this post was submitted on 13 Jun 2024
817 points (98.5% liked)
Technology
60016 readers
2696 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I've been the one identifying the people who use jigglers. Usually it was a manager coming to us to look for a reason to fire a poor employee or a contractor trying to bill a suspiciously large number of hours for the work produced. If it was just poor performance, HR would make us do a PIP and waste 3 months on them. Violating security procedures and falsifying time sheets was an immediate termination. And for the contractors, you need evidence in order to refuse payment.
Btw, if you want to get away with it, don't use a software or USB one. Get one that interfaces with a regular mouse. Modern cybersecurity software logs every process executed and device connected.
But the USB one is going to be identified as a mouse (input device), you can even change the hardware id to be the same as the work mouse no?
USB devices have a hard coded vendor identifier and product identifier built into them that are issued from a central authority. The ones I saw were easily identifiable as not legitimate mice.
I know but you can change it, I think, at least in the bad usb devices that we use for red team