July 25, 2024 at 08:08AM Kaspersky proposed a “comprehensive assessment framework” to verify its security products to the US Department of Commerce, aiming to mitigate supply chain risks and provide security assurances. Despite this, the Commerce Department did not respond to the proposal. The framework includes localization of data processing, review of data received, and … Read more
July 24, 2024 at 12:06PM The GhostEmperor threat group, initially identified by Kaspersky in 2021, saw a potential resurgence in a 2023 compromise investigated by Sygnia. They associated the new compromise with similarities in infection chains and the use of the Demodex rootkit. However, uncertainty remains whether this represents the return of GhostEmperor or a … Read more
July 18, 2024 at 12:33PM Kaspersky proposes independent verification following US government ban on its products. The antivirus maker pledges to comply with Department of Commerce rulings but maintains the ban is politically motivated. The company offers a comprehensive assessment framework and will cease sales of new contracts in the US. Updates will be halted … Read more
July 16, 2024 at 06:30AM Russian cybersecurity firm Kaspersky is shutting down its US operations after the Commerce Department’s ban on selling its software in the country. The decision, effective July 20, 2024, is due to the company deeming US business opportunities no longer viable. It is laying off less than 50 US employees and … Read more
July 16, 2024 at 12:45AM Russian security vendor Kaspersky is exiting the U.S. market due to a national security risk, following a ban announced by the Commerce Department. The company will cease U.S. operations on July 20, laying off fewer than 50 employees. The move is a response to U.S. legal requirements and concerns about … Read more
July 8, 2024 at 12:34PM A new cyber espionage group called CloudSorcerer has been detected targeting Russian government entities using cloud services for command-and-control (C2) and data exfiltration. The group’s innovative tactics and use of cloud resources, including Microsoft Graph, Yandex Cloud, Dropbox, and GitHub, demonstrates a sophisticated approach to cyber espionage and data collection. … Read more
July 8, 2024 at 11:48AM Kaspersky has reported a new advanced persistent threat (APT) actor named CloudSorcerer targeting Russian government entities for cyberespionage. The actor exfiltrates data using Dropbox, Microsoft Graph, and Yandex Cloud, while utilizing public cloud services for command-and-control infrastructure. This technique is different from that of the CloudWizard APT, leading Kaspersky to … Read more
June 22, 2024 at 04:22AM The US government banned Kaspersky Lab from selling its products and issuing updates in America, and sanctioned some of its top executives on Friday. A 12-minute video discussion on this topic, “Kettle,” features cybersecurity editor Jessica Lyons, journalists Tom Claburn, Chris Williams, and Iain Thomson. The video is available as … Read more
June 1, 2024 at 05:34PM Kaspersky released a new virus removal tool called KVRT for Linux, offering free scanning and removal of malware and known threats. Despite misconceptions about Linux security, recent backdoor examples prove otherwise. KVRT is not real-time protection but scans and cleans malware, adware, and more, supporting various Linux distributions. The tool … Read more
May 23, 2024 at 05:34PM Ransomware dubbed ShrinkLocker, utilizing Microsoft BitLocker to encrypt and extort payments, has been spotted by Kaspersky’s security team. The malware targets various sectors and hinders effective response, maximizing damage. It uses VBScript to determine the OS and allows attackers to change partition labels, extort victims, and delete recovery options. Kaspersky … Read more