Threat Level: green Handler on Duty: Pasquale Stirparo

SANS ISC: InfoSec Handlers Diary Blog - Did you check your conference goodies? InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Did you check your conference goodies?

Published: 2009-04-24
Last Updated: 2009-04-24 19:26:48 UTC
by Pedro Bueno (Version: 1)
1 comment(s)

This year I went to the RSA to have lunch with some friends.

It was nice to get together with some other SANS ISC friends too, as Johannes, Marc and Lenny.

Good to see them again. Also while visiting the expo, something occurred to me. Some booths were giving away pen-drives with promotional material. It is easy to imagine that the booth was always crowded.

So, to get your pen drive you just put your business card and pick your pendrive among several over the table and go away...cool...

I don’t like people scanning my badge or using my business card to send me offers later, so , previously, I went to some other booths, collected a bunch of business card from sales people (they love to give them away...:) ) and went to the 'pen-drive booth' to get mine...:)

If I have a malicious intent, I would go to some other place, plug my new pen-drive, load an autorun-kind of malware, or fill it wth malicious PDFs and return it to the crowded booth table full of pen-drives...And I would be able to do it several times...

An average user would get it, plug in his computer and happily install it and be p0wned…

 So, did you test your goodies on a safe environment, preferable on a non autorun-able machine, like a mac or linux? Also did you use your AV to scan those PDFs against exploits? :)

Be safe, be paranoid…:)

-----------------------------------------------------------------

Pedro Bueno ( pbueno // isc. sans. org)

http://twitter.com/besecure

 

1 comment(s)
Diary Archives