Talos names eight deadly sins in widely used industrial software A researcher at Cisco's Talos threat intelligence team found eight vulnerabilities in the Open Automation Software (OAS) platform that, if exploited, could enable a bad actor to access a device and run code on a targeted system. The OAS platform is widely used by a range of industrial enterprises, essentially facilitating the …
Sorry, but I am less worried about that than I am worried about state-backed miscreants infiltrating and wreaking havoc from afar.
The rule is always the same anyway : once local access is possible, all bets are off and the system can easily be compromised. A malicious USB means some traitor has decided to usurp his position and authority in order to do evil. There are safeguards against that, but the best safeguard is treating your personnel properly and paying them fairly. If they work in a serious branch of industry, they should know the importance of their position and that should be sufficient.
"A malicious USB means some traitor has decided to usurp his position and authority in order to do evil."
Malware installed on a network that is air gapped from the internet is more likely to happen because someone finds an usb stick with the company logo in the parking lot and decides to connect it to his computer to check if the content allows him to figure out which of his colleagues lost that stick.
Good intenentions can cause as much harm as malicious operators.
Automatic installation of drivers transparent to the user when a new usb device is connected is so convenient - whatever could go wrong?
> A researcher at Cisco's Talos threat intelligence team found eight vulnerabilities in the Open Automation Software (OAS) platform that, if exploited, could enable a bad actor to access a device and run code on a targeted system.
Why would Steven Seagal want to do that?
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
