Author
Stephen Cobb
scobb-tedx-222x179
Stephen Cobb
Senior Security Researcher
Go to latest posts

Education: CISSP (1996)

Highlights of your career? The Stephen Cobb Guide to PC and LAN Security (1992); The first anti-spam router (2001); Privacy for Business (2002)

Position and history at ESET? Joined ESET: 2011. Current title: Senior Security Researcher

What malware do you hate the most? State sponsored.

Favorite activities? Reading and writing, and some arithmetic.

What is your golden rule for cyberspace? Don’t put anything on the Internet you wouldn’t want your mother to see.

When did you get your first computer and what kind was it? 1982 KayPro II portable computer with dual floppy drives, weighing 26 lbs or 12 Kg.

Favorite computer game/activity? Reading Wikipedia.

NSA and Wall Street: online activity shrinks, changes post-Snowden

News of the NSA’s mass electronic surveillance is having a negative impact on consumer sentiment toward online technology and tech companies, according to recent survey that suggests it could hurt GDP and corporate profits.

Survey says 77% of Americans reject NSA mass electronic surveillance, of Americans

In light of the Snowden/NSA revelations of mass surveillance, 77% of American adults say it is not okay for the government secretly to monitor all of their communications. And some of us are changing how we use the Internet as a result.

The Preliminary NIST Cybersecurity Framework published and Workshop #5 scheduled

The newly published Preliminary Cybersecurity Framework from NIST, part of the federal effort to help critical infrastructure owners and operators reduce cybersecurity risks, is now available for review, with some interesting new language and a final workshop scheduled for November.

Is cybersecurity by fiat dead on arrival?

Are legislation and regulation a viable means of making people and organizations do better at securing data systems and devices? I’m not talking about FIAT the car maker, but fiat: “an official order given by someone who has power.” How’s that working in light of NIST CSF and HIPAA?

HIPAA 9/23 compliance deadline looms as breaches continue

This is a quick reminder that the September 23 deadline for compliance with the new HIPAA regulations is rapidly approaching. Organizations that handle protected health information (PHI) need to be sure they are up to speed on the changes and ready to withstand scrutiny. In general, you will need new NPPs and BAAs (Notices of

Encryption advice for companies in the wake of Snowden NSA revelations

What are the immediate practical implications of the Snowden-prompted revelation that the NSA has broken or circumvented a lot of commercially available encryption? For a start, you should not stop using encryption, but you may want to review how you use it moving forward, Stephen Cobb explains.

Healthcare IT security: infographic stats point to big privacy holes

An infographic of recent healthcare IT security statistics paints a striking picture of much security work yet to be done, even as new medical privacy regulations go into effect.

September 23, 2013: HIPAA health data security compliance deadline looms

Is your company ready for September 23, 2013, the deadline for compliance with HIPAA 2.0? The revised omnibus privacy and security regulations incorporating HITECH expose a lot more companies to possible fines.

NIST cybersecurity framework rolls on amid murmurs of regulation

What needs to happen before the President of the United States can stand before the American people and assure them that a comprehensive and good faith effort has been made to stop cyber attacks disrupting the delivery of essential goods and services? The NIST workshops are seeking answers to that question.

A cybersecurity framework to protect digital critical infrastructure

In the ongoing effort to protect cyber aspects of America’s critical infrastructure, the third NIST Cybersecurity Framework workshop is being hosted July 10-12, 2013 by the University of California, San Diego, and the National Health Information Sharing and Analysis Center.

Tips for securing your household’s multiple digital devices

Summer is here and school is out, what better time to take a look at improving the cyber protection on all of your household’s many digital devices?

Healthcare IT: seeking better outcomes through smarter security

Security of data in healthcare IT systems is critical to patient care and patient trust, yet on average data on 17,000 patients is exposed every day in America due to security breaches. Why is this and what does it portend for initiatives like telemedicine?

Cyber security road map for businesses

Basic advice on cyber security survival for businesses is presented as a 6-step roadmap, along with links to free resources that can be useful in your efforts to defend your business.

Linux Apache malware: Why it matters to you and your business

This comprehensive look at the problems of malware on Linux Apache web servers explains the threats to business and helps you figure out if your organization is likely to be affected.

The stealthiness of Linux/Cdorked: a clarification

We clarify that the Linux/Cdorked backdoor malware leaves no traces on the hard drive “other than its modified httpd binary” which can be scanned for detection in several ways.

Beware scammers preying on Boston Marathon tragedy

In the wake of the cowardly and despicable bombings in Boston today, people who want to help need to be wary of appeals for money for victims or schemes like retweeting and “Likes” on Facebook.

Schneier, Winkler and the Great Security Awareness Training Debate

The value of educating people about cyber security is hotly debated these days, with opposing views on security awareness training coming from Bruce Schneier and Ira Winkler. Stephen Cobb weighs in.

Apple ID password and verification two-step plays on

Stepping up protection of the Apple ID falters as password reset bug emerges before two-step verification is fully implemented.

From flicks to clicks: Mac OS X Trojan Adware.Yontoo infects via fake codec

Protection and remediation tips for Mac OS X users targeted by a Trojan adware plugin called Yontoo hidden behind movie trailer and other media playing links, generating money for criminals exploiting online ad schemes.

Social media makes scams and hoaxes harder to spot

If your friend said it on Social media it must be true? Not if your friend’s acount has been hacked. We review tips for staying safe on social media.

Follow us

Copyright © 2016 ESET, All Rights Reserved.