InfoSecBulletin Cybersecurity for mankind
The US plans to ban the sale of Kaspersky antivirus software due to its alleged ties to the Kremlin. Gina Raimondo, the US Commerce Secretary, said that Moscow’s control over the company was a big threat to US infrastructure and services.
She said that the US was compelled to take action due to Russia’s “capacity and… intent to collect and weaponize the personal information of Americans”.
CVSS 9.6: IBM QRadar & Cloud Pak Security Flaws Exposed
ALERT
Thousands of IP addresses compromised nationwide: CIRT warn
New Android Malware ‘Crocodilus’ Targets Banks in 8 Countries
Qualcomm Patches 3 Zero-Days Used in Targeted Android Attacks
Critical RCE Flaw Patched in Roundcube Webmail
Hacker claim Leak of Deloitte Source Code & GitHub Credentials
CISA Issued Guidance for SIEM and SOAR Implementation
Linux flaws enable password hash theft via core dumps in Ubuntu, RHEL, Fedora
Australia enacts mandatory ransomware payment reporting
Why Govt Demands Foreign CCTV Firms to Submit Source Code?
“Kaspersky will generally no longer be able to, among other activities, sell its software within the United States or provide updates to software already in use,” the Commerce Department said.
The plan uses strong powers given by the Trump administration to stop or control business deals between US companies and technology firms from “foreign adversary” nations such as Russia and China.
Starting from September 29th, the plan will prohibit software updates, resales, and licensing of the product. Additionally, new business will be limited within 30 days of the announcement.
Sellers and resellers who break the rules will be fined by the Commerce Department. The Commerce Department will list two Russian and one UK-based unit of Kaspersky. They are being accused of cooperating with Russian military intelligence.
US regulators have been focusing on the company for a long time. In 2017, the Department of Homeland Security banned its main antivirus product from federal networks due to suspected links to Russian intelligence.
The multinational company is based in Moscow, but it has offices in 31 countries worldwide. It serves over 400 million users and 270,000 corporate clients in more than 200 countries. The Commerce Department stated that the number of affected customers in the US is confidential business information.
However, a Commerce Department official was quoted by Reuters as saying that it was a “significant number” and included state and local governments and companies that supply telecommunications, power, and healthcare.
Kaspersky said in a statement that the Commerce Department “made its decision based on the present geopolitical climate and theoretical concerns,” and vowed to “pursue all legally available options to preserve its current operations and relationships.”
“Kaspersky does not engage in activities which threaten US national security and, in fact, has made significant contributions with its reporting and protection from a variety of threat actors that targeted US interests and allies,” the company said.
