Pierluigi Paganini April 29, 2022
It’s Called BadUSB for a Reason

Cybercrime gang FIN7’s badUSB attacks serve as a reminder of two key vulnerabilities present among all organizations. The criminal group had been mailing malware-ridden USBs to various entities in the transport, insurance, and defense industries under the guise that they originated from a trusted source, such as Amazon and the US Department of Health and […]

Pierluigi Paganini January 07, 2022
FIN7 group continues to target US companies with BadUSB devices

The Federal Bureau of Investigation (FBI) warns US companies that the FIN7 cybercriminals group is targeting the US defense industry with BadUSB devices. The US Federal Bureau of Investigation issued a flash alert to warn that the financially motivated group FIN7 has sent malicious USB devices, BadUSB devices, to US companies over the past few […]

Pierluigi Paganini March 29, 2020
FIN7 hackers target enterprises with weaponized USB drives via USPS

The FIN7 APT group has been targeting businesses with malicious USB drives and Teddy Bears sent to the victims, the FBI warns. The FBI is warning of a new wave of attacks carried out by the FIN7 APT group that is sending to the victims devices acting as a keyboard (HID Emulator USB) when plugged […]

Pierluigi Paganini August 26, 2018
USBHarpoon a look-like charging cable that can hack into your computer

A team of security experts has devised a rogue USB charging cable named USBHarpoon that can be used to compromise a computer in just a few seconds. The team was composed of Olaf Tan and Dennis Goh of RFID Research Group, Vincent Yiu of SYON Security, and the popular Kevin Mitnick. The USBHarpoon takes inspiration on the BadUSB project built by […]

Pierluigi Paganini February 18, 2015
BadUSB attack and the Industrial control systems

Industrial control systems are in danger of being hacked by using a modified version of the BadUSB attack says Michael Toecker in his presentation at the Security Analyst Summit 2015 in Cancun. Not that long ago, BadUSB swept across the cybersecurity community as one of the hottest hacks of the year. BadUSB featured the ability […]

Pierluigi Paganini December 20, 2014
USBdriveby, how to compromise a PC with a $20 microcontroller

USBdriveby is a device designed to quickly and covertly install a backdoor and override DNS settings on an unlocked machine via USB. The security experts Samy Kamkar (@SamyKamkar) has proposed a very interesting way to compromise an unlocked computer and deploy a backdoor on it simply by using a pre-programmed Teensy microcontroller. The cheap ($20) […]

Pierluigi Paganini November 23, 2014
Electronic cigarettes exploited in the wild to serve malware

In a discussion started on the Reddit news media website it has been debated the case of a malware implanted by using electronic cigarettes connected over USB. Hackers are able to exploit any electronic device to serve a malware of to compromise a poorly protected network, electronic cigarettes have become the latest vector to serve spread […]

Pierluigi Paganini November 13, 2014
BadUSB update, it is hard to discriminate patchable USB devices

The researcher Karsten Nohl and his team presented an update on their BadUSB study.It is impossible to discriminate patchable devices from unpatchable ones. Earlier August 2014 the security expert Karsten Nohl and his team discovered that an attacker could exploit a new class of attacks based on a USB device to compromise a targeted machine. […]