Author
Stephen Cobb
Stephen Cobb
Senior Security Researcher

Education: CISSP (1996)

Highlights of your career? The Stephen Cobb Guide to PC and LAN Security (1992); The first anti-spam router (2001); Privacy for Business (2002)

Position and history at ESET? Joined ESET: 2011. Current title: Senior Security Researcher

What malware do you hate the most? Reveton.

Favorite activities? Reading and writing, and some arithmetic.

What is your golden rule for cyberspace? Don’t put anything on the Internet you wouldn’t want your mother to see.

When did you get your first computer and what kind was it? 1982 KayPro II portable computer with dual floppy drives, weighing 26 lbs or 12 Kg.

Favorite computer game/activity? Reading Wikipedia.

More Info

Information Security Disconnect: RSA, USB, AV, and reality

The world's largest information security event, the annual RSA Conference, is over for another year. Most of the more than 18,000 people who attended the 2012 gathering are probably back home now, getting ready to go into the office. What will be top of mind for them, apart from "How did I manage to survive

Security awareness, security breaches, and the abuse of "stupid"

Computer security is not created, nor is it improved, by calling people stupid. That's the conclusion I have arrived at after more than two decades in computer security and auditing. To put it another way, we should stop dropping the "S" bomb, especially when it comes to people who don't know any better. Consider the

Cookie-stuffing click-jackers rip off Victoria's Secret Valentine's giftcard seekers

Thinking of going online to get a Victoria's Secret giftcard for your Valentine? Be careful where you look! Some Google search results are rigged, especially image results. And some innocent-looking links are part of fraudulent activities such as cookie-stuffing and click-jacking. Below is a short video that shows what happens when you click on one

Endpoint Security Webinar: Protecting your network at the sharp end

I have a theory that says improving information system security–the security of our operating systems, network connections, and applications–just means the bad guys will focus more attention on our endpoints, the digital devices we use to access the information and systems we need to do our work. Furthermore, as we improve endpoint security technology, the

Valentine's Day Scams: For the love of money

Scam artists and cybercriminals are looking to turn romance into profit now that Valentine's Day approaches, possibly taking over your computer in the process. According to ESET researchers in Latin America, we can expect the quest for love to be leveraged as an effective social engineering ploy to enable the bad guys to infect unsuspecting

How to improve Facebook account protection with Login Approvals

Privacy and security issues have generated a lot of criticism of Facebook in the past, some of which has been published here on the ESET Threat Blog. So it is only fair that we give Facebook credit for positive steps it has taken on the security front. One security measure that has impressed me recently

Tricky Twitter DM hack seeks your credentials, malware infection, and more

When a direct message pops up on Twitter stating that other people are saying bad things about you, please think twice before clicking on any links in that message. Why? Because the links are likely to take you to malicious websites that are out to steal your Twitter password. They may also try to infect

Facebook’s timeline to fraud-a-geddon?

If you use Facebook you’ve probably heard of Timeline, a “new” feature that replaces the “traditional” profile page. However, you may be confused by Timeline–I know I am–and confusion could make you the target of a growing number of Timeline-related scams. As of January 3rd, the watchful folks at Inside Facebook were reporting 16 Timeline-related

Latest round of hacktivism highlights questions at the heart of hacking

Hacktivism, the hacking of information systems to advance a social or political agenda, was clearly a major trend in 2011, which is why hactivism was noted several times in our cyberthreat predictions for 2012 (in other words, we think you're going to see more of it). That prediction was underlined by the news on Christmas

2012 Malware and Cybercrime Predictions: The video version

Exactly how people will abuse digital technology for their own ends is difficult to predict, but organizations must plan ahead to protect data and systems. That's why we have been posting our "best guess" cybersecurity predictions on the Threat Blog this month. Today we present 9 of the most important predictions in the form of

2012 Predictions: SEO poisoning, botnets, mobile malware, increasing awareness

To round out our series of malware and cybercrime predictions here are some of my thoughts on what the next 12 months will bring. I expect more high profile arrests of cyber-criminals but no abatement in criminal activity that seeks to profit at the expense of data owners. Some of these arrests will occur in

Malware and Cybercrime Predictions: ‘Tis the season

What kind of malware and cybercrime can we expect in 2012? How much of it can we expect and what should we do about it? So begins that special season, the one in which experts of every stripe are called upon to prognosticate about the coming year. In keeping with the spirit of this particular

Malware Drive-by Infection Video: From fake FDIC message to infection

The FDIC is probably one of the most misunderstood quasi-governmental entities in America, which may account for its enduring popularity as part of malware and phishing scams. I'm not the most dedicated follower of banking news, but I did work for a bank once and I do try to keep up, yet I have never

Delivery Failure Revisited: Win32/TrojanDownloader.Agent.QXN returns

The Trojan downloader malware Win32/TrojanDownloader.Agent.QXN that showed up in my email about 10 days ago made a return visit today, posing as a pair of emails from the United States Postal Service. The first time the malware showed up it was dressed up, as a package delivery receipt from Canada Post. But this time the

You’ve Got Malware: Deceptive package delivery email for the holidays

Taking delivery of an unexpected package containing gifts is one of the joys of the holiday season. Missing a package delivery is one of the frustrations of the season. So, an email headed "Failed Package Delivery" is a good way for scam artists and malware distributors to get your attention. In this post I examine

Facebook FTC Settlement Means 20 Years of Federal Privacy Audits

The FTC has just announced its eight-count deception charge against Facebook has been settled, with the world's largest social network submitting to a wide array of remedies that include 20 years of privacy auditing and strict controls on how the company deals with your personal data in the future. In this post I will explain

Cyber-Shopping Safety Tips: A handy video guide

Now that the 2011 holiday shopping season is underway we thought it would be helpful to share our tips for safer cyber-shopping in the form of a short video (I think we all know at least a few people who can’t seem to find time to read anything, but are more than happy to watch

Breaking Dawn, Taylor Swift, Image Search: Poisoning, survey scams on the rise

Manipulating search results for trending topics like "Breaking Dawn" and "Taylor Swift" is a nasty phenomenon that is getting nastier, producing fraudulent and potentially costly results in response to innocent searches. As we described in our Search Poisoning video, the goal of this fraud is to trick people into loading web pages that they would

Cyber Monday Safety: 10 tips for safer holiday shopping online

With 10 days to go before Cyber Monday, the "traditional" post-Thanksgiving online shopping day, ESET has put together 10 tips for safer holiday shopping online. Please feel free to share these tips with any friends and family who are planning to shop online this season. You can even go old school and hand them a

Facebook’s Gross Video Scam: Watch the rest of the story

Scumbags posts links on Facebook that can lead to malware infected websites, phishing forms, identity theft, financial losses, or worse. One hopes that all Facebook users have been warned about this by now, but how many have seen what these scams look like in action? When security experts advise "Do not click" with respect to

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.