AVIEN and AVI-EWS NEWS - Network of Anti-Virus Professionals Reaches New High

Some of the people in the Anti-Virus Information Exchange Network

Name	Published works, etc.
Ron Baklarz Chief Information Security Officer (CISO) American Red Cross CISSP, GSEC	Ron Baklarz has approximately twenty years experience in Information Security spanning military, government, and private sectors. Previously, he developed information security programs for the Naval Nuclear Program and led the team that established the first information systems security program for the U.S. House of Representatives. In 1997, his security program at the House of Representatives was ranked by InfoWorld magazine as 19th of the top 100 innovative computing projects in American business. He has also led incident response and monitoring teams for a variety of industries, including insurance and Big Five consulting firms. Ron is also an Adjunct Professor for the University of Virginia’s Certification Program in Information Security Management. Mr. Baklarz is a frequent speaker and author on information warfare and security management topics. His books and articles include “The Art of Information Warfare: Insight Into the Knowledge Warrior Philosophy” and the essay "The Enemy Within - Y2K Issues Below the Application Level" in the IS Audit & Control Journal, Volume III, 1998. He has also appeared on BBC radio, InfoWorld webinars, CFO Magazine, CSO Magazine and other media interviews. Mr. Baklarz's professional affiliations include the International Information Systems Security Certification Consortium (ISC2), Information System Audit and Control Association (ISACA), Information Systems Security Association (ISSA), Anti-Virus Information Exchange Network (AVIEN), FBI InfraGARD Program, and NSA’s Information Assurance Technical Framework Forum. Mr. Baklarz holds an MS degree in Information Science and a Certificate of Advanced Study in Telecommunications, both from the University of Pittsburgh. Most recently, he holds professional certifications as a Certified Information Systems Security Professional (CISSP), GSEC (SANS GIAC Security Essentials) and computer forensics specialist.
David Harley <macvirus@dircon.co.uk>	Harley DA "MS-DO's and don'ts" Open File, 1989 Harley DA "Benchmarking between BASICs" Open File, 1990 Harley DA "PILOT - the language that time forgot" Open File, 1990 Harley DA "System utilities in C and Pascal" 1991 Harley DA "DOS version 5 - Review" Open File, 1991 Harley DA "QBASIC - Review" Open File, 1991 Harley DA "Microsoft Works - Review" Open File, 1991 Harley DA. "Katie's First Byte at the Cherry" OUMS Journal 1990 Harley DA. "Buying and Installing a Hard Disk" PC Independent Issue 13, 1989 Harley DA." MS-DOS a la carte" PC Independent Issue 13, 1989 Harley DA. "Batchfile introversion" PC Independent Issue 16, 1989 Harley DA. "Back to BASICs" PC Independent Issue 17, 1989-90 Harley DA. "Backing Up is Breaking My Heart" PC Independent Issue 17,1989-90 Harley DA. "Stranger in Uniform" PC Independent Issue 17, 1989-90 Harley DA. "Turbo, Trig and Tab" PC Independent Issue 23, 1990-91 Harley DA. "Unix - another view" PC Independent Issue 24, 1990 Harley DA. "The Expanding Omniverse" The Complete Guide to PC Shareware April 1990 Harley DA. "The PC Virus: Protect Your Computer" IP Networking Vol. 3 No. 1.1992 Harley DA. "Dealing with Internet hoaxes" EICAR News Vol. 3 No. 2 (1997) SANS Institute. "Windows NT Security: Step by step" [Contributor] (1998) Harley DA. "Policy, Education, Security and Computer Viruses" Security Magazine Vol. 1, No. 1. (1999) Harley DA "Macs and Macros - the State of the Macintosh Nation" Virus Bulletin Conference 2000. http://www.sherpasoft.org.uk/MacSupporters/macvir.rtf Harley DA. "Refloating the Titanic - Dealing with Social Engineering Attacks" . EICAR 1998 "Web-Safety" Conference, Munich. http://www.sherpasoft.org.uk/social.engineering/eicar98.rtf Harley DA."Managing Malware: mapping technology to function" In: Gattiker UE, Pedersen P, Petersen K (ed.) EICAR 1999 Conference Best Paper Proceedings. Annual Meeting of EICAR, Aalborg, Denmark, 1999. ISBN 8798727109. Aalborg: EICAR, 1999, 36pp n http://www.sherpasoft.org.uk/papers/eicar99.rtf Harley DA. The E-mail of the Species:Worms, Chain-Letters, Spam and other Abuses. Virus Bulletin Conference, 2000. http://www.sherpasoft.org.uk/hoaxfaq/email.rtf http://www.sherpasoft.org.uk/hoaxfaq/email.pdf Harley DA. Nine Tenths of the Iceberg. Virus Bulletin, 1999; October. ISSN 0956-9979. 