Bio

Cameron Camp

Cameron Camp

Security Researcher

Education: CISSP, RHCSA

Highlights of your career? Reverse engineering human brain patterns.

What malware do you hate the most? Nation state sponsored low and slow.

Favorite activities? Building and flying airplanes.

What is your golden rule for cyberspace? Stupid hurts.

When did you get your first computer and what kind was it? 1988, Radio Shack TRS-80.

Favorite computer game/activity? Java/Big Data algorithms to find brain patterns.

Articles by author

Scary Halloween cyber pranks

I just looked in my junk box to find an “Amazing” sale on pirated software, but I have to act fast, as it’s only good until Halloween. My colleague Stephen Cobb points out the rate of effectiveness of scams would soar if the Nigerian scammers could afford a proof reader who spoke fluent English. David

US to China: tell us more about your censorship

According to a report from the New Zealand Herald, the US government is formally requesting China release more details on its censorship activities. The action, being pursued under World Trade Organization rules, is purportedly aimed at leveling the playing field of foreign websites trying to compete in China. The idea is that if the US

Another Massachusetts Health Services breach – at least they HAVE to report it

We see yet another breach hitting the headlines from a Massachusetts Healthcare Service provider, Spectrum Health Services. It seems during a break-in a hard drive was stolen, which contained names, addresses, phone numbers, dates of birth, Social Security numbers, diagnostic codes and medical insurance numbers. It is interesting because, unlike other states, Massachusetts law requires

Hacked account? Many users don’t even notice

A recent report from Commtouch finds about one third of Gmail, Yahoo, Hotmail and Facebook users even noticed when they were hacked, and more than half found out later after friends alerted them. This lag time provides a wide open window for scammers to use social engineering techniques to target more valuable targets, and harvest

High tech identity theft ring largest in U.S. history

“Operation Swiper” just busted the largest theft ring of its type in U.S. history. The $13 million dollar crime ring was exposed after a 2 year investigation by the New York City Police, primarily centering around selling Apple electronics overseas, according to Reuters. New York City Police Raymond Kelly said at a press conference “The

Android vulnerability patch time lag causes malware opportunity

One of the blessings of Open Source initiatives is the rapidity with which coders can release quality collaborative code. This is one of the ways the Android managed to claw its way into the smartphone mainstream, after arriving late to the game. But as the app ecosystem matures, vulnerability/patch management becomes more of an issue,

Kids’ computer game malware – Scammers stoop to new lows

There’s a new batch of malware making the rounds, this time directed at spreading banking malware through childrens’ games. Though it’s hard to imagine, the scammers are taking advantage of the naivete of kids, who may not be as skilled at detecting scams as their more seasoned parents. According to an article in Softpedia, the

U.S. Government – Security incidents up 650% over 5 years

Citing weaknesses in security controls at 24 major agencies, a new report by the U.S. Government Accountability Office (GAO) charts the stellar rise in incidents, and tries to highlight what went wrong. Just today my colleague Stephen Cobb also posted a government-related incident in the health care sector. The timeframe of the study, starting in

Which anonymizing VPN is really anonymous?

On the heels of the arrest of Cory Kretsinger, aka “Recursion”, for one of the Sony data breaches, following an FBI request for traffic records from his VPN provider, users wonder whether anonymizing service providers really are all that anonymous. Using a VPN to connect securely out of reach of prying eyes, is a common

Rig an election for around 25 bucks

Actually $26, according to a study conducted by Argonne National Laboratory in Illinois, which was able to hack a Diebold voting machine with “about $26 and an 8th-grade science education.” In light of the rapidly approaching 2012 U.S. Presidential Election, it seems there may be a need to give serious attention to securing our election

How much photo data does Facebook really have?

According to a post by a Facebook Photos engineer, they receive around 200 million photo uploads per DAY, or about 6 billion per month. A separate post says Facebook currently hosts 4% of all photos ever taken. Specifically, it hosts 140 billion photos out of 3.5 trillion photos taken in history. Also, we see “it

OnStar to still gather vehicle data after service expires

Unless you specifically cancel the 2-way communication aspect, the default setting will be to continue a communication link to OnStar once the subscription expires, raising the ire of customers who wonder what the company does with the data. OnStar says that data is anonymized, but customers fear data showing current vehicle location doesn’t seem very

Britain to ISP’s: speed up blocks on pirate sites

Following the recent landmark Newsbin2 ruling requiring ISP’s to take a more active role in policing pirate websites, UK ISP’s are working to speed the court ordered actions though to block pirated sites. The implementation details haven’t been finalized between the creative industries and ISP’s, but copyright-owners seem to be optimistic. The goal is to

Senate cybersecurity bill one step closer to law

This morning we recorded a podcast posing the question “can legislation solve cybercrime?” Well, The Senate Judiciary Committee seems eager to play a part, passing a measure yesterday attempting to thwart computer attacks. Measure S.1151 sets a national standard for data breach notification, replacing the various state initiatives already in place. It also makes concealing

Google+ fix cybercrime – use your real name?

Google+ seems to be continuing building steam and putting itself on the map as a contender, not merely an also-ran to the Facebook behemoth. Part of its strategy is to enforce the use of real names, not just the more common online pseudonym. The logic goes that this will reduce the likelihood that cybercriminals might

2.1 million users’ data breached in Massachusetts

Since 2010 that is, following a law enacted in 2007 that requires all companies doing business in Massachusetts to inform consumers and state regulators about security breaches that might result in identity theft. Attorney General Martha Coakley’s office released the information, including a breakdown of the data. It seems her office received 1,166 data breach

Android banking malware in the wild

Recently, we’ve noted a steep rise in Android malware and predicted the rise in banking malware, now we see another example in the wild, this time SpyEye. Trusteer has a good rundown on it, saying “It seems that SpyEye distributors are catching up with the mobile market as they (finally) target the Android mobile platform.