Volume 1 - Issue 4, November - December 2025

Universal Serial Bus (USB) devices are ubiquitous in modern computing, enabling convenient connectivity for data transfer, peripherals, and storage. However, USB devices also serve as effective gateways for cyber and cyber-physical attacks, including firmware manipulation, malware propagation, covert communication channels, and hardware-based exploits. Physical access vulnerabilities such as Direct Memory Access (DMA) attacks and peripheral manipulation further amplify these risks. This paper presents a comprehensive review of USB threats and physical access attacks, emphasizing techniques such as BadUSB, DMA exploitation, covert channels, and hardware Trojans. Mitigation strategies including device authentication, firmware verification, honeypots, access control policies, and employee awareness are discussed. Industry reports and real-world incidents demonstrate that an integrated technical and administrative security approach is essential to effectively securing modern computing and industrial systems.