Does anyone have information regarding this issue (regardin Symantec Endpoint Protection)?
See https://www.blackhat.com/us-14/briefings.html#badusb-on-accessories-that-turn-evil
Thanks in advance
Peter
In terms of what? Alludes to the fact this isn't detectable with current defenses. I would be curious to see how it outsmarts SEPs device control feature though. There are many options for blocking devices and/or controlling them.
This presentation is set for Thursday so have to wait til then.
Hi .Brian, thanks. In terms of security and consequent changes, if necessary, was meant. We don't use the SEP-Component ADC and this (therefore) may require some action (although we use another tool to control USB). So I'll wait.
Hi Peter,
Thanks for the query. Symantec's Security Response team are aware of this- it appears to be a fundamental hardware/firmware flaw within USB itself. We are continuing to research and (as with all threats) will develop protection against any exploit code, if appropriate and feasable.
in the meantime, ensure that your organization is security-conscious and is following best practices:
Symantec Endpoint Protection – Best Practices http://www.symantec.com/theme.jsp?themeid=stopping_malware&depthpath=0
With best regards,
Mick
Thanks Mick.
Sincerely
Here you can find detailed and actual informations regarding BadUSB https://srlabs.de/badusb/