Now some of you reading this headline will be thinking “wait, didn’t the US already ban Kaspersky?” The answer is sort of. They were banned on federal government networks. But you and I could still get a copy of the anti-virus software for example. Well, that has changed as the Biden administration has banned them outright:
Yesterday, the Department of Commerce issued a final determination pursuant to Executive Order (E.O.) 13873 prohibiting Kaspersky Lab, Inc., its affiliates, subsidiaries and parent companies directly or indirectly from providing anti-virus software and cybersecurity products or services in the United States or to U.S. persons. Commerce reached this determination after an investigation found transactions involving the products and services of Kaspersky Lab, Inc. and its corporate family pose unacceptable risk to U.S. national security or the safety and security of U.S. persons, as outlined in E.O. 13873.
In addition, the Department of Commerce has designated AO Kaspersky Lab and OOO Kaspersky Group (Russia), and Kaspersky Labs Limited (United Kingdom) on the Entity List for their cooperation with Russian military and intelligence authorities in support of the Russian government’s cyber intelligence objectives. These activities are contrary to U.S. national security and foreign policy interests.
Damir J. Brescic, CISO, Inversion6 had this comment:
The reason that the U.S. government took such a stance is due to the concerns that Kaspersky could/has complied with the Russian government in what could be seen as assisting in cyber espionage or other malicious activity. The concern is obviously heightened by some of the controversial laws Russia has in general regarding cybersecurity; where they require companies to assist the government in intelligence gathering activities. Similar to other nation-state threat actors, such as China, Iran and North Korea.
There are a few key aspects that companies and even government agencies need to take into consideration when assessing the impact of a software tool, such as Kaspersky. The major concern is that the Kaspersky antivirus solution, when implemented in an organization, requires extensive system privileges to function correctly, as most solutions of its kind do. This type of technology can provide a threat actor the potential to exploit and gain access to a systems configuration, sensitive data, and network connections.
If an organization is currently utilizing the Kaspersky antivirus software, they should look to conduct the following steps:
Deactivate the Kaspersky software immediately on all their host systems
Conduct a thorough risk assessment of the organizational use of this Kaspersky software; this should include the potential impact of compromise, as well as the likelihood of such an event
Start evaluating alternative solutions from a trusted vendor
Implement robust monitor detection
Review incident response capabilities and plans, and potentially run a tabletop exercise
For advanced measures, look to implement network segmentation to limit the spread of any malware and reduce the overall impact from potential threat and compromise
All of this is good advice as unlike the when the US government network ban came into effect, Kaspersky sued the government, I can’t find any statements or any other reaction from the Russian software company. Their silence suggests a lot in my opinion.
Threat actors are actively exploiting a SolarWinds Serv-U path-traversal vulnerability, leveraging publicly available proof-of-concept (PoC) exploits.
Although the attacks do not appear particularly sophisticated, the observed activity underscores the risk posed by unpatched endpoints, emphasizing the urgent need for administrators to apply the security updates.
Rogier Fischer, CEO and Co-Founder, Hadrian had this comment:
“Exploiting this vulnerability can lead to significant issues such as unauthorized data access, resulting in potential data breaches and non-compliance with regulations, from GDPR to HIPAA. Financial implications are considerable, involving not only the costs of incident response and mitigation but also regulatory fines and legal actions from affected customers. In an idea world, organizations utilizing this software would have applied the patch already, considering how big the earlier SolarWinds fiasco was.”
This is another one of those times where you need to drop everything and patch away. Seeing as this exploit is out there and being used by threat actors, you really have no other choice.
Posted in Commentary with tags Targus on June 21, 2024 by itnerd
Targus today introduced its new lineup of commercial-grade form-fit Chromebook™ cases and protective iPad® cases for the education market at ISTELive 24, June 23rd-26th. These new additions further expand Targus’ extensive portfolio of innovative laptop bags, hard cases, and accessories designed to carry, connect, and protect students’ technology in the classroom and beyond.
