White papers I’ve written or co-written for ESET since 2006.
Origin of the Specious: the Evolution of Misinformation
The Web 2.0 incarnation of the Misinformation Superhighway. Did you really think that hoaxing had died out? (Actually originally written for Elsevier, but I got tired of waiting for it to come out after a year or two…) By David Harley, February 2013
Online Shopping and a Phishing Pheeding Phrenzy
Phishing scams old and new, and recognizing the baited hook before you bite off more than you can chew. By David Harley and Urban Schrott, October 2012.
Ten Ways to Dodge CyberBullets: Reloaded
An updated version of the paper “Ten Ways to Dodge CyberBullets” asking “what are the top 10 things that people can do to protect themselves against malicious activity?” By David Harley, December 2011 .
Win32/Carberp: When You’re in a Black Hole, Stop Digging
ESET and Group-IB researchers on Russian malware that attacks Russian Remote Banking Systems transactions. By Aleksandr Matrosov, Eugene Rodionov, Dmitry Volkov and David Harley, December 2011.
Hanging on the Telephone
After fake AV came unsolicited phone-calls from fake AV helpdesks. By David Harley, Urban Schrott and Jan Zeleznak, February 2011.
Stuxnet Under the Microscope
Version 1.31 of a comprehensive analysis of the Stuxnet phenomenon. By Alexandr Matrosov, Eugene Rodionov, David Harley and Juraj Malcho, January 2011.
Choosing Your Password
Avoiding easily guessable passwords. By David Harley, April 2010.
Ten Ways to Dodge CyberBullets
In 2010 we revisited some of the ideas that our Research team at ESET North America came up with at the end of 2008 for a “top 10 things that people can do to protect themselves against malicious activity.” By David Harley, February 2010 .
The Internet Book of the Dead
A mock interview with Dan Damon, of BBC radio, discussing the complications of a digital world when someone passes away. By David Harley, January 2010 .
Staying Safe on the Internet
On the Information Superhighway, the traffic signals are always at amber. Suggestions for reducing the risk from collisions and carjacks. By David Harley, September 2009.
Keeping Secrets: Good Password Practice
Everyone knows that passwords are important, but what is a good password and how do you keep it safe? By David Harley and Randy Abrams, August 2009.
Social Security Numbers: Identification is Not Authentication
The implications when Americans are expected to share their SSNs inappropriately. By David Harley, August 2009
The Passing Storm This paper places the Storm botnet in the context of botnets in general, examining its technical, social, and security implications. By Pierre-Marc Bureau, David Harley, Andrew Lee, and Cristian Borghello, February 2009.
(A) Pretty_Kettle_of_Phish is a paper from late 2008 by myself and Andrew Lee. For some reason it’s fallen off ESET’s sites, so I might take the opportunity to update it.
Common Hoaxes and Chain Letters
Some of the commonly-found lies and half-truths that continue to circulate on the Internet, and ways of identifying them. By David Harley, May 2008.
Net of the Living Dead: Bots, Botnets and Zombies
Origins and history of the botnet phenomenon and what you need to do about it. By David Harley and Andrew Lee, February 2008.
The Spam-ish Inquisition
Spam, scams and related nuisances, and how to deal with them. By David Harley and Andrew Lee, November 2007.
Heuristic Analysis – Detecting Unknown Viruses
The differences between traditional threat-specific detection and proactive detection by generic detection and behaviour analysis. By David Harley and Andrew Lee, March 2007.
The root of all evil? – Rootkits revealed
The rootkit problem, a serious but manageable threat. By David Harley and Andrew Lee, September 2006.
David Harley CITP FBCS CISSP
Small Blue-Green World
ESET Senior Research Fellow