Found USB drives and peoples curiosity can compromise a network in a heartbeat.

Here is the full article (http://www.darkreading.com/document.asp?doc_id=95556&WT.svl=column1_1).

Now the question becomes do you have your fstab set to automount drives and with what permissions?

krp

what an easy way to take down a company. as they say "curiosity killed the cat" :)

This is the sneakernet version of email attachments. Old news, and we've known about social engineering for years.

This is the sneakernet version of email attachments. Old news, and we've known about social engineering for years.

Yes, but it is an extremely tempting variant, because USB sticks are just attractive gadgets with added value, an email isn't.

But it brings it down to the point: if you want to start a disease you might be better of with a bunch of USB sticks than with a hacked email server.

Some sure things in life: you can count on the stupidity, you can count on greed, if you attach a small note that the sticks containg porn you can count on the hormones too. Not everybody is a testosterone driven greedy idiot, but I always wonder how many people actually seem to be.

Benjamin

.... if you attach a small note that the sticks containg porn you can count on the hormones too. Not everybody is a testosterone driven greedy idiot, but I always wonder how many people actually seem to be.

Benjamin

And this was why the Ana Kornikova (or however you spell her name) virus was so successful. I guess the USB stick being a "found" physical item is an added incentive, but it's really the idea of someone being able to look at something that maybe they aren't supposed to be seeing that gets to people. If they'd just wanted a free USB stick they'd have simply reformatted it or at least deleted the files on it. The payload probably happened when they opened some file on it, not just by plugging it in (though the story does not make that clear one way or the other).