Security News

Microsoft has released the optional KB5034848 Preview cumulative update for Windows 11 23H2 and 22H2, which brings new features, including USB 80Gbps and nineteen other changes and fixes. The KB5034848 cumulative update preview is part of Microsoft's "Optional non-security preview updates" schedule, released on the fourth week of every month.

A financially motivated threat actor using USB devices for initial infection has been found abusing legitimate online platforms, including GitHub, Vimeo, and Ars Technica, to host encoded payloads embedded in seemingly benign content. The attackers hide these payloads in plain sight, placing them in forum user profiles on tech news sites or video descriptions on media hosting platforms.

A financially motivated threat actor known as UNC4990 is leveraging weaponized USB devices as an initial infection vector to target organizations in Italy. Google-owned Mandiant said the attacks...

Microsoft is now testing support for the USB4 Version 2.0 specification in Windows 11, enabling transfer speeds of up to 80 Gbps over USB Type-C cables. USB 80Gbps is now being tested in the Windows 11 Insider Preview Build 23615, which was released today in the Dev Channel.

A new worm that spreads via USB sticks is infecting computers in Ukraine and beyond. The group­-known by many names, including Gamaredon, Primitive Bear, ACTINIUM, Armageddon, and Shuckworm-has been active since at least 2014 and has been attributed to Russia's Federal Security Service by the Security Service of Ukraine.

A recently discovered worm that researchers call LittleDrifter has been spreading over USB drives infecting systems in multiple countries as part of a campaign from the Gamaredon state-sponsored espionage group. Malware researchers saw indications of compromise in the United States, Ukraine, Germany, Vietnam, Poland, Chile, and Hong Kong, which suggests that the threat group lost control of LittleDrifter, which reached unintended targets.

Russian cyber espionage actors affiliated with the Federal Security Service (FSB) have been observed using a USB propagating worm called LitterDrifter in attacks targeting Ukrainian entities....

A new sophisticated threat tracked as 'TetrisPhantom' has been using compromised secure USB drives to target government systems in the Asia-Pacific region. Secure USB drives store files in an encrypted part of the device and are used to safely transfer data between systems, including those in an air-gapped environment.

Government entities in the Asia-Pacific (APAC) region are the target of a long-running cyber espionage campaign dubbed TetrisPhantom. "The attacker covertly spied on and harvested sensitive data...

In its 2023 Mid-Year Cyber Security Report, Check Point Software spotlighted numerous exploits so far this year, including novel uses of artificial intelligence and an old-school attack vector: USB drives. Check Point also reported that state-aligned threat actors are even launching 10-year-old infections such as ANDROMEDA via USB drives.