Security News

In the port city of Guayaquil, journalist Lenin Artieda of the Ecuavisa private TV station received an envelope containing a pen drive which exploded when he inserted it into a computer, his employer said. Artieda sustained slight injuries to one hand and his face, said police official Xavier Chango.

Police in Ecuador are investigating attacks on media organizations across the country after a journalist was injured by an exploding USB flash drive. Lenin Artieda, a journalist and presenter for an Ecuavisa TV program, was reportedly injured as a result of a USB drive that blew up when he inserted it into a computer.

Automakers Hyundai and KIA are rolling out an emergency software update on several of their car models impacted by an easy hack that makes it possible to steal them."In response to increasing thefts targeting its vehicles without push-button ignitions and immobilizing anti-theft devices in the United States, Hyundai is introducing a free anti-theft software upgrade to prevent the vehicles from starting during a method of theft popularized on TikTok and other social media channels," reads Hyundai's announcement.

Security researchers have analyzed a variant of the PlugX malware that can hide malicious files on removable USB devices and then infect the Windows hosts they connect to. Looking for similar samples, Unit 42 also discovered a PlugX variant on Virus Total that locates sensitive documents on the compromised system and copies them to a hidden folder on the USB drive.

Cybersecurity researchers have uncovered a PlugX sample that employs sneaky methods to infect attached removable USB media devices in order to propagate the malware to additional systems. "This PlugX variant is wormable and infects USB devices in such a way that it conceals itself from the Windows operating file system," Palo Alto Networks Unit 42 researchers Mike Harbison and Jen Miller-Osborn said.

A threat actor with a suspected China nexus has been linked to a set of espionage attacks in the Philippines that primarily relies on USB devices as an initial infection vector. The reliance on infected USB drives to propagate the malware is unusual if not new.

A threat actor with a suspected China nexus has been linked to a set of espionage attacks in the Philippines that primarily relies on USB devices as an initial infection vector. The reliance on infected USB drives to propagate the malware is unusual if not new.

Microsoft has released the Windows 11 KB5017328 cumulative update with security updates and improvements, including USB printing and Bluetooth headsets fixes. KB5017328 is a mandatory cumulative update containing the September 2022 Patch Tuesday security updates for vulnerabilities discovered in previous months.

Already, previous versions of the Rubber Ducky could carry out attacks like creating a fake Windows pop-up box to harvest a user's login credentials or causing Chrome to send all saved passwords to an attacker's webserver. These attacks had to be carefully crafted for specific operating systems and software versions and lacked the flexibility to work across platforms.

Industrial organizations face security threats not only on their networks but across their factories and facilities. A report published Tuesday by Honeywell looks at how malware on USB devices can threaten industrial facilities.