A newly discovered flaw in USB vendor Sandisk's secure USB technology leaves the devices vulnerable to attack and has led to the recall and patching of several secure USB drive products.
A flaw in the password-handling process of Sandisk's Cruzer Enterprise USBs leaves the devices vulnerable to hackers: Sandisk issued a security alert and update last month for multiple models of the Cruzer Enterprise drives that fixes the bug in the access-control features. The USB vendor emphasized in the alert that the flaw is not in the device hardware or firmware, but in the application that runs on the host system.
Meanwhile, secure USB vendor Kingston Technologies, which security experts say uses Sandisk software in its products, has recalled three of its secure USB drives, warning its customers that data on the encrypted drives could be accessed by seasoned attackers and recommended that the drives be physically returned for updates.
Click Here for the rest of the article.