The new Commercial-Grade Form-Fit Clear Cases arriving in June/July are translucent cases made for the latest Dell, Lenovo, and HP Chromebooks™. These cases feature drop-rated protection up to the typical school desk height of three feet, enhanced corner and edge protection, a thin and lightweight molded design, and easy access to all ports. Plus, like all Targus laptop bags and cases, they’re backed by Targus’ limited lifetime warranty.
Available now, Targus has also added two new iPad cases to its portfolio delivering portable protection for the latest iPad® (10thgeneration), iPad Air® (M2), and iPad Pro® (M4) devices in the classroom and beyond: a SafePort® Clear Case and Kids Antimicrobial Case.
With military-grade drop protection up to six feet, Targus’ Kids Antimicrobial Case is the perfect solution for young learners to keep their iPad protected from inevitable drops and bumps, while enjoying more portable features and functionality. A convenient carry handle doubles as a stand, so young learners can grab and go or set it and stand it for their viewing preference. Precision cutouts give full access to controls, ports, and cameras, making it easy to enjoy favorite videos, movies, and music.
As a bonus, this case features Targus DefenseGuard™ Antimicrobial Protection, which helps to create a cleaner surface by preventing the growth of microorganisms and works continuously for the life of the product.
Targus’ SafePort® Clear Case for iPad® (10th gen.) 10.9-inch lets students show off their colorful new iPad while wrapping it in superior protection. This protective case passes military grade 6 ft./1.8m drop testing (MIL-STD 810G) with its clear, shock-absorbent back cover, protective snap-on front cover, reinforced corners, wrap-around bezel, and covered buttons. The kickstand of this case has been tested to withstand up to 44 lbs. of force making it durable enough to withstand kids’ everyday use.
Beyond protection, it offers a variety of integrated features to boost functionality and versatility on the go. A built-in extra durable kickstand flips out to offer hands-free portrait and landscape viewing from multiple angles. Precision cutouts allow complete access to ports and cameras, and it also has a built-in stylus holder making it easy to store an Apple Pencil® (Pencil sold separately by Apple®).
Targus will be showcasing its latest lineup of laptop and tablet cases and accessories for the education market during ISTELive 24 in booth #1882 at the Colorado Convention Center.
Watch Targus’ Commercial Grade Hard-Shell Cases for Chromebook in action and visit Targus.com for product details, pricing, and availability.
Posted in Commentary with tags Hacked on June 21, 2024 by itnerd
Tuesday night, car dealership Saas provider CDK Global was hit by a cyberattack, causing the company to shut down its IT systems, phones, and applications leaving its 15,000 clients unable to operate normally.
The company’s SaaS product provides auto industry clients with a platform that handles all aspects of a car dealership’s operations, including CRM, financing, payroll, support and service, inventory, and back-office operations.
To use CDK’s services, car dealerships configure an always-on VPN to the SaaS provider’s data centers, allowing their locally installed applications to access the platform. Also, the software has administrative privileges used to deploy updates. CDK has recommended disconnecting from the data centers.
Some dealerships appear to have gotten creative to continue doing business during the outage, logging in with old credentials on old CDK platforms, and sharing that they were simply relying on spreadsheets and sticky notes to sell customers small parts and make repairs, but that they weren’t making any large transactions.
CDK’s systems first went down around 2:00 a.m. EDT and some functions began to come back online by Wednesday afternoon.
Ted Miracco, CEO, Approov Mobile Security had this to say:
“This incident highlights a common vulnerability that is especially impacting the automotive supply chain and CDK’s breach exemplifies this risk. These apps provide extensive mobile tools for dealership management, offering functionalities such as real-time inventory management, customer relationship management, repair tracking, and mobile access to critical business information. However, without proper API security measures, these features can expose sensitive data and backend systems to potential breaches and malicious attacks. Many companies do not adequately secure their APIs, especially for mobile applications. API protection for web access does not adequately protect mobile interfaces, creating an easy target for hackers and ransomware attacks. These API attacks increasingly target the automotive supply chain, exploiting the lack of security in mobile interfaces.”
