Top Computer Security Stories

It may have been one of the most significant security non-events ever, but hardly a day goes by when we don't hear about "that incident" last June when Trojan-ridden USB thumb drives were scattered around the parking lot, smoking area, and other public places at a regional credit union to see if its users would take the bait. (See Social Engineering, the USB Way.)

The story was a hit because it struck a nerve. The credit union users got punk'd, of course, and installed the thumb drives on their office computers -- something all security managers fear their own users would do. The brains behind this bold social engineering scheme, penetration tester and Dark Reading columnist Steve Stasiukonis, had decided to try something different from his usual M.O. of taking a drag with the smokers, sweet-talking the receptionist, and commandeering a conference room to jack into his clients' networks.

It worked too well: All 15 of the 20 USB drives that were found were installed on a credit union machine. But the Trojan infecting the USB sticks was a benign one, merely busting the duped users by collecting their passwords, logins, and machine information, and emailing the findings back to Stasiukonis and company.

Nervous laughter helped make this story our biggest one so far.

Read about the other 9 stories here:  http://www.darkreading.com/document.asp?doc_id=123105