Tuesday, June 25, 2024

Trump Signs Bill Banning on the Kaspersky Security Products from use of US Government

The controversy has gone months, and finally, President Trump signs the law on Tuesday which imposes the ban on Kaspersky from Federal use.

Last September Department of Homeland Security (DHS) release immediate order to Federal executive branch departments and agencies to take actions related to the use or presence of information security products, solutions, and services supplied directly or indirectly by AO Kaspersky Lab or related entities.

Ban imposed due to a lot of spying activity Controversy against the Kaspersky Products.They are in use by all US Government Agencies including NSA.

This incident reported by The Wall Street Journal says Russian Government Hackers are using Kaspersky software to stole NSA advance cyber weapons such as secret spying tools from NSA contractor personal Home Computer who has been employed the Russian Based Kaspersky Security Products.

Kaspersky continues to deny that they have not tied up with any government and it would not help a government with cyber espionage.Also, the company said they could open source code for review.

On Tuesday, Christopher Krebs, a senior cybersecurity official at the Department of Homeland Security, told that nearly all government agencies had fully removed Kaspersky products from their networks in compliance with the September order, reported Reuters.

Ban imposed according to SEC. 1634. According to the ban No department, agency, organization, or other element of the Federal Government may use, whether directly or through work with or on behalf of another department, agency, organization, or element of the Federal Government, any hardware, software, or services developed or provided, in whole or in part.

(1) Kaspersky Lab (or any successor entity);

(2) any entity that controls is controlled by, or is under common control with Kaspersky Lab; or

(3) any entity of which Kaspersky Lab has majority ownership.

The case against Kaspersky is well-documented and deeply concerning. This law is long overdue, and I appreciate the urgency of my bipartisan colleagues on the Senate Armed Services Committee to remove this threat from government systems,” Shaheen wrote in a press release.

Website

Latest articles

Threat Actor Claiming a 0-day in Linux LPE Via GRUB bootloader

A new threat actor has emerged, claiming a zero-day vulnerability in the Linux GRUB...

LockBit Ransomware Group Claims Hack of US Federal Reserve

The notorious LockBit ransomware group has claimed responsibility for hacking the U.S. Federal Reserve,...

Microsoft Power BI Vulnerability Let Attackers Access Organizations Sensitive Data

A vulnerability in Microsoft Power BI allows unauthorized users to access sensitive data underlying...

Consulting Companies to Pay $11 Million Failing Cybersecurity Requirements

Two consulting companies, Guidehouse Inc. and Nan McKay and Associates, have agreed to pay...

New RAT Malware SneakyChef & SugarGhost Attack Windows Systems

Talos Intelligence has uncovered a sophisticated cyber campaign attributed to the threat actor SneakyChef....

Chinese Winnti Group Intensifies Financially Motivated Attacks

Hackers are increasingly executing financially motivated attacks and all due to the lucrative potential...

PrestaShop Website Under Injection Attack Via Facebook Module

A critical vulnerability has been discovered in the "Facebook" module (pkfacebook) from Promokit.eu for...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

API Vulnerability Scanning

71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning..
Key takeaways include:

  • Scan API endpoints for OWASP API Top 10 vulnerabilities
  • Perform API penetration testing for business logic vulnerabilities
  • Prioritize the most critical vulnerabilities with AcuRisQ
  • Workflow automation for this entire process

Related Articles