One of the reasons why I tend to warn my clients about using SaaS solutions is that you have to be able to trust that their security is top shelf. Because if they get pwned, you get pwned. And then your business is down for however long it takes for the SaaS provider to address their issues. Your organization has to ask if they want to take that risk.
A new report from NCC Group plc shows ransomware attacks hit a record high in May, largely due to a significant resurgence in LockBit ransomware activities. According to the NCC Group 2024 Threat Intel report, global ransomware attacks increased by 32% month-over-month in May, reaching 470 incidents compared to 356 in April. This marks an 8% increase compared to May of last year.
The spike in attacks is primarily attributed to LockBit 3.0, the latest version of the notorious LockBit ransomware gang. After being dismantled by law enforcement in February, the group resurfaced just a week later, quickly becoming the most active ransomware group, responsible for 37% of all ransomware attacks in May. LockBit was implicated in 176 ransomware incidents during the month.
Other notable ransomeware players mentioned in the report for May included:
Play ransomware group in second position with 32 attacks, for 7% of all attacks in the month
RansomHub came in at third position with 22 attacks
DAn0n, with 13 attacks. A newcomer to the field that uses a double-tap extortion method.
Underground, which also uses double-tap extortion, was recorded to have undertaken 12 ransomware attacks during the month
Arcus Media, with 11 attacks
The report noted that the majority (77%) of ransomware attacks in May targeted companies in North America and Europe, with a notable increase in attacks in South America, accounting for 8% of the total, a 60% rise from April.
By sector, industrial companies remained the most targeted, a trend ongoing since January 2021, with 143 attacks in May, up from 116 in April. The technology sector was the second most targeted, with 72 attacks, an increase from 49 the previous month.
“The only real way to end ransomware is to make it no longer profitable for the bad actors. Let me be clear, solutions already exist in the commercial sector to protect against these threats. In addition to instituting zero-trust access to your data, adding available real-time encryption can ensure that data is useless to the attacker, if they do get in. While you’re adding data protection, the use of invisible partitions can ensure your data is not accessed by intruders. Data at rest can also be data protected.”
What we see here is a game of “whack a mole”. Where law enforcement takes out LockBit only to have LockBit reappear in a new form. Like Mr. Hansen has said, this isn’t working. Thus organizations need to take security a lot more seriously and implant things that will make it way harder for threat actors to pwn them.
UPDATE: Rogier Fischer, CEO and Co-Founder, Hadrian add this comment:
“Ransomware groups like LockBit versions, and Conti before that, show how cybercriminal organizations evolve and change tracks, often rebranding or merging with other groups to stay operational despite law enforcement actions. The cybersecurity community have been dredging up evidence of their interconnectivity, as seen in the use of shared resources, such as Conti’s leaked source code being adopted by LockBit for its “LockBit Green” variant. Law enforcement actions, including arrests and website seizures, have disrupted these groups temporarily, but have not eliminated the threat entirely, as these groups quickly adapt and reconstitute their operations. What we need it continuous, coordinated international efforts to effectively combat the ever-evolving ransomware menace.”
Posted in Commentary with tags Hacked on June 21, 2024 by itnerd
According to local media, forklift manufacturer Crown Equipment confirmed Wednesday that it suffered a cyberattack on June 8th that disrupted manufacturing at its plants.
Crown is one of the largest forklift manufacturers in the world, employing 19,600 people and having 24 manufacturing plants in 14 locations worldwide.
Since the attack, all IT systems have been shut down and employees have been unable to clock in their hours, access service manuals, or deliver machinery in some cases. Employees have been told not to accept MFA requests and to be cautious of phishing emails.
