Tuesday, March 19, 2024

Trump Signs Bill Banning on the Kaspersky Security Products from use of US Government

The controversy has gone months, and finally, President Trump signs the law on Tuesday which imposes the ban on Kaspersky from Federal use.

Last September Department of Homeland Security (DHS) release immediate order to Federal executive branch departments and agencies to take actions related to the use or presence of information security products, solutions, and services supplied directly or indirectly by AO Kaspersky Lab or related entities.

Ban imposed due to a lot of spying activity Controversy against the Kaspersky Products.They are in use by all US Government Agencies including NSA.

This incident reported by The Wall Street Journal says Russian Government Hackers are using Kaspersky software to stole NSA advance cyber weapons such as secret spying tools from NSA contractor personal Home Computer who has been employed the Russian Based Kaspersky Security Products.

Kaspersky continues to deny that they have not tied up with any government and it would not help a government with cyber espionage.Also, the company said they could open source code for review.

On Tuesday, Christopher Krebs, a senior cybersecurity official at the Department of Homeland Security, told that nearly all government agencies had fully removed Kaspersky products from their networks in compliance with the September order, reported Reuters.

Ban imposed according to SEC. 1634. According to the ban No department, agency, organization, or other element of the Federal Government may use, whether directly or through work with or on behalf of another department, agency, organization, or element of the Federal Government, any hardware, software, or services developed or provided, in whole or in part.

(1) Kaspersky Lab (or any successor entity);

(2) any entity that controls is controlled by, or is under common control with Kaspersky Lab; or

(3) any entity of which Kaspersky Lab has majority ownership.

The case against Kaspersky is well-documented and deeply concerning. This law is long overdue, and I appreciate the urgency of my bipartisan colleagues on the Senate Armed Services Committee to remove this threat from government systems,” Shaheen wrote in a press release.

Website

Latest articles

Hackers Exploiting Microsoft Office Templates to Execute Malicious Code

In a cyberattack campaign dubbed "PhantomBlu," hundreds of employees across various US-based organizations were...

How ANY.RUN Malware Sandbox Process IOCs for Threat Intelligence Lookup?

The database includes indicators of compromise (IOCs) and relationships between different artifacts observed within...

CryptoWire Ransomware Attacking Abuses Schedule Task To maintain Persistence

AhnLab security researchers detected a resurgence of CryptoWire, a ransomware strain originally prevalent in...

E-Root Admin Sentenced to 42 Months in Prison for Selling 350,000 Credentials

Tampa, FL – In a significant crackdown on cybercrime, Sandu Boris Diaconu, a 31-year-old...

WhiteSnake Stealer Checks for Mutex & VM Function Before Execution

A new variant of the WhiteSnake Stealer, a formidable malware that has been updated...

Researchers Hacked AI Assistants Using ASCII Art

Large language models (LLMs) are vulnerable to attacks, leveraging their inability to recognize prompts...

Microsoft Deprecate 1024-bit RSA Encryption Keys in Windows

Microsoft has announced an important update for Windows users worldwide in a continuous effort...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles