Author
Cameron Camp
Cameron Camp
Malware Researcher

Education: CISSP, RHCSA

Highlights of your career? Reverse engineering human brain patterns.

What malware do you hate the most? Nation state sponsored low and slow.

Favorite activities? Building and flying airplanes.

What is your golden rule for cyberspace? Stupid hurts.

When did you get your first computer and what kind was it? 1988, Radio Shack TRS-80.

Favorite computer game/activity? Java/Big Data algorithms to find brain patterns.

More Info

Secure DNS? Encrypt the last mile

DNSSEC has been making the headlines lately as a possible defense against nasty DNS redirection schemes on the server end. Combined with anti-malware efforts at thwarting DNS changing via malicious registry/host file modification, it’s making a dent. Now OpenDNS is proposing a last mile approach called DNSCrypt which intends to secure the problematic link between users’

Lawyers go back to school for cybercrime

Citing a “serious lack” of attorney expertise in prosecuting cybercrime, New Jersey Prosecutor John Molinelli decided it was time for attorneys to go back to school. He states, “There was a serious lack of prosecuting attorneys – there’s probably a lack of attorneys, in general, who really know this area,” and decided to do something

CarrierIQ, keylogging and mobile payment systems

Recently we see allegations that CarrierIQ is quietly collecting more information than Android users bargained for. In one case, Trevor Eckhart thinks he proved that they register users’ keystrokes without the users’ knowledge for reasons subject to ongoing speculation. We certainly had no trouble finding the CarrierIQ software on an HTC phone, where it possessed

Holiday shopping? We know where you are

Well, not you exactly you, but malls are rolling out technology that tracks customers’ patterns throughout the mall using cell signals. They say they aren’t collecting personal information, but say they want to be able to track customer traffic patterns, for example, how many customers visit Starbucks after visiting Nordstroms. The technology, called FootPath, is

SCADA attacks gone crazy

SCADA, a network-enabled setup for controlling infrastructure, is hitting the headlines in force for falling victim to cyber scammers. There have been several incidents of unauthorized access to Supervisory Control and Data Acquisition (SCADA) systems recently, from guessing simple passwords, to full-on spear phishing attacks against a hardware vendor, which were then used to access

US Pentagon: it’s official, military response to cyber attacks

Awhile back we noticed signals from the US Pentagon that they were considering the possibility of a traditional military response to cyber attacks on US physical infrastructure. Basically, a cyber attack on infrastructure could be considered an act of war. We now see the official report released, confirming this. The report states, “When warranted, we

AVAR Hong Kong security conference 2011 – in 30 seconds

Well, okay, if you happen to be an extremely fast reader. The Association of Anti Virus Asia Researcher’s (AVAR) 14th AVAR Conference just wrapped up in Hong Kong on Friday. This year, the focus was on security issues in and around the emerging Asian security market, and how to rise to the challenge. As one

Anonymous – is hacktivism here to stay?

Months back a rather vocal series of micro-hacktivist groups formed a somewhat larger, more vocal pseudo-organized non-organization ruled essentially democratically via IRC (among other things), attempting to cast light on perceived misdeeds by the large corporation (or government organization) du-jour they thought had behaved badly. The idea was to hack an organization, parade them around

Are Government/Schools responsible for your security – (or is it all up to you)?

Awhile back we posted findings of a Harris poll showing public perception of Internet security, with some interesting results. This time we take a look at whether respondents perceive the Government and/or their schools have an implicit responsibility, or whether it lands squarely on their shoulders in the end (or should). Both schools and government

Scary Halloween cyber pranks

I just looked in my junk box to find an “Amazing” sale on pirated software, but I have to act fast, as it’s only good until Halloween. My colleague Stephen Cobb points out the rate of effectiveness of scams would soar if the Nigerian scammers could afford a proof reader who spoke fluent English. David

US to China: tell us more about your censorship

According to a report from the New Zealand Herald, the US government is formally requesting China release more details on its censorship activities. The action, being pursued under World Trade Organization rules, is purportedly aimed at leveling the playing field of foreign websites trying to compete in China. The idea is that if the US

Facebook security updates – how to make your account more secure

Facebook has recently updated their security settings. In this How-to we highlight some of the updates and the security nuances to help you stay on top of your account security settings. Paul Laudanski blogged about the subject awhile back, if you want to reference that security primer. When you login to your account, you may

Another Massachusetts Health Services breach – at least they HAVE to report it

We see yet another breach hitting the headlines from a Massachusetts Healthcare Service provider, Spectrum Health Services. It seems during a break-in a hard drive was stolen, which contained names, addresses, phone numbers, dates of birth, Social Security numbers, diagnostic codes and medical insurance numbers. It is interesting because, unlike other states, Massachusetts law requires

Hacked account? Many users don’t even notice

A recent report from Commtouch finds about one third of Gmail, Yahoo, Hotmail and Facebook users even noticed when they were hacked, and more than half found out later after friends alerted them. This lag time provides a wide open window for scammers to use social engineering techniques to target more valuable targets, and harvest

Facebook: over 800 pages of data stored on a single user

In Europe, a user can make a request to an online company for all personal data they may have stored about them. One user did just that, and found 880 PAGES of data stored about him by Facebook! Other users listed on the Europe vs. Facebook website had even more. They include the usual data

High tech identity theft ring largest in U.S. history

“Operation Swiper” just busted the largest theft ring of its type in U.S. history. The $13 million dollar crime ring was exposed after a 2 year investigation by the New York City Police, primarily centering around selling Apple electronics overseas, according to Reuters. New York City Police Raymond Kelly said at a press conference “The

Android vulnerability patch time lag causes malware opportunity

One of the blessings of Open Source initiatives is the rapidity with which coders can release quality collaborative code. This is one of the ways the Android managed to claw its way into the smartphone mainstream, after arriving late to the game. But as the app ecosystem matures, vulnerability/patch management becomes more of an issue,

Kids’ computer game malware – Scammers stoop to new lows

There’s a new batch of malware making the rounds, this time directed at spreading banking malware through childrens’ games. Though it’s hard to imagine, the scammers are taking advantage of the naivete of kids, who may not be as skilled at detecting scams as their more seasoned parents. According to an article in Softpedia, the

U.S. Government – Security incidents up 650% over 5 years

Citing weaknesses in security controls at 24 major agencies, a new report by the U.S. Government Accountability Office (GAO) charts the stellar rise in incidents, and tries to highlight what went wrong. Just today my colleague Stephen Cobb also posted a government-related incident in the health care sector. The timeframe of the study, starting in

Which anonymizing VPN is really anonymous?

On the heels of the arrest of Cory Kretsinger, aka “Recursion”, for one of the Sony data breaches, following an FBI request for traffic records from his VPN provider, users wonder whether anonymizing service providers really are all that anonymous. Using a VPN to connect securely out of reach of prying eyes, is a common

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.