Man fried over 50 college computers with weaponized USB stick

Vishwanath Akuthota didn’t make it hard for authorities to prove that he was the person who destroyed $58,000 worth of college equipment using a USB stick.

Read more in my article on the Tripwire State of Security blog.

0 sec read

Smashing Security #120: Silk Road with Deliveroo

Online drug dealers get busted due to poor OPSEC! People are still failing to wipe their USB sticks properly! A potential presidential candidate is outed as a former hacker! Flat Earthers! Pi! Empathy!

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.

1 min read

New iOS security feature can be defeated by a $39 adapter… sold by Apple

A one hour countdown timer can be reset simply by connecting the iPhone to an untrusted USB accessory – giving law enforcement plenty of opportunity to crack your passcode with specialist tools.

0 sec read

Uh-oh. How just inserting a USB drive can pwn a Linux box

Give a USB drive a volume name like this, hand it to a friend who runs KDE Plasma on their Linux box, and they won’t be your friend much longer.

Read more in my article on the Hot for Security blog.

0 sec read

Cybersecurity quiz winners rewarded with malware-infected USB sticks

No prizes for guessing that giving away USB sticks at a cybersecurity event wasn’t a good idea…

Read more in my article on the Hot for Security blog.

0 sec read

Heathrow security plans ‘found on USB stick left in the street’

A memory stick containing sensitive information about Britain’s busiest airport was reportedly “found in the street.”

Read more in my article on the We Live Security blog.

0 sec read

IBM has been shipping malware-infected USB sticks

We tend to trust companies like IBM to take greater care over what they ship to their customers and assume it to be uncompromised and squeaky-clean. Clearly that trust is sometimes misplaced.

1 min read

Fry all the things! USB Kill zaps tons of computing devices

A modified thumb drive called USB Kill is capable of frying all kinds of devices such as gaming consoles, smartphones, and a car’s dashboard.

David Bisson reports.

1 min read

‘Cyber terrorist’ trades cufflinks for handcuffs

Would the fact that you have an operating system installed on your USB cufflink prove that you’re up to no good, or just a bit of a geek?

2 min read

Danger USB! Oz police warn of malware in the letterbox

Residents in a suburb of Melbourne, Australia, have been blighted by a plague of malicious USB sticks.

1 min read

Video jacking – hopefully not coming to a phone charging point near you

Video jacking seems like yet another novel way to grab information from HDMI-ready smartphones.

45 sec read

Does dropping malicious USB sticks really work? Yes, worryingly well…

Good samaritans and skinflints beware!

Plugging in that USB stick you found lying around on the street outside your office could lead to a security breach.

Read more in my article on the Tripwire State of Security blog.

0 sec read

Take care how you charge your phone when you’re in the hospital

What’s the harm of “plugging in” to snatch a few precious volts while you visit a sick friend or loved one, or as you wait around in the emergency room?

Perhaps more than you think, explains Bob Covello.

1 min read

This USB stick will fry your computer within seconds

Yet another reason not to plug a USB stick of unknown origin into one of your computers.

1 min read

Five years after Stuxnet, your USB drive is still being patched

Once again, Microsoft finds itself patching Windows against attacks that can strike at your PC through the USB drive.

Read more in my article on the Optimal Security blog.

0 sec read

Microsoft failed to properly patch the Stuxnet USB flaw in 2010… but has now (we hope)

For over four years, nobody noticed that a Microsoft patch designed to stop exploitation of a vulnerability used by the notorious Stuxnet worm could be easily circumvented.

Now Microsoft has released a new patch, and not a moment too soon.

1 min read