Social Engineering and computer security
An interesting take on an innovative way to compromise a secure network from the inside. Basically, plant infected USB thumbdrives around the facility you want to compromis. Wait for employees to discover these "lost" thumbdrives. Rely on them to plug them into their computer out of curiosity, infecting their computers with a trojan that collects and emails out password data.
Written by VA and founder of a network security company.
Snippet from comments
- Yes, disabling autorun helps mitigate some risk. However, users are probably going click on just about anything with an intriguing file name so this is not a complete strategy.
- USB and firewire specifications are fundamentally flawed, allowing direct memory access which enables execution of code without user action or autorun.
1 comment:
lol. i for one would not put some random usb into my com
Post a Comment