InfoSecBulletin Cybersecurity for mankind
The US plans to ban the sale of Kaspersky antivirus software due to its alleged ties to the Kremlin. Gina Raimondo, the US Commerce Secretary, said that Moscow’s control over the company was a big threat to US infrastructure and services.
She said that the US was compelled to take action due to Russia’s “capacity and… intent to collect and weaponize the personal information of Americans”.
CVSS 10.0 Flaw
Critical flaw in Siemens OZW Web Servers Enable Unauthenticated RCE
Microsoft Patch Tuesday May 2025: 72 flaws, 5 Actively Exploited Zero-Day
OTP glitch disrupted NID services across the country
Google to pay Texas $1.4 billion for location tracking practices
YouTube geo-blocks at least 4 Bangladeshi TV channels in India
Microsoft Patches Four Critical Azure and Power Apps Vulns
Qilin Ransomware topped April 2025 with 45+ data leak disclosures
SonicWall Patches 3 Flaws in SMA 100 Devices
Top Ransomware Actively Attacking Financial Sector: 406 Incidents Disclosed
Critical (CVSS 10) Flaw in Cisco IOS XE WLCs Allows RRA
“Kaspersky will generally no longer be able to, among other activities, sell its software within the United States or provide updates to software already in use,” the Commerce Department said.
The plan uses strong powers given by the Trump administration to stop or control business deals between US companies and technology firms from “foreign adversary” nations such as Russia and China.
Starting from September 29th, the plan will prohibit software updates, resales, and licensing of the product. Additionally, new business will be limited within 30 days of the announcement.
Sellers and resellers who break the rules will be fined by the Commerce Department. The Commerce Department will list two Russian and one UK-based unit of Kaspersky. They are being accused of cooperating with Russian military intelligence.
US regulators have been focusing on the company for a long time. In 2017, the Department of Homeland Security banned its main antivirus product from federal networks due to suspected links to Russian intelligence.
The multinational company is based in Moscow, but it has offices in 31 countries worldwide. It serves over 400 million users and 270,000 corporate clients in more than 200 countries. The Commerce Department stated that the number of affected customers in the US is confidential business information.
However, a Commerce Department official was quoted by Reuters as saying that it was a “significant number” and included state and local governments and companies that supply telecommunications, power, and healthcare.
Kaspersky said in a statement that the Commerce Department “made its decision based on the present geopolitical climate and theoretical concerns,” and vowed to “pursue all legally available options to preserve its current operations and relationships.”
“Kaspersky does not engage in activities which threaten US national security and, in fact, has made significant contributions with its reporting and protection from a variety of threat actors that targeted US interests and allies,” the company said.