“We determined that many of the security measures Crown had in place were effective in limiting the amount of data the criminals were able to access. We also learned that the hackers gained entry into our system because an employee failed to adhere to our data security policies by allowing unauthorized access to their device,” Crown said in an email sent to employees yesterday.
It is believed that the breach occurred after an employee fell for a social engineering attack and allowed a threat actor to install remote access software on their computer.
Ted Miracco, CEO, Approov Mobile Security had this to say:
“The recent cyberattack on forklift manufacturer Crown Equipment highlights the critical need for comprehensive zero-trust solutions that extend beyond the corporate network to include edge devices, such as mobile phones and personal devices. This breach is believed to have occurred after an employee fell for a social engineering attack, allowing a threat actor to install remote access software on their device. This incident underscores the vulnerability of edge devices, which are often more susceptible to social attacks like phishing. To enhance security, it’s crucial that zero-trust principles encompass all devices, including personal and mobile ones. Mobile apps should also incorporate security measures that attest to the integrity of the device, verifying whether it has been compromised. This can prevent unauthorized access and ensure that only secure devices interact with corporate systems.”
On top of what Mr. Miracco said, defences have to be layered so that attacks don’t work at all, or are limited in scope as the threat actor would not be able to get very far into a network. Otherwise you get this situation.
Posted in Commentary with tags Reddit on June 20, 2024 by itnerd
Reddit who is currently at Cannes unveiled their latest research into changing search behaviors, particularly among Gen Z, via a panel discussion with industry experts from Kraft Heinz, EMARKETER and Brandwatch.
The research explores how Gen Z is leading the charge towards curated recommendations and personalized shopping experiences, and the role of crowd-sourced advice from community-verified information in the way people discover, share, engage with, and take action on content.
You can have a look at their blog post for more information including links to the full research reports.
Posted in Commentary with tags Scam on June 20, 2024 by itnerd
A couple of days ago I was working on site with a client when I get an email saying that a home client of mine had been “seriously” hacked. I dropped what I was doing and tried to phone them. But there was no response. I also responded to the email with some contact info. No response. An hour later, my client called me back in a complete panic. But by that point, I had already made arrangements to return to Toronto as I was out of town to assist with this.
When I arrived later that day she handed me her MacBook Pro, and I saw this:
Now if you’re wondering why I left the IP address visible, Bell rotates those IP addresses so often, that it simply doesn’t matter if it’s displayed or not. In any case the client told me that she was surfing the Internet and this screen appeared. It was making lots of noise and she couldn’t close it. So in a panic she phoned the number. That response isn’t a surprise because this is a pop up scam. The pop up makes you think you have some sort of critical issue with your computer, and they often play noises like sirens which when added to the text on the screen makes you more likely to call the number. And if you’re wondering how the pop up gets onto someone’s computer, scammers plant these all over the Internet using a variety of means that I won’t get into here. From there it’s just the law of averages in terms of if you hit one of these by browsing to a legitimate website that has for lack of a better word been “boobytrapped” with a pop up like this one.
Pro Tip: The way you deal with this is to try and close the pop up. If you can’t close it, press and hold the power button to turn off the computer. Then turn it on again. If the pop up returns after that, call a computer professional for assistance. But under no circumstances should you call the number that’s on the screen.
Unfortunately in this client’s case, she called the number. And according to her, the scammers at the other end of the line who were pretending to be Apple Support convinced her that her bank account and “all her personal information” had been hacked as he could see it right on his screen. They asked her what kind of computer she had, and when she replied that she had a Mac, they surprisingly didn’t try to connect to it (I confirmed that this was the case when I examined the computer). But instead launched into executing the scam. The fake Apple Support rep then got another person on the line who pretended to be her bank to help her to “secure her account.”
