Education: CISSP (1996)
Highlights of your career? The Stephen Cobb Guide to PC and LAN Security (1992); The first anti-spam router (2001); Privacy for Business (2002)
Position and history at ESET? Joined ESET: 2011. Current title: Senior Security Researcher
What malware do you hate the most? State sponsored.
Favorite activities? Reading and writing, and some arithmetic.
What is your golden rule for cyberspace? Don’t put anything on the Internet you wouldn’t want your mother to see.
When did you get your first computer and what kind was it? 1982 KayPro II portable computer with dual floppy drives, weighing 26 lbs or 12 Kg.
Favorite computer game/activity? Reading Wikipedia.
Are hacking victims “hacking back”? That question was recently posed in headlines like this one from Bloomberg: FBI Investigating Whether Companies Are Engaged in Revenge Hacking. The Marketplace reporter, Ben Johnson, speculated that 2015 might be the year of “hacking back” when he asked me about revenge hacking.
The recent hacking of Sony Pictures offers valuable lessons in cybersecurity from which every company and consumer can learn.
The Target hack that was revealed one year ago today brought new levels of awareness to the problem of cybercrime. Today we review the case and its impact. To go straight to the lessons learned, click here. The Big One: Target “Nationwide retail giant Target is investigating a data breach potentially involving millions of customer
Privacy and security online are hot button topics in America today, as a new survey by the Pew Research Center confirms, mirroring similar results from two different privacy and security surveys conducted by ESET.
National Cyber Security Awareness Month happens every October and NCSAM 2014 has seen more events and resources than ever. This recorded webinar discusses the top topics of NCSAM 2014, from the shortage of skilled cybersecurity workers to the Internet of Things (IoT).
Malware or malicious computer code has been around in some form or other for over 40 years, but the use of malware to take control of a group of computers that are then organized into something called a botnet is more a twenty-first century phenomenon.
October is National Cyber Security Awareness Month in America and each year this program brings more and more attention to issues that should be of concern to anyone who uses a computer, plus a low of how-to information, security resources, and awareness-raising events.
Apple Mac OS X users concerned about the Bash vulnerability dubbed Shellshock got some relief late yesterday as Apple published fixes for various versions of OS X. But if you use Mavericks you will need to install 10.9.5 before the Bash fix will work.
The “Bash Bug” or “Shellshock” vulnerability means a wide range of devices, servers and computers, including Mac OS X, will need to be patched to prevent abuse by malicious persons. Here’s advice about what to do and links to more in-depth resources.
Home Depot says it was hacked to the tune of 56 million payment cards. What is behind the current wave of cybercrime? This recorded presentation offers answers and some defensive strategies for organizations at risk.
Planning your 2015 budget? Forecasting 2015 sales? Don’t forget a plan to survive “adverse events” from hurricanes to viruses, virtual and medical. This recorded webinar will help you get started with business continuity management or BCM.
Some five million people who used their Gmail address as a user name had their passwords published by someone who apparently thinks that’s a cool thing to do. Changing you Gmail password now is a good idea.
The blame game rages on in the wake of Celebgate and massive payment card hacks like Home Depot and Target, as though criminals were not the only people responsible for nude photo leaks and data theft.
The privacy and security of medical records is a matter of concern to many Americans now that most are now stored electronically, but is there cause for concern? And who is most concerned?
The risks of using government use of malicious code in cyber conflict are examined in this paper by Andrew Lee and Stephen Cobb: Malware is called malicious for a reason: the risks of weaponizing code.
Internet surveillance by America’s National Security Agency (NSA) has been further exposed by two new developments: the analysis of leaked NSA surveillance reports and the XKeyscore targeting code. Will these stories increase the number of Internet users who say they are inclined to reduce their online engagement due to the activities of the NSA and GCHQ.
With EPIC filing an FTC privacy complaint against Facebook, which is already the subject of a Consent Order due to a previous privacy settlement, the social network could be facing a hefty fine for emotion-based manipulation of the Newsfeed for research purposes.
The top three teams from the fifth annual Mayors’ Cyber Cup will attend Cyber Boot Camp at the headquarters of ESET North America for five days of hands-on security training and lectures from IT experts, law enforcement, and career advisors.
Encryption is essential to cyber security today, with encryption of personally identifiable information (PII) being a top priority for organizations large and small, to protect customers and avoid fines and penalties after data breaches.
On the one year anniversary of Edward Snowden’s public revelations of mass surveillance conducted by the U.S. National Security Agency we look back on the impact, even as we face the prospect of more revelations to come.
Sign up to our newsletter
The latest security news direct to your inbox
Add this code to your site