Bio

Cameron Camp

Cameron Camp

Security Researcher

Education: CISSP, RHCSA

Highlights of your career? Reverse engineering human brain patterns.

What malware do you hate the most? Nation state sponsored low and slow.

Favorite activities? Building and flying airplanes.

What is your golden rule for cyberspace? Stupid hurts.

When did you get your first computer and what kind was it? 1988, Radio Shack TRS-80.

Favorite computer game/activity? Java/Big Data algorithms to find brain patterns.

Articles by author

Facebook bug bounty payout tops $40K

Facebook recently rolled out a program we thought was a good step, bounties paid to hackers to find and report bugs, rather than exploit them. So far that payout has totaled around $40,000, no small sum for the aspiring hackers, and probably a boon for Facebook’s efforts to proactively fix security issues before a potential

Android financial transactions on the rise – watch for malware

Awhile back we mused that the rapid rise in Android malware would hit its stride near the intersection of widespread mobile financial transaction use, and the continuing steep rise in adoption of the platform. Now we see AT&T, T-Mobile and Verizon entering a joint venture to back a payment service for, guess what: Mobile financial

Irene – is that you (or a fake)?

So you get a Twitter tweet or Facebook notification from what “seems to be” a friend saying they have the latest information in the development of Hurricane Irene, if you just “click here.” When you do, you find that your “friend” might really be computer script from a distant land directing you to a fake

DoS Apache killer

Amidst a lack of fanfare this past weekend on a mailing list, a memory exhaustion hack popped up for the Apache webserver that may result in a Denial-of-Service (DoS) style attack. Since the Apache application serves up north of 65% of the websites on the internet, a plausible attack becomes quite an issue, especially if

WikiLeaks 2.0 – a new kid in town

Following the plight of the oft-storied WikiLeaks organization, we see a new variant to hit the streets soon, GlobaLeaks. Apparently WikiLeaks has garnered a bit of a following with the community, along with the attraction of a fair share of consternation from governments around the world. This new effort attempts to extend that further. Law

Facebook – user privacy on the uptick

Okay, so they grew from nothing to ubiquity in a few years, hey, my mom has an account. With the growth, users have started clamoring for increased privacy control, and it looks like the message is starting to be heard. Facebook is now trotting out a series of new user privacy controls, so now you

‘Anonymous’ – Now accepting bitcoin tips

Can’t find a way to support a hacktivist with your l337 sK1LLz? Turns out they take tips, bitcoin tips. We mused awhile back about the emergence of bitcoin as a favorite underground currency. Now, on the heels of the latest announcement by “Anonymous” that they’re releasing personal data belonging to a defense contractor VP with

Google your own health record?

Is that possible? Well, a researcher with Identity Finder, Aaron Titus, believes so, since he says he managed to use internet searches to unearth a trove of unsecured private health records on a website, around 300,000 of them. He notified the company, Southern California Medical-Legal Consultants, which represents doctors and hospitals seeking payment from patients

Social‑networking to blame for social unrest?

We see this morning a post about British Prime Minister Cameron’s assertion yesterday during a Parliament presentation that, “Free flow of information can be used for good. But it can also be used for ill. And when people are using social media for violence, we need to stop them.” Sort of hearkens back to the

Mobile devices auto‑import phonebook to Facebook

If you downloaded the Facebook app for your mobile device, and just zipped through the install options (like users commonly do), did you know all your contacts could now be on your Facebook Contact list (formerly Phonebook) and can be datamined by Facebook? This is also disturbing if Facebook itself gets hacked and your phone

Android malware: rapidly on the rise

I have an Android in my pocket as I type, with all kinds of cool apps ranging from GPS navigation to acoustic guitar tuner (really cool) – and apparently I’m not alone. Users are scooping up the latest batch of Android smartphones in record numbers, and what better target can malware authors ask for? Well,

Hack wireless industrial sensors in a few easy steps

On the heels of the recent activity with Stuxnet, the industrial process control computer worm that targeted Iranian nuclear centrifuges, a Blackhat talk by Thanassis Giannetsos explains how to hack yet another commonly used family of controllers. We have mused that this trend, targeting critical infrastructure nodes, is but a shade of things yet to

U.S. standards agency warns energy producers of cyber attacks

The North American Electric Reliability Corporation’s (NERC) newly formed Cyber Attack Task Force will “consider the impacts of a coordinated cyber attack on the reliability of the bulk power system”, in a proactive effort to increase providers’ readiness for new waves of potential nastiness. Recently, there has been a flurry of activity surrounding efforts to

Blackhat: breaking SMS – war texting

If you could use texting to break networks, what could you do? Well, Don Bailey, with ISEC Partners, in his talk today at Blackhat, muses that you could break a lot, driving around and dropping in on various networks as you saw fit. Well, really his proof-of-concept collection of tools is aimed at educating mobile

Fix cybersecurity: Rent a cyber‑mercenary?

Citing the days of yore, when firms hired private security to protect their interests, General Michael Hayden, One of the architects of US foreign policy under George W. Bush, floats the idea of a sort of digital version of the oft-illustrious Blackwater firm (since renamed Xe); a modern day cyber rent-a-mercenary program for governments. He

Online piracy: Fight it like REAL pirates?

Fighting modern day piracy is something of a paradox; in an open system that allows freedom (good), scoundrels are also free to skulk around doing nasty things (bad). Various efforts have been made to pounce on evildoers, but it’s a game of whack-a-mole. When one has been thwarted, others pop up as variations on the

Data breach insurance: Is it worth it?

So you bought insurance against a data breach. With all the potential loopholes and variables, is it worth the cost for the coverage required to handle a real-world scenario? That’s a tender subject these days at Sony. In light of their recent breaches, soaring near an estimated $180 million, it seems their insurance provider, Zurich

50 ways to hack a website

Well, really there are far more, but the latest study from Imperva of 10 million attacks against 30 large organizations from January to May of 2011 cites a cocktail of techniques used by would-be hackers to spot the weaknesses and exploit them. For those of us who’ve tailed a log file spinning out of control

Stuxnet: Broke Iranian nuclear centrifuges?

Or so the latest report from DEBKAfile states, claiming the Stuxnet worm broke numerous Iranian centrifuges by forcing them to overspeed, causing damage and prompting the replacement of some 5,000-6,000 units. They cite “intelligence sources” as the source of information. Whether or not this will be confirmed, it seems malware authors clearly are targeting political