USBwarningOk, once again we have a very scary computer security / insecurity revelation. USB drives are horribly insecure!

We have known to be concerned of devices that map directly to memory, like FireWire. They can access the computer ram and read it or write it without restriction. USB always seemed to be more secure than these devices because they didn’t have direct access to ram. The only thing we thought we needed to worry about with USB was either malicious files on the USB stick or if it was a keyboard entry stick like the rubber ducky stick.

Well now we have more to worry about. Because those USB drives also have a firmware section that make them work. Now researchers have found that you can put exploit code into the firmware. This is a section that is not scanned by antivirus and not normally visible to the operating system.

For more on the dangers:

Hackers can tap USB devices in new attacks, researcher warns
http://news.yahoo.com/hackers-tap-usb-devices-attacks-researcher-warns-070243916–finance.html

USB: The ultimate hacking tool?
http://gianiwvl.wordpress.com/2014/08/03/usb-the-ultimate-hacking-tool/

What are the Dangers of using an untrusted USB drive? (Before the new firmware exploits)
http://lifehacker.com/what-are-the-dangers-of-using-an-untrusted-usb-drive-1533523741