BadUSB Controls for Engineering Teams
BadUSB controls that survive contact with engineering teams — USB device control, HID allowlisting, USBGuard and WDAC, plus detection that does not block real work.
7 articles
BadUSB controls that survive contact with engineering teams — USB device control, HID allowlisting, USBGuard and WDAC, plus detection that does not block real work.
Evil twin access point defenses for blue teams — detect rogue APs with a WIDS, why 802.1X server-cert validation and WPA3 matter, plus a captive-portal DNS signal.
A WiFi deauthentication detection guide — spot deauth floods with a WIDS, why 802.11w PMF and WPA3 help (and where they fall short, CVE-2023-21061), plus hardening.
USB Rubber Ducky detection patterns for blue teams — spotting HID injection with Sigma, USB device control and AppLocker hardening, and MITRE ATT&CK mapping.
A defender's guide to Proxmark3 RFID security — auditing 125 kHz and MIFARE Classic credentials, detecting cloned badges, and migrating to DESFire EV3 and AES.
The real Flipper Zero NFC risk for security teams — what it can and cannot clone, MIFARE Classic weaknesses, access-control detection, and credential hardening.
How blue teams use HackRF One for defensive RF awareness — spectrum baselining, rogue-transmitter detection, a WIDS monitoring approach, and RF hardening.