12-13 Harley DA Malice aforethought. BackOffice Magazine, 1999. Vol. 3, Issue 11 38-41. Harley DA. Childhood's End - Demythologising Anti-Virus. Virus Bulletin, 2000, April. Harley DA. Bookworms - and viruses. Virus Bulletin, 2000, July. Harley DA. Sysadmins are doing it for themselves. Virus Bulletin, 2001, September. Books Anonymous. Maximum Security 3rd Edition (SAMS). Chapters on Viruses and Trojan Horses. Published May 2001. Harley DA, Slade RM, Gattiker U.E. Viruses Revealed - Understand and Counter Malicious Software. Osborne/McGraw-Hill. Published September 2001. Computer Security Handbook 4th Edition (Ed. Kabay, Bosworth). Chapter with Paul Brusil on Medical Records Security (Wiley) [For publication at the beginning of 2002] Internet Publications Martin R. et al. Frequently Asked Questions on Macro Viruses: contributor.1996 http://www.sherpasoft.org.uk/anti-virus/wordvirus.FAQ Harley DA et al. "Frequently Asked Questions for alt.comp.virus": 1995-present. http://www.sherpasoft.org.uk/acvFAQ/ Harley DA et al "alt.comp.virus Mini-FAQ" http://www.sherpasoft.org.uk/acvFAQ/acvmini.FAQ Harley DA, Lesch L et alia. "Viruses and the Macintosh" Vs. 1. 1996-1999. http://www.macvirus.com/ http://www.icsa.net. Harley DA. "Guide to Anti-Virus FAQs". http://www.sherpasoft.org.uk/anti-virus/virFAQs Harley DA. Social Engineering FAQ. http://www.sherpasoft.org.uk/social.engineering/socFAQ.pdf Harley DA "Dealing with Internet Hoaxes/Alerts" http://www.sherpasoft.org.uk/anti-virus/hoaxes.txt Overton M. et al. "The Hoax FAQ": contributor. 1997-present. http://www.chekware.com/hoax/ SANS "Network Security Digest": contributing editor. 1997-1999. http://www.sans.org/ Harley DA. Man, Myth, Memetics and Malware - why aren't we winning? 1999 http://www.eicar.dk Harley DA. E-Mail Abuse, Internet Chain Letters, Hoaxes and Spam. http://www.eicar.org/download/hoax.htm Harley DA 1999 "E-Mail Abuse: Internet Chain Letters, Hoaxes, and Spam": 1999-2001 http://www.sherpasoft.org.uk/hoaxfaq/Mis-IT.html http://www.eicar.dk Harley DA. "Viruses and the Macintosh" FAQ vs. 2, 2000-2001. http://www.sherpasoft.org.uk/MacWildList/macvir.html http://www.sherpasoft.org.uk/MacSupporters/macvir.html Harley DA. "Code Red FAQ" 2001 http://www.sherpasoft.org.uk/viruses-revealed/CodeRedFAQ.pdf Presentations without papers Network Security 97 (New Orleans, October): "Useful Techniques for Combating Social Engineers" "Patrolling the Perimeter - Virus Scanners and Firewalls" "Virus Management and the Network" Apple UK/Mac Supporters Meeting 1998 (Apple UK, Uxbridge, UK) "Viruses on the Macintosh platform." Deloitte Touche, London. April 2000. "Social Engineering - what you believe matters more than what is true."
Martin Overton <martin@arachnophiliac.com> <overtonm@uk.ibm.com> Security Delivery Specialist (Anti-malware/Malware Subject Matter Expert) IBM Global Services	Martin was born in a British Military Hospital in Iserlohn, West Germany in 1964. Spent the first ten years of his life being dragged round the world and getting schooling in increasingly exotic far flung places. In 1988 he joined one of the UK's largest insurance companies and has completed a number of different assignments and until recently managed the e-commerce security team, which involved securing and testing the e-commerce systems for the company. This included ethical hacking, penetration testing, viruses, anti-virus and hoaxes. Martin now works for IBM as the Anti-Malware/Malware SME for IBM throughout EMEA. This also involves beta testing (even more) products, incident management and security investigations, as well as the more usual malware related work and research. His interest and involvement in viruses/anti-virus/security started in 1989. His work in this area included the virus protection/strategy for Royal & SunAlliance�s 43,000 staff for which he proposed a multi-layered and multi-level strategy for combating viruses. He also setup and maintained R&SA�s Intranet virus/hoax site and was the recognised expert for the UK, Europe, Middle East and Africa for R&SA. In March of 2002 he joined IBM. He has frequently tested/beta-tested products for many of the largest and most-respected security/anti-virus companies. He also created his own set of anti-malware utilities known as ChekMate and ChekOf, which are now no longer available due to his change of employer. ChekWare.com was the home of those products and also the '"Electronic Ephemera" FAQ and Reference Site' which covered more than just virus related hoaxes. A speaker at the 96, 97, 99, 2001,2002 and the upcoming 2003 Virus Bulletin International Conferences and CompSec '99, he has also given presentations for the CIB (Chartered Institute of Banking), ISACA, amongst