Author
Cameron Camp
Cameron Camp
Malware Researcher

Education: CISSP, RHCSA

Highlights of your career? Reverse engineering human brain patterns.

What malware do you hate the most? Nation state sponsored low and slow.

Favorite activities? Building and flying airplanes.

What is your golden rule for cyberspace? Stupid hurts.

When did you get your first computer and what kind was it? 1988, Radio Shack TRS-80.

Favorite computer game/activity? Java/Big Data algorithms to find brain patterns.

More Info

Apache/PHP web access holes – are your .htaccess controls really safe

If your organization’s website runs on Apache, and many do, you might wonder if the webserver’s .htaccess controls are securely configured. If you believe the demo we saw yesterday at Blackhat by Matias Katz and Maximiliano Soler, the answer is a resounding ‘NO!’ What Katz and Soler described in their session is not some rare

Offensive / Proactive tactics, will they really work? Blackhat day 1

Blackhat keynote speaker Shawn Henry, the former executive assistant director of the FBI’s Criminal, Cyber, Response and Service Branch, started off the day after opening remarks from Jeff Moss, founder of Blackhat. Moss wondered if now was the time for the cyber-security sector to take a more aggressive/offensive approach. Jeff mentioned working for a former

Free YouTube .mp3 converters – with a free malware bonus

Want to access the music tracks of YouTube.com videos on your iPod but don’t want to pay? You’re not alone. Recently, a crop of websites have popped up offering to convert the audio from videos to .mp3 files that you can then download at no charge. Sounds great, right? The catch: scammers are trying to

Gamigo game site hack lessons learned (and what should you do)

Gamigo learned a few months ago about a breach and alerted its users that they had been attacked. But now, we see an estimated 8+ million records just went public, no small amount for the attackers. What is interesting is that by one account, hash cracking was able to decrypt over 90% of the passwords,

Is my business too small to be hacked by a nation-state (or should I worry)?

Small businesses have their hands full these days in light of a down economy, tightening budgets and the steepening pace of business, but with nation-state hacks front and center in the threatscape, should you worry about those too, or are you (and your customers) safe? Nation-state hacks bring to mind images of large defense contractors,

How much will your driverless car know about you (and who will it tell)?

Following the flurry of press coverage surrounding the proposed next generation of driverless cars, privacy groups are asking questions about what will happen to the data the cars (necessarily) collect, which – in the wrong hands – might prove tempting for abuse. Other car manufacturers plan on rolling out real-time data streams of information about

Facebook policy changes – does the ‘crowd’ really have a seat at the table?

You may have heard that the organization known as europe-v-facebook found that a little-know provision in Facebook’s privacy and user rights policies allowed a vote on proposed changes to be forced if over 7,000 respondents were interested and submitted comments to that effect. When europe-v-facebook publicized this, users swarmed to show support and get their

Your Facebook account will be terminated – again

If the scary email or app notification–and subsequent webpage–is to be believed, you have only a few days to verify your Facebook account or you’ll be out of luck. But don’t worry, a few days later you will magically get a few more days to verify, and so the scam goes. A Twitter follower with

LinkedIn security woes – and what to do about it

This morning when I logged into LinkedIn I was greeted with several front page references to the reported hacking of the site, and instructions for changing my password, which I did immediately. This is a good time to change all of your social media passwords, making sure you create a fresh password that is hard

You've Got (Nation State Hacked) Mail

We read in the New York Times that Google is rolling out a service that will attempt to alert users when it thinks their accounts might be subject to hacking by a government, hoping the user will take precautions after getting a notice that says “Warning: We believe state-sponsored attackers may be attempting to compromise

DNSChanger temporary’ DNS servers go dark soon: is your computer really fixed?

DNSChanger, a piece of malware that re-routed vast swathes of Internet traffic through rogue DNS servers after users became infected, was shut down by the FBI late last year. But simply shutting down the servers altogether would have ‘broken’ many hundreds of thousands of computers still infected–rendering it difficult for them to get help via

SMSmishing (SMS Text Phishing) – how to spot and avoid scams

If the smartphones of ESET bloggers are any indication, scams executed via SMS text, known as smishing or SMS phishing, are on the rise. I don’t do a lot of texting, which makes a smish easy to spot on my phone, but I just read an amazing statistic from a Pew report: Users 18 to

Millions have not reviewed Facebook privacy settings: Here’s how

Here are two staggering Facebook privacy statistics: Nearly 13 million US Facebook users have never set, or don’t know about, Facebook’s privacy tools, and only 37 percent have used Facebook’s privacy tools to customize how much information is shared with third parties. That’s according to a Consumer Reports survey released earlier this month. Given that

Could your next new car be hacked (should you be scared)?

The wave of new data technology making its way into the next generation of cars – ranging from vehicles which semi-autonomously drive themselves, to realtime data streaming onto head's up displays – begs the question: will they be safe from cyber shenanigans, or will you have to deploy security software on your next (probably hybrid)

Pinterest security update

We recently highlighted a security walkthrough on Pinterest.com, the pinboard style sharing website that’s taking the social media by storm. Since then, they’ve continued to grow, and continued to have accompanying growing pains common in organizations with rapid growth. Here we highlight ways they are adapting, changes they are making, and what it means to

Find the bad guy in a deluge of big data – RSA day three

So someone is attacking you, maybe with a flood of traffic as a noisy backdrop to distract you while the bad guy slips in undetected. So how do you stop the hacker amidst the noise, fast enough to act to stop the attack? That was the subject of many vendors and conversations at RSA –

SMB cyber security: we feel your pain – RSA day two

Day two of the show, and we ask vendors and participants what the pain points are for Small and Medium Businesses (SMB), especially in the category from 25 to 250 member organizations, even narrowing that to 100 employees or less. It seems this sector is largely missed by the large vendors on the show floor

Rogue mobile devices in your enterprise? RSA day one

While our recent post on BYOD focuses on the prevalence and/or risk of inadequately trained staff potentially creating problems for the core IT infrastructure using their own personal devices for work, it seems others here at RSA are concerned with preventing the exact same thing, but from a different angle. I attended one “lighting round”

The BYOD security challenge: How scary is the iPad, tablet, smartphone surge?

Employee use of personally-owned computing devices for work-related purposes–known as Bring Your Own Device or BYOD–is not a new trend and security professionals have been concerned about it for some time, but there is a widely held view that the trend has been transformed of late. Why? Waves of mobile digital devices flooding into the

Pinterest.com security – step by step how-to

I recently signed up for Pinterest.com, a hip, trendy pin board style website that allows beefed up sharing of your interests with friends via a large visual bulletin board style forum where fans of a particular subject can post what they find compelling, and want to share. Then other friends can weigh in on the

Follow Us

Sign up to our newsletter

The latest security news direct to your inbox

ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.