Security Experts:

David Harley's picture

David Harley

David Harley CITP FBCS CISSP is Research Fellow and Director of Malware Intelligence at ESET LLC , Chief Operations Officer at AVIEN, and on the Board of directors of AMTSO. He is a prolific blogger and author of security-focused conference papers and articles. His books include “Viruses Revealed” (Osborne/McGraw-Hill) and the “AVIEN Malware Defense Guide” (Syngress.) He joined ESET's Research team in January 2008 as Research Author, and was appointed Director of Malware Intelligence in August 2008.

Recent articles by David Harley

  • ‘Tis the season to compile lists. Not just for the security industry of course: anyone whose job includes a PR dimension has learned by now that the reading public loves a top ten.
  • Facebook is able to see a customer’s User ID, IP address and operating system if the customer is logged into Facebook at the time they visit a site that uses certain features of Facebook Social Plug-Ins. Does this sharing pose a serious privacy risk?
  • David Harley chimes in with some thoughts on the latest developments from the AMTSO and the Anti-Malware Industry.
  • Win32/Stuxnet might be described as a worm of a slightly different color, though it’s attracted interest from the media that’s comparable in intensity to Conficker, or Code Red, or Blaster.
  • The vulnerability in Windows Shell’s parsing of .LNK (shortcut) files presents some interesting and novel features in terms of its media lifecycle as well as its evolution from zero-day to patched vulnerability. For most of us, the vulnerability first came to light in the context of Win32/Stuxnet, malware that in itself presents some notable quirks.
  • The anti-malware industry sometimes sees more complicated problems than you might imagine, and they can’t all be fixed by tweaking detection algorithms or giving the marketing team a productivity bonus.
  • David Harley chimes in with thoughts on the Anti-Malware industry. Maybe only shareholders care about the financial health of an anti-malware company, but wouldn’t you rather have reliable information about the product you choose to protect your systems?