Security News

A threat actor with a suspected China nexus has been linked to a set of espionage attacks in the Philippines that primarily relies on USB devices as an initial infection vector. The reliance on infected USB drives to propagate the malware is unusual if not new.

A threat actor with a suspected China nexus has been linked to a set of espionage attacks in the Philippines that primarily relies on USB devices as an initial infection vector. The reliance on infected USB drives to propagate the malware is unusual if not new.

Microsoft has released the Windows 11 KB5017328 cumulative update with security updates and improvements, including USB printing and Bluetooth headsets fixes. KB5017328 is a mandatory cumulative update containing the September 2022 Patch Tuesday security updates for vulnerabilities discovered in previous months.

Already, previous versions of the Rubber Ducky could carry out attacks like creating a fake Windows pop-up box to harvest a user's login credentials or causing Chrome to send all saved passwords to an attacker's webserver. These attacks had to be carefully crafted for specific operating systems and software versions and lacked the flexibility to work across platforms.

Industrial organizations face security threats not only on their networks but across their factories and facilities. A report published Tuesday by Honeywell looks at how malware on USB devices can threaten industrial facilities.

Microsoft on Friday disclosed a potential connection between the Raspberry Robin USB-based worm and an infamous Russian cybercrime group tracked as Evil Corp. The tech giant said it observed the FakeUpdates malware being delivered via existing Raspberry Robin infections on July 26, 2022. Raspberry Robin, also called QNAP Worm, is known to spread from a compromised system via infected USB devices containing malicious a.LNK files to other devices in the target network.

Microsoft is warning customers that Windows updates released since June 28 will trigger printing issues on devices connected using USB. "Microsoft has received reports of issues affecting some printing devices following installation of Windows updates released June 28 and later," Redmond explained. "Normal printer usage might be interrupted for either scenario, resulting in failure of printing operations," the company said in a notice on the Windows health dashboard.

A Japanese contractor working in the city of Amagasaki, near Osaka, reportedly mislaid a USB drive containing personal data on the metropolis's 460,000 residents. It's unknown how good of a time the man had, but he did reportedly end up passing out in the street, Japanese news source NHK reported the company who employed him as saying, elaborating on an incident report from the Amagasaki city government.

Wormable malware dubbed Raspberry Robin has been active since last September and is wriggling its way through USB drives onto Windows machines to use Microsoft Standard Installer and other legitimate processes to install malicious files, researchers have found. Eventually the worm installs malicious dynamic link library files found on the infected USB. While researchers first noticed Raspberry Robin as early as September 2021, most of the activity observed by Red Canary occurred during January of this year, researchers said.

Microsoft has released a new Windows 11 build with a long list of changes, improvements, and fixes for known issues, available for all Windows Insiders that will install the Windows 11 Insider Preview Build 22579 pushed to the Dev Channel. The build's highlight is a new policy for Windows admins who want to exclude USB removable drives from BitLocker encryption.