“BadUSB” Exploit
October 07, 2014
There is a new exploit that has hit the internet called BadUSB that poses a Security threat based on USB devices. Instructions and applications to create infected USB devices are available on the internet. The exploit allows installation into the USB’s firmware where it is run automatically when plugged into a computer system. The firmware is the set of “instructions” used by the usb device to start up and be read by your computer. Current anti-malware software does not read this area of devices and is unable to protect from this exploit. If the anti-malware may be able to recognize the malware activity once it starts and be able to protect the computer and data; Keep your anti-malware up-to-date.
Since this exploit requires a user to insert a USB that has been created to allow this exploit, Be careful of free USB drives, USB drives found, USB devices from unknown or suspicious sources and Always Lock Your Computer when you leave your desk.
Additional information on BadUSB can be found at http://mashable.com/2014/10/03/how-can-you-avoid-badusb/ or https://srlabs.de/badusb/