A happy and over-worked Valentine’s Day…

…But I’m travelling for the next few weeks, so things will be quieter. Writing-wise, if not work-wise.

Infosecurity Magazine: Malware: a Matter of Definition

ESET: Cybercrime, Cyberpolicing, and the Public 

Chainmailcheck: Only love can break your heart… 

Mac Virus: Flashbacks East of Java and Not-Malware 

And rather more than a mention by Kevin Townsend: David Harley comments on the ACPO National Cyber Crime Conference.

David Harley CITP FBCS CISSP
Small Blue-Green World
ESET Senior Research Fellow

13th February

Busy day (you don’t know the half of it)…

ESET blog: Cybercrime and Punishment

SC Magazine: My not-so-funny valentine 

Securiteam: The malware problem looks better after the first cup of coffee 

David Harley CITP FBCS CISSP
Small Blue-Green World
ESET Senior Research Fellow

28th January – 12th February

Articles:

Virus Bulletin Living the Meme (available to subscribers only)

Hakin9 David Harley, Aleksandr Matrosov, Eugene Rodionov:  When I’m x64: Bootkit Threat Evolution in 2011

Network Security: AMTSO: the Test of Time? This article appeared in January’s Network Security but is now available from Elsevier as published (including formatting, proofing and graphics) here, or there is a no-fee pre-edit copy available (by permission of the publisher) from the AMTSO blog here.

ESET blogs:

• February 3rd: TDL4 reloaded: Purple Haze all in my brain 
• February 7th: Your Children and Online Safety
• February 7th: Valentine’s Day Scams: For the love of money (joint blog with André Goujon, Sebastian Bortnik, and Stephen Cobb)

AMTSO:

February 7th: Network Security Article on AMTSO

ChainMailCheck:

• February 3rd: Facebook and the Rumour Mill
• February 3rd: Fair-weather Facebook Friends
• February 7th: Green Eggs and Comment Spam

SC Magazine:

• February 2nd: U.K. MPs bite the cyber bullet…
• February 7th: Towards a safer internet

(ISC)2 Blog: 

February 6th:  Android, Malware and Rehabilitation

Mac Virus:

February 7th: Wormcast

Internet Evolution:

1st February: ‘Androidophobia’ Hits the Web Again

Media mentions:

• Fred Donovan/Infosecurity Magazine
• Infosecurity Magazine: Up to five million Androids infected with Counterclank

A looooooong gap…. (December – January)

Well, I was actually incommunicado over Xmas (yippee!) But the last summary I posted here was on 15th December, so a lot has happened. I’m therefore changing the format a bit for this post, so that it doesn’t take me all week to write it.

Blogs for ESET (last half of December 2011):

• December 19th: Facebook scam #umpteen: having your cheesecake and eating it… 
• December 30th: Passwords, Stratfor, and Newton’s 3rd Law of Motion 

Blogs for ESET (January 2012 up to 28th)

• January 4th: Bootkit Threat Evolution in 2011
• January 9th: Irish 419-er seeks Spanish Lady 
• January 10th: Autorun and Conficker not dead yet: Threat Trends Report
• January 11th: Phishing and Taxes: a dead CERT?
• January 12th: HTML/Scrinject: surfing for cheap thrills at XXXmas?
• January 16th: Great Expectations and the Grim Reaver 
• January 17th: Passwords, passphrases, and big numbers: first the good news… 
• January 20th: Facebook, your birthday #1, and survey scams 
• January 24th: Facebook scam: the hours I spend… 
• January 27th: Facebook Fakebook: New Trends in Carberp Activity

SC Magazine (15th December – 27th January)

• January 11th: Retrophitted Retrophish
• January 16th: Great expectations 
• January 25th: Keep taking the tablets… 

Infosecurity Magazine (15th December – 27th January)

• 19th December: Small Eruption in Peru*: Not Many Infected
• 16th January: I Keep Getting Flashbacks
• 23rd January: iOS Jailbreaking: Does Absinthe Make the Heart Grow Fonder?

