It sure would be nice if Windows client would pop-up some sort of dynamic challenge (like eg. a very simple CAPTCHA) on screen when a peripheral reporting as an HID device was plugged in before allowing input from that device to manipulate things in the OS. Sure would be nice.https://twitter.com/mame82/status/1205538348934352897 …
-
-
While it is targeted for enterprises, there are USB controls in W10 to mitigate these type of threats.https://docs.microsoft.com/en-us/windows/security/threat-protection/device-control/control-usb-devices-using-intune#block-untrusted-and-unsigned-processes-on-usb-peripherals …
-
I don't think any of those protections would help against a malicious USB HID (e.g. Keyboard) device.
- 4 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
USB cable with implant for bi-directional RF communication connects mobile phone in airplane mode, with Win10 box (no network connections).
2nd mobile injects keystrokes and brings up a covert channel shell, using the RF implant. File transfer still works