others. Over the last two years he has also become a contributor to the Virus Bulletin periodical. Recently he also became a WildList Reporter and was instrumental in setting up the UK ISS (Internet Security Systems) Independent User Group. His hobbies, when time allows, include reading (mainly science fiction and science/technology books), keeping a number of bugs (tarantulas, scorpions, and giant African land snails; and is a member of both the British and American Tarantula Societies with three articles published in the BTS societies' journal). If this doesn't mark him as being weird enough, he also likes snakes (owning a Californian Kingsnake). Finally, he also maintains The Tarantula's Burrow website that is dedicated to arachnids and snakes, helping others to better understand them. Oh yes, and he does some computer programming. Occasionally his wife and son get to see him! Conferences (speaker at): Virus Bulletin International Conference 1996,1997,1999, 2001, 2002 and 2003 Compsec International Conference 1999 Other Presentations: ISACA Group 5 Training CIB (Chartered Institute of Banking) Internal 'Live-Virus' Training Course for Support Staff. (run about 20 times, to groups of 5-10 technical support staff). Publications: Anti-Virus in the Corporate Arena. Proceedings of the 6th International Virus Bulletin Conference 1996 pp 1-15 FAT32 - A Problem for Viruses or Anti-Virus? Proceedings of the 7th International Virus Bulletin Conference 1997 pp 135-158 Lotus Notes - Have Virus Writers Finally Met Their Match? Proceedings of the 9th International Virus Bulletin Conference 1999 pp 149-174 Implementing Anti-Virus [Malware] Controls in the Corporate Arena. Proceedings of the 16th Compsec International Conference, 1999 pp 575-586 Lotus Notes - Part 1, Virus Bulletin January 2000 pp 20 - 21 Lotus Notes - Part 2, Virus Bulletin February 2000 pp 12 -13 Safe Hex in the 21st Century - Part 1, Virus Bulletin June 2000 pp 16 -17 Safe Hex in the 21st Century - Part 2, Virus Bulletin July 2000 pp 14 -15 Hoaxes and Other Electronic Ephemera. Proceedings of the 11th International Virus Bulletin Conference 2001 pp 211-234 You are the Weakest Link, Goodbye! � Malware Social Engineering Comes of Age, Virus Bulletin, March 2002 pp 14-17 When Worlds Collide: Head Banging in IT Security - Proceedings of the (upcoming) 12th International Virus Bulletin Conference 2002. Are You Being [Opa]Served?, Virus Bulletin January 2003 pp 10 -13 Out of Africa…, Virus Bulletin May 2003 pp 15 – 17 Worm Charming: Taking SMB Lure to the Next Level - Proceedings of the upcoming13th International Virus Bulletin Conference 2003 pp ?? - ??. Joint Publications (internet): Martin R. et al. Frequently Asked Questions on Macro Viruses: contributor.1996 http://www.sherpasoft.org.uk/anti-virus/wordvirus.FAQ Harley DA et al. "Frequently Asked Questions for alt.comp.virus": contributor. 1995-present. http://www.sherpasoft.org.uk/acvFAQ/ Overton M. et al. "The Hoax FAQ": 1997-present. http://arachnophiliac.com/hoax/ Products (no longer offered/maintained due to change of employer): ChekMate - The 'Generic' Anti-Virus utility (was FREEWARE). ChekOf (another security utility- was FREEWARE). RemSirCam (tool to remove the W32/Sircam Trojan/Worm from infected files � was FREEWARE). ChekQuote (random quote utility for Windows � was FREEWARE). A large number of personal tools.
Paul Schmehl (pauls@utdallas.edu) Department Coordinator The University of Texas at Dallas	Evaluating Anti-Virus Software for Home Use - http://online.securityfocus.com/infocus/1179 Evaluating Anti-Virus Protection for Small Businesses - http://online.securityfocus.com/infocus/11266 Product reviews for Claymania.com - PC-cillin, Tiny Personal Firewall, ConSeal Firewall (McAfee Personal Firewall) "Holistic" Enterprise Anti-Virus Protection - http://online.securityfocus.com/infocus/1538 Past its Prime: Is Anti-Virus Scanning Obsolete? - http://online.securityfocus.com/infocus/1562 Life After AV: If Anti-Virus is Obsolete, What Comes Next? - http://online.securityfocus.com/infocus/1604 The Microsoft UPnP (Universal Plug and Play) Vulnerability - http://online.securityfocus.com/infocus/1548 Presentations: Barbarians at the Gateways: Defeating Viruses in EDU - SIGUCCS '01, EDUTEX '02 Projects: Y2K implementation coordinator for UTD Novell to NT desktop conversion coordinator for UTD Scripted automation of antivirus installs, updates and configuration http://www.utdallas.edu/~pauls/scripts.html Scripted notification of bounced email messages http://www.utdallas.edu/ir/tcs/techsupp/blocks.html

Home AVIEN News Contacts Links