin Townsend, ESET, Stephen Cobb, Lucian Constantin, OS X, 0-day, Java 7, Jave update
0
comments
Apple Support and Anti-Social Engineering
When Infosecurity Magazine originally wrote about the attack on Mat Honan, the focus was on Apple’s culpability, though it’s become clearer since that there’ve been a multitude of security sins committed here that weren’t all Apple’s (notably Amazon and Honan himself). ...
Posted 08 August 2012 by David Harley
tags: David Harley, Apple, Amazon, social engineering, Kevin Mitnick, Mat Honan, authentication, password re-use, password reset, education, data aggregation attack
0
comments
Pickpockets in the (app) Marketplace
Suddenly, it seems, the App Store is having a (very small) taste of the sort of criticism previously reserved for Android outlets, recently with regard to ZonD80’s provision of a service by which Apple’s in-app purchasing mechanism can be subverted, hard on the heels of reports of a prob ...
Posted 20 July 2012 by David Harley
tags: David Harley, iOS, App Store, ZonD80, Find and Call, spam, fraud, piracy, contact details misuse, movement tracking, data encryption
0
comments
Apple Tiptoes Out of the Pavilion and onto the Sports Field
Kelly Jackson Higgins has noted “4 Signs That Apple's Sharpening Its Security Game”. And indeed, there are indications that Apple’s hard-line “We don’t have any security problems” attitude as getting a bit smoother at the edges, as the Mac threatscape has started ...
Posted 02 July 2012 by David Harley
tags: David Harley, Flashback, Mountain Lion, Darkreading, Kelly Jackson Higgins, ASLR, Mac security, Graham Cluley, Flash, botnet, anti-virus
0
comments
Apples and Oranges = Apple and Microsoft?
Several people have asked me for a response to Eugene Kaspersky’s views on Apple, as expressed at Infosecurity Europe last week, suggesting that Apple is ten years behind on security. But having spent some time on an analysis that no-one has used, I guess I’ll use it here – it ...
Posted 02 May 2012 by David Harley
tags: Apple, Microsoft, David Harley, Mikko Hypponen, Eugene Kaspersky, Trustworthy Computing, OSX/Flashback, Gatekeeper, XProtect, CVE-2012-0507, NT, OS X
1
comment
Apple OS X and Risk Reduction
Some of the confidence Mac users have in the security of their chosen operating system derives from over-reliance on proactive patching. This outbreak highlights the need to be aware that patching of known vulnerabilities in system software or applications is not necessarily prompt enough to foresta ...
Posted 16 April 2012 by David Harley
tags: David Harley, SabPab, SabPub, Java, Flashback, patching, updates, anti-virus, Java, Flash Player, Adobe Reader
0
comments
Flashbacks and Backtracks
If you follow my Mac Virus blog, you’ll have noticed that I’ve been tracking some of the coverage of Mac malware incidents to hit my radar in the last couple of weeks. In fact, hits on Mac Virus have been skyrocketing in the past 24 hours, so perhaps this a good time to recap on a couple ...
Posted 06 April 2012 by David Harley
tags: David Harley, Mac Virus, OS X malware, Flashback, AlienVault, CVE-2011-3544, MS09-027, iOS, Flashback, botnet, Java, updates, CVE-2012-0507
1
comment
OS X Malware: A Steady Trickle
I’m guessing that the myth of OS X invulnerability to malware is pretty much busted by now: at any rate, there has been wave after wave of OS X-related malware reports in the past week or two. Sophos were the latest big name to weigh in on the OSX/Imuler malware that DrWeb, Intego, ESET and yo ...
Posted 26 March 2012 by David Harley
tags: David Harley, Intego, SecureMac, F-Secure, Sophos, ESET, DrWeb, Imuler, OSX, Flashback, Twitter, Tibet, Renzin Dorjee, Irina Shayk
0
comments
OSX/Imuler: the Image-Conscious Trojan
Intego recently posted some information on its blog concerning the Imuler information-stealing Trojan. The variant that Intego calls OSX/Imuler.C uses a different stealth/social engineering technique to that used by previous variants. It seems to be intended to spread via .ZIP archives containing th ...
Posted 16 March 2012 by David Harley
tags: David Harley, Intego, ESET, OS X, malware, OSX/Imuler, JPG, APP, deceptive icon, file extensions, Finder advanced preferences
123NEXTLAST
Showing 1 - 20 of 42 blogs
View the RSS feed for this blog »
Terms & Conditions | Privacy | Website Design| Reed Exhibitions. All rights reserved. Copyright © 2013
We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×