Security News
According to a report released by Honeywell, USB threats that can severely impact business operations increased significantly during a disruptive year when the usage of removable media and network connectivity also grew. USB devices leading to OT critical business disruption.
Much of the malware discovered last year by industrial organizations on USB drives was capable of causing disruption to industrial control systems, according to a new report from Honeywell. Honeywell's 2021 Industrial Cybersecurity USB Threat Report is based on data collected by the company's Forge Secure Media Exchange product, which is designed to protect industrial facilities from USB-borne threats by requiring users to check USB drives for potential threats using a dedicated device before connecting them to any endpoint within the organization.
Huawei has belatedly fixed an embarrassing vulnerability in a USB connectivity dongle, spotted by Trustwave, after The Register intervened. When infosec firm Trustwave's Spiderlabs division took a closer look at the stick last year, its researchers found a security blunder that affects macOS users: the USB stick acts as a storage drive that includes software to install to manage the dongle.
This week, a Trustwave security researcher disclosed a privilege escalation flaw in Huawei's USB LTE dongles. Huawei LTE driver autoruns with maximum permissions.
USB ports in any organization's network need to be controlled because connected devices such as USB drives and smartphones can be used to transfer malware to computers or extract data assets. Blocking at the client-side continues until the device is removed from the computer or the device is authorized from the control at server-side.
DataLocker announced the release of an entirely new breed of encrypted USB drive. The DL4 FE changes the game for security professionals by providing bulletproof security and simple remote management in a small-form-factor USB drive with capacities up to 15.3 TB. "The onslaught of attacks by state actors, hackers, and cyber cartels continues. Threat actors are trying to exfiltrate terabytes of data to hold for ransom. Some want access to essential IT systems for later exploitation."
Microsoft has released the KB4586819 non-security preview cumulative update for Windows 10 versions 1809, 1903, and 1909, with fixes for game crash issues and for USB 3.0 hubs causing connected devices to stop working. Windows 10 users who install the KB4586819 update may experience issues with system and user certificates getting lost when updating from Windows 10 1809 to later versions using outdated update media.
Microsoft has released the Windows 10 1909 KB4580386 monthly "C" release preview cumulative update with quality improvements and fixes for Microsoft Xbox Game Pass, USB printer, and screen flashing issues. This preview cumulative update addresses an issue preventing Microsoft Xbox Game Pass users from playing some games that they were eligible to play and fixes a reliability issue that causes the display to flash constantly.
Honeywell announces the launch of Honeywell Secure Media Exchange R201.1, an enterprise software offering to better protect users from advanced malware and firmware-based cybersecurity attacks from USB drives and other removable media. "We are excited to expand Honeywell SMX as an enterprise security solution to include hardware device management with our TRUST V2 ," said Jeff Zindel, vice president and general manager, Honeywell Connected Enterprise Cybersecurity.
Kingston Digital announces the availability of the 128GB DataTraveler 2000 encrypted USB flash drive. DataTraveler 2000 features an alphanumeric keypad that allows users to lock the drive with a word or number combination for an easy-to-use PIN, providing an extra layer of protection.