Author
Stephen Cobb
Stephen Cobb
Senior Security Researcher

Education: CISSP (1996)

Highlights of your career? The Stephen Cobb Guide to PC and LAN Security (1992); The first anti-spam router (2001); Privacy for Business (2002)

Position and history at ESET? Joined ESET: 2011. Current title: Senior Security Researcher

What malware do you hate the most? Reveton.

Favorite activities? Reading and writing, and some arithmetic.

What is your golden rule for cyberspace? Don’t put anything on the Internet you wouldn’t want your mother to see.

When did you get your first computer and what kind was it? 1982 KayPro II portable computer with dual floppy drives, weighing 26 lbs or 12 Kg.

Favorite computer game/activity? Reading Wikipedia.

More Info

Are your USB flash drives an infectious malware delivery system?

USB flash drives continue to present a serious challenge to information security, for consumers and companies alike. You will be aware of this if you read our recent article on the Win32/Pronny worm, just one example of a piece of malicious software that is “in the wild” and actively seeking to spread via USB flash

My Little Pronny: Autorun worms continue to turn

Malware activity exploiting Autorun on Windows computers has been generating quite a few calls to ESET support lines lately, reminding us that old infection techniques seldom die and USB flash drives can still be an effective means of getting malicious code onto a computer. USB drives can be used to infect computers that automatically execute

Password handling: challenges, costs, and current behavior (now with infographic)

Online passwords are a pain, and not just when you have to type them to access your online bank account or shop at your favorite digital emporium. Password pain extends to the people who have to manage them. A few weeks ago we shared some initial findings from a recent poll of 2,129 U.S. adults

Free cyber security resources to keep on your radar

Protecting your organization against cyber criminals and digital scammers is not easy, and it's certainly not cheap. A vital part of building and maintaining effective defenses is access to security knowledge and expertise, which may not even be a budget item if your organization happens to be an SMB, local government agency, or non-profit. One

Safer cyber-shopping makes for happier holidays: 12 simple safety tips

The 2012 holiday shopping season is fast approaching and digital devices are sure to play a bigger role in the holiday shopping process than ever before, from pre-purchase research on the home or office computer, to in-store price checking on the smartphone. And of course, online holiday shopping is available 7×24, from before Black Friday,

Digital photos demand a second look as picture-stealing threat develops

How many image files do you have on your computer? Would you be happy to send them all to a stranger? How about the photos on your smartphone? These are some of the questions I pondered this past weekend in light of several seemingly unrelated events from the previous week. (As a random data point,

Brutalized! South Carolina breach exposes data security woes at State level

Brutalize? Yes, that’s what the Governor of South Carolina wants to do to the person who breached security at the South Carolina Department of Revenue (SCDOR) and exposed Social Security Numbers and other information pertaining to 3.6 million people, as well as 387,000 credit and debit card records. Speaking to the press on Friday, Gov.

Younger people less secure online than their elders new study suggests

Are younger people less aware of online security risks, or do they simply prefer to take more risks with their personal information? That’s one of the questions raised by the findings of our recent poll of 2,129 U.S. adults (aged 18 and over) by Harris Interactive.

How’s your cyber security awareness? Or, do we really need security training?

As you may know, October is National Cyber Security Awareness Month in America, which is a good time to ask yourself how aware you are when it comes to threats to your digital devices and personal information.

Study finds 90 percent have no recent cybersecurity training

A new study finds that only 1 in 10 consumers have had any classes or training about protecting their computer and/or their personal information during the last 12 months. Indeed, a shocking 68 percent say they have never had any such training, ever. These and other findings, first revealed by ESET at the Virus Bulletin

Huawei? The how, what, and why of telecom supply chain threats

You spell it Huawei and say it wah-way and it’s all over the news. But what does it mean for the security of your data when, as the Wall Street Journal put it, “A U.S. Congressional report has labeled Chinese telecommunications company Huawei Technologies a national security threat”? As we will see, the implications for

FTC cracks down on tech support scams and feds nail fake AV perps

The federal government took much needed action today against sleazy PC tech support scammers and fake AV peddlers. Actions include lawsuits, a judgment of $163 million, and freezing of multiple assets. PC tech support scammers will be familiar to regular readers of this blog because David Harley and others have charted the progress of this

Confusion Abounds in Apple-FBI-AntiSec-iOS-UDID-PII Breach

If I sound confused it’s because I just saw my wife’s iPhone and iPad in a very strange place: a million line spreadsheet of iOS device data that includes the unique identifiers of her devices and the names she had given them, published by a group of hackers who call themselves AntiSec. This group claims

Java zero day = time to disable Java, in your browser at least

Now is the time to disable Java in your web browser, or even remove it from your system if that is practical. Why? The bad guys are hard at work trying to exploit a zero day vulnerability in the latest version of Java (version 1.7, Update 6.). This vulnerability is the subject of a US-CERT

FBI Ransomware: Reveton seeks MoneyPak payment in the name of the law

A crime wave of malware that demands money from victims to avoid prosecution by the FBI has been alarming web surfers across America. Victims suddenly find their computer frozen, and an official-looking  page, like the one shown below, is displayed in their web browser. The FBI and the Internet Crime Complaint Center (IC3) have received

Authentication attacks: Apple, Amazon, iCloud, Google, anything with a password

Sharing details of the hack that “wiped his life” has earned Mat Honan a place in the annals of information system security; the specific inter-dependence of flawed authentication systems that cost him so dearly–encompassing Apple, iCloud, Amazon.com, Gmail and more–would probably still exist if Mat had not gone public. Wired has the full story here

Password Party Weekend? Millions exposed now include Phandroid, Nvidia, me

Changing the passwords on your online accounts might not sound like a fun weekend activity, but that’s what I did last weekend. Why? Because on Sunday I found out that one of my email addresses was in the list of Yahoo! logins whose passwords were exposed by sloppy handling of a credential file (an incident

Instagram vulnerability can allow strangers access to your photos and more

Are you one of the 50 million users of Instagram, the photo-sharing service bought by Facebook in April for $1 billion? If so you need to look out for an Instagram update to fix a vulnerability that has just been published by Spanish security researcher Sebastián Guerrero. This vulnerability, which Guerrero has dubbed the "Friendship

Cybercrime and the small business: Basic defensive measures

Evidence that criminals are targeting the computer systems of small businesses continues to mount. The Wall Street Journal recently drew attention to the way cybercriminals are sniffing out vulnerable firms. The article highlighted the fact that about 72% of the 855 data breaches world-wide last year that were analyzed in Verizon's Data Breach Investigation Report

Back to school scams? They may be just around the corner

Just as I was putting the finishing touches on a blog post about the need to keep your data and devices safe on summer travels, I got an email from Apple letting me know that now was a great time to buy a Mac for college. I don't plan to go back to college at

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.