[This is an article – slightly edited – that was originally posted on the now defunct itsecurity.co.uk. I was reminded, a blog page to which a number of security researchers contributed articles independently of any commercial organizations for whom they might work. I was reminded of it by a repost ... Read More

Caveat: while I spent over 30 years in IT security, and though I often wrote about Facebook’s failings in that area over that time, I don’t have intimate knowledge of its inner workings, or foreknowledge of changes in its policies and interface. So, while I hope the following notes will ... Read More

While I’m not currently maintaining this site, I should flag the pretty good MacOS Malware Pedia implemented by Checkpoint. Hat tip to Virus Bulletin, who drew my attention to that page in their March 11th newsletter. Added to the Malware Descriptions page. David Harley Advertisements ... Read More

For the present, I’m not working in the security industry, so I shan’t be maintaining this blog, though I’ll keep it intact for the present in case people still find some use for what’s here. I don’t plan to look for another security job at present, but never say never: ... Read More

Bleeping Computer: WebKit Vulnerability Affects Latest Versions of Apple Safari “A researcher published exploit code for a vulnerability in WebKit, the web browser engine that powers Apple’s Safari, along with other apps on macOS, iOS, and Linux.” David Harley Advertisements ... Read More

Apologies for the continuing silence from this page, due to bereavement and personal illness. I still don’t have much time to give to this project at the moment, but here are a few ‘catch-ups’. A big dollop of Apple updates across practically everything, summarized here by The Register: It’s December ... Read More

The more you know about phishing, the likelier you are to fall for it? Really? ... Read More

Some recent reports of interest to Apple and Android customers ... Read More

I’ve often taken issue with Cylance (and other so-called next-generation vendors) over its misleading claims about mainstream detection techniques. However, the company has published some discussion among its own researchers regarding Bloomberg’s claims about supply-chain security issues relating to Apple and other big US companies, and several good points are ... Read More

Apple privacy concerns: iOS update discourages policeware, but Google's money still pours in, it seems ... Read More