Author
Stephen Cobb
Stephen Cobb
Senior Security Researcher

Education: CISSP (1996)

Highlights of your career? The Stephen Cobb Guide to PC and LAN Security (1992); The first anti-spam router (2001); Privacy for Business (2002)

Position and history at ESET? Joined ESET: 2011. Current title: Senior Security Researcher

What malware do you hate the most? Reveton.

Favorite activities? Reading and writing, and some arithmetic.

What is your golden rule for cyberspace? Don’t put anything on the Internet you wouldn’t want your mother to see.

When did you get your first computer and what kind was it? 1982 KayPro II portable computer with dual floppy drives, weighing 26 lbs or 12 Kg.

Favorite computer game/activity? Reading Wikipedia.

More Info

Why your small business needs an information security policy and a WISP

Information security policy can make a big difference for small business. Here we offer advice, resources, and a free recorded webinar on the subject to help your small firm beat the bad guys, and the competition.

When malware goes bad: an historical sampler

A look back at malware failures, malicious code that did not work out as well as the folks behind it had hoped. Can malware spread to quickly for its own good? Can malware authors ever test their wares well enough to work perfectly?

Do consumers pass the buck on online safety? New survey reveals mixed messages

Who is responsible for privacy and online safety on social networks? ESET asked Harris Interactive to poll American adults and found some interesting responses, positive advances in cyber-citizenship, but also some apparent disconnects.

NSA and Wall Street: online activity shrinks, changes post-Snowden

News of the NSA’s mass electronic surveillance is having a negative impact on consumer sentiment toward online technology and tech companies, according to recent survey that suggests it could hurt GDP and corporate profits.

Survey says 77% of Americans reject NSA mass electronic surveillance, of Americans

In light of the Snowden/NSA revelations of mass surveillance, 77% of American adults say it is not okay for the government secretly to monitor all of their communications. And some of us are changing how we use the Internet as a result.

The Preliminary NIST Cybersecurity Framework published and Workshop #5 scheduled

The newly published Preliminary Cybersecurity Framework from NIST, part of the federal effort to help critical infrastructure owners and operators reduce cybersecurity risks, is now available for review, with some interesting new language and a final workshop scheduled for November.

Is cybersecurity by fiat dead on arrival?

Are legislation and regulation a viable means of making people and organizations do better at securing data systems and devices? I’m not talking about FIAT the car maker, but fiat: “an official order given by someone who has power.” How’s that working in light of NIST CSF and HIPAA?

HIPAA 9/23 compliance deadline looms as breaches continue

This is a quick reminder that the September 23 deadline for compliance with the new HIPAA regulations is rapidly approaching. Organizations that handle protected health information (PHI) need to be sure they are up to speed on the changes and ready to withstand scrutiny. In general, you will need new NPPs and BAAs (Notices of

Encryption advice for companies in the wake of Snowden NSA revelations

What are the immediate practical implications of the Snowden-prompted revelation that the NSA has broken or circumvented a lot of commercially available encryption? For a start, you should not stop using encryption, but you may want to review how you use it moving forward, Stephen Cobb explains.

Healthcare IT security: infographic stats point to big privacy holes

An infographic of recent healthcare IT security statistics paints a striking picture of much security work yet to be done, even as new medical privacy regulations go into effect.

September 23, 2013: HIPAA health data security compliance deadline looms

Is your company ready for September 23, 2013, the deadline for compliance with HIPAA 2.0? The revised omnibus privacy and security regulations incorporating HITECH expose a lot more companies to possible fines.

NIST cybersecurity framework rolls on amid murmurs of regulation

What needs to happen before the President of the United States can stand before the American people and assure them that a comprehensive and good faith effort has been made to stop cyber attacks disrupting the delivery of essential goods and services? The NIST workshops are seeking answers to that question.

A cybersecurity framework to protect digital critical infrastructure

In the ongoing effort to protect cyber aspects of America’s critical infrastructure, the third NIST Cybersecurity Framework workshop is being hosted July 10-12, 2013 by the University of California, San Diego, and the National Health Information Sharing and Analysis Center.

Tips for securing your household’s multiple digital devices

Summer is here and school is out, what better time to take a look at improving the cyber protection on all of your household’s many digital devices?

Healthcare IT: seeking better outcomes through smarter security

Security of data in healthcare IT systems is critical to patient care and patient trust, yet on average data on 17,000 patients is exposed every day in America due to security breaches. Why is this and what does it portend for initiatives like telemedicine?

Cyber security road map for businesses

Basic advice on cyber security survival for businesses is presented as a 6-step roadmap, along with links to free resources that can be useful in your efforts to defend your business.

Linux Apache malware: Why it matters to you and your business

This comprehensive look at the problems of malware on Linux Apache web servers explains the threats to business and helps you figure out if your organization is likely to be affected.

The stealthiness of Linux/Cdorked: a clarification

We clarify that the Linux/Cdorked backdoor malware leaves no traces on the hard drive “other than its modified httpd binary” which can be scanned for detection in several ways.

Beware scammers preying on Boston Marathon tragedy

In the wake of the cowardly and despicable bombings in Boston today, people who want to help need to be wary of appeals for money for victims or schemes like retweeting and “Likes” on Facebook.

Schneier, Winkler and the Great Security Awareness Training Debate

The value of educating people about cyber security is hotly debated these days, with opposing views on security awareness training coming from Bruce Schneier and Ira Winkler. Stephen Cobb weighs in.

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.