Cameron Camp
Cameron Camp
Malware Researcher
Go to latest posts

Education: CISSP, RHCSA

Highlights of your career? Reverse engineering human brain patterns.

What malware do you hate the most? Nation state sponsored low and slow.

Favorite activities? Building and flying airplanes.

What is your golden rule for cyberspace? Stupid hurts.

When did you get your first computer and what kind was it? 1988, Radio Shack TRS-80.

Favorite computer game/activity? Java/Big Data algorithms to find brain patterns.

Facebook policy changes – does the ‘crowd’ really have a seat at the table?

You may have heard that the organization known as europe-v-facebook found that a little-know provision in Facebook’s privacy and user rights policies allowed a vote on proposed changes to be forced if over 7,000 respondents were interested and submitted comments to that effect. When europe-v-facebook publicized this, users swarmed to show support and get their

Your Facebook account will be terminated – again

If the scary email or app notification–and subsequent webpage–is to be believed, you have only a few days to verify your Facebook account or you’ll be out of luck. But don’t worry, a few days later you will magically get a few more days to verify, and so the scam goes. A Twitter follower with

LinkedIn security woes – and what to do about it

This morning when I logged into LinkedIn I was greeted with several front page references to the reported hacking of the site, and instructions for changing my password, which I did immediately. This is a good time to change all of your social media passwords, making sure you create a fresh password that is hard

You've Got (Nation State Hacked) Mail

We read in the New York Times that Google is rolling out a service that will attempt to alert users when it thinks their accounts might be subject to hacking by a government, hoping the user will take precautions after getting a notice that says “Warning: We believe state-sponsored attackers may be attempting to compromise

DNSChanger temporary’ DNS servers go dark soon: is your computer really fixed?

DNSChanger, a piece of malware that re-routed vast swathes of Internet traffic through rogue DNS servers after users became infected, was shut down by the FBI late last year. But simply shutting down the servers altogether would have ‘broken’ many hundreds of thousands of computers still infected–rendering it difficult for them to get help via

SMSmishing (SMS Text Phishing) – how to spot and avoid scams

If the smartphones of ESET bloggers are any indication, scams executed via SMS text, known as smishing or SMS phishing, are on the rise. I don’t do a lot of texting, which makes a smish easy to spot on my phone, but I just read an amazing statistic from a Pew report: Users 18 to

Millions have not reviewed Facebook privacy settings: Here’s how

Here are two staggering Facebook privacy statistics: Nearly 13 million US Facebook users have never set, or don’t know about, Facebook’s privacy tools, and only 37 percent have used Facebook’s privacy tools to customize how much information is shared with third parties. That’s according to a Consumer Reports survey released earlier this month. Given that

Could your next new car be hacked (should you be scared)?

The wave of new data technology making its way into the next generation of cars – ranging from vehicles which semi-autonomously drive themselves, to realtime data streaming onto head's up displays – begs the question: will they be safe from cyber shenanigans, or will you have to deploy security software on your next (probably hybrid)

Pinterest security update

We recently highlighted a security walkthrough on, the pinboard style sharing website that’s taking the social media by storm. Since then, they’ve continued to grow, and continued to have accompanying growing pains common in organizations with rapid growth. Here we highlight ways they are adapting, changes they are making, and what it means to

Find the bad guy in a deluge of big data – RSA day three

So someone is attacking you, maybe with a flood of traffic as a noisy backdrop to distract you while the bad guy slips in undetected. So how do you stop the hacker amidst the noise, fast enough to act to stop the attack? That was the subject of many vendors and conversations at RSA –

SMB cyber security: we feel your pain – RSA day two

Day two of the show, and we ask vendors and participants what the pain points are for Small and Medium Businesses (SMB), especially in the category from 25 to 250 member organizations, even narrowing that to 100 employees or less. It seems this sector is largely missed by the large vendors on the show floor

Rogue mobile devices in your enterprise? RSA day one

While our recent post on BYOD focuses on the prevalence and/or risk of inadequately trained staff potentially creating problems for the core IT infrastructure using their own personal devices for work, it seems others here at RSA are concerned with preventing the exact same thing, but from a different angle. I attended one “lighting round”

The BYOD security challenge: How scary is the iPad, tablet, smartphone surge?

Employee use of personally-owned computing devices for work-related purposes–known as Bring Your Own Device or BYOD–is not a new trend and security professionals have been concerned about it for some time, but there is a widely held view that the trend has been transformed of late. Why? Waves of mobile digital devices flooding into the security – step by step how-to

I recently signed up for, a hip, trendy pin board style website that allows beefed up sharing of your interests with friends via a large visual bulletin board style forum where fans of a particular subject can post what they find compelling, and want to share. Then other friends can weigh in on the

Iranian TOR arms race a shadow of things to come?

Recently, the anonymizing network system TOR (The Onion Router) found its traffic was ratcheted to a standstill in Iran, prompting a comparison by one of the TOR project developers to an emerging “arms race”. Users of the service, hoping to evade state censorship/snooping, encrypt the traffic that then gets routed anonymously around the globe. But

Facebook/app data privacy – sharing gone wild

So you browse your favorite restaurant review site and settle on a great Mediterranean restaurant, and “magically” a variety of preferences get fed back to your Facebook profile, to be shared, re-shared and re-shared, ricocheting around the internet to form purportedly value-added experiences elsewhere you visit. That’s great news if you want your preferences bounced

ESET Research podcast round up

Here are some recently released podcasts by ESET Rearchers, addressing current topics such as the recent VeriSign hacks, the takedown of MegaUpload, and the problems with using good malware to catch the bad guys: 1. VeriSign, Credit Card Processor, Hacked Multiple Times 2. Mega Upload Website Shutdown by U.S. Department of Justice 3. Is The

Google responds to Android app Market security with stronger scanning measures

In response to recent reports that malicious apps may have made their way into the official Android Market, Google has responded by announcing a new program to more proactively scan the Market and developer accounts for seemingly malicious apps and highlights and/or remove them before users experience trouble. Traditionally, the barriers of entry for developers

CarrierIQ-style data gathering law to require mandatory notification/opt-in?

As legislators grapple with increasingly vocal smartphone owners concerned with privacy, a new Bill before the U.S. House of Representatives aims to require mandatory consumer consent prior to allowing the collection or transfer of data on such devices. You may recall that a company called CarrierIQ recently became the center of attention after a user

Now you can be forced to decrypt your hard drive?

Awhile back we noted a case where Ramona Fricosu, a woman accused of involvement in a mortgage scam, was asked, following a law enforcement raid in which her laptop was seized, to decrypt data on the device for use as evidence, potentially incriminating her. She pleaded the 5th Amendment protection against self-incrimination and refused to

Follow us

Copyright © 2015 ESET, All Rights Reserved.