Chainmailcheck:

• 19th January: Agony Column for Comment Spammers 
• 20th January: Facebook Memes are the New Black(hat)

Mac Virus:

• December 19th: New Infosecurity blog article
• January 17th: Flashback to 2011: another recurring Trojan… 
• January 17th: F-Secure’s summary of 2011 Mac Malware
• January 20th: Mac Virus: 2011 in review
• January 25th: Jailbreaking with Absinthe

AMTSO:

• January 9th: San Mateo meeting

Papers and articles (I don’t seem to have been listing these, but there are a lot due out in the next few weeks, so maybe I should):

ESET papers:

• Ten Ways to Dodge CyberBullets: Reloaded An updated version of the paper “Ten Ways to Dodge CyberBullets”, addressing the question “what are the top 10 things that people can do to protect themselves against malicious activity?”
• <!– Win32/Carberp: When You’re in a Black Hole, Stop Digging –>Win32/Carberp: When You’re in a Black Hole, Stop Digging by Aleksandr Matrosov, Eugene Rodionov, Dmitry Volkov and David Harley: This paper consolidates information published by ESET and Group-IB researchers on Russian malware that attacks Russian RBS (Remote Banking Systems) transactions: now updated to version 1.1 to include additional material.
• Contributions to Global Threat Report for December 2011

AMTSO: The Test of Time? in Network Security (Elsevier): subscribers only.

Forthcoming articles:

• Living the Meme: for Virus Bulletin
• When I’m x64: Bootkit Threat Evolution in 2011 (with Aleksandr Matrosov and Eugene Rodionov) Hakin9

 Media coverage: way too much to point to individual articles. Shout-outs to Kevin Townsend, Dan Raywood, Fred Donovan, Esther Shein, Ellyne Phneah, Fahmida Y. Rashid, and apologies to those I’ve forgotten.

14-15th December

Media mentions (all Infosecurity Magazine):

• Use of the Black Hole exploit kit and Java exploits is growing 
• Symantec discovers another 11 malicious Android apps 
• 2012 Threat Predictions: An Industry Roundup 

David Harley CITP FBCS CISSP
ESET Senior Research Fellow

13th December

Busy day, considering I wasn’t working for most of it…

ESET:

• Safety online with a bang: dodging (more) cyberbullets
• 2012 Predictions: East of Java

SC Magazine: Top of the potshots

Paper: Ten Ways to Dodge CyberBullets: Reloaded

Media:

• Kevin Townsend: The Biter Bit – the entertainment industry exposed as pirates
• Spamfighter: Websites Diverting End-users onto ‘Blackhole’ Increasing Within Russia: ESET 

2nd-12th December 2011

Another long gap, but I was in Bratislava for meetings for a good deal of that time.

So, my ESET posts:

• December 2nd: SQL Injection Attack Alert
• December 5th: Carberp + BlackHole = growing fraud incidents
• December 6th:
• Wi-Fi and fertility: warm but not so fuzzy
• Carberp white paper: now with added pictures
• December 8th: Carrier IQ detection: check your source before you install

Small Blue-Green World:

• 12th December: Malicious Android: why the Birds are Angry 

AVIEN:

• 2nd December: SQL Injection Attack Warning

Mac Virus:

• 12th December: Malicious Android: why the Birds are Angry (pointer)
• 7th December: PINs and Needles
• 6th December: Carrier IQ and the iPhone

ChainMailCheck:

• 6th December:
• Facebook Jawdrop
• Facebook and Selective Memory
• 5th December: Muriel* in the Men’s Room?

AMTSO:

• December 2nd: FAQs from Dennis Labs

Articles and papers:

• Hearing a PIN drop (article for Virus Bulletin, now publicly available by kind permission of VB)
• Win32/Carberp: When You’re in a Black Hole, Stop Digging (white paper with Aleksandr Matrosov, Eugene Rodionov, and Dmitry Volkov) 

Media Mentions:

• Kevin Townsend/Infosecurity Magazine: Combination of Blackhole and Carberp growing in Russia 
•  Ellyne Phneah/ZDNet Asia: In-demand black hat roles in thriving cybercrime world 
• BCS Institute: Online financial transactions targeted
• worldnewz.org: Researchers find spike in malware targetting online payment
• Infosecurity Magazine: Should infected computers be prevented from connecting to the internet?
• Kevin Townsend/The Times (!): no link, but the quote reads “An alternative or additional approach is to monitor the blogs of leading security researchers such as David Harley (ESET), Luis Corrons (PandaLabs), Rik Ferguson (Trend Micro) and Graham Cluley (Sophos), all of whom provide insight and commentary on the current threat environment…” 

David Harley CITP FBCS CISSP
Small Blue-Green World
ESET Senior Research Fellow