Now there’s three things about this interaction that I should point out. First, Apple would never, ever connect you to your bank because they don’t have the ability to do that. Second, at no point was she asked about which bank she dealt with. Which means that it would have been impossible for this fake Apple Support rep to again connect her to the right bank even if they did have the ability to do that. Nor would it have been possible for them to see on their screens that her bank account was hacked. But the reason why she was falling for it was that they were weaving a story that was convincing to someone who was under a lot of stress. And the stress was created by them via the pop up and what they have said to this point. Scammers do that because it stops you from critically thinking. Which means you’re more likely to make less rational decisions and fall for the scam.
Now let me cover the part about the scammers not connecting to her computer as that was unusual. The typical scammer behaviour is that they want to connect to your computer using a tool like AnyDesk or TeamViewer. But once connected they will often use a piece of software called ConnectWise Control which operates in the background without your knowledge and allows the scammers to come and go from your computer as they please. Which put another way means that they are always watching you and can steal personal information at will. The other reason why they do this is that they will use this to watch you while you log into your bank account so that they can steal money right from your bank account if they can, or figure out how much they can get you to withdraw from it so that you can send it to them. My only thought as to why they did not connect to her computer is that they either didn’t know how to do all of that with a Mac (which is ironic as they were pretending to be Apple Support), or they didn’t want to deal with trying to talk her into installing the software that they would need to pull this off as that would have requires an admin password that she may or may not know. Thus they went right to executing the scam.
At this point the fake bank employee started to add to this story that someone at the bank branch that she went to was stealing money from people’s accounts, and they needed her to “secure her account” so that she could avoid being the next victim. Thus they needed her to take out as much money as possible and then put them into “secure encrypted cards” in order to protect her funds. Now I am going to assume the scammers were using the term “secure encrypted cards” to cover up the fact that she was going to be told to buy gift cards so that the scammers could get the money easily.
Let’s dissect this. Major banks don’t need your help to hunt down bad actors who work for them. So if you hear this sort of thing from anyone claiming to be a bank employee, they are lying. Next, no bank on this planet would ever require you to “secure your account”. If there was some sort of fraud issue caused by a bad actor inside a bank, it would be dealt with by the bank. And no bank, government agency, law enforcement, etc. would require you to buy gift cards for any reason.
The final part of this scam was that she was also told that her entire network was hacked and she shouldn’t tell anyone about what was going on. And any attempt by anyone to do things like email for help or make a phone call would be seen by the hackers that they claim were hacking her. This is an attempt by the scammers to stop the victim from calling for help as that would disrupt the scam and result in the scammers not getting paid.
Back to the scam, all of this would have worked out for the scammers as this client had completely bought in. But unfortunately for the scammers, the client’s daughter in law came home and upon hearing what was going on, quickly put an end to the scam by making the client hang up the phone. So the client didn’t lose any money. But even though she got lucky and had a good outcome, if there is any such thing in a situation like this, she was really freaked out. Which is understandable.
By the time that I arrived, she had gone to her bank who confirmed that she had not lost any money. Thus all I had to do was examine her computer to make sure that it was not compromised and reassure her that everything would be fine. And that’s the thing that really bothers me about what these scumbags do. They leave people in a state where they are shaken, upset, and not trusting of anything and anyone. That is part of the reason why I turned over all the information about these scumbag scammers, and the story behind it to the Scambaiting community. Essentially Scambaiters are digital vigilantes who take this sort of information and use it to collect intelligence about scammers that are passed on to others in the community, and they use that intelligence to disrupt the scammers operations. Because I want the scumbags behind this to pay some sort of price. Ideally that price should be jail, but since the Indian authorities (The scammers had significant Indian accents, so it’s a safe bet that they are Indian), are known for not seriously going after scammers unless forced to, then vigilante justice is the next best thing.
I have it in my calendar to follow up next week to make sure all is well with this client. But frankly, we should not be living in a world where scammers can operate as freely as they do. Scammers should be treated like cockroaches, and exterminated from the face of the Earth. And I will do my part to make sure that they get what’s coming to them.
Posted in Commentary with tags CISA on June 19, 2024 by itnerd
Last week, the CISA announced it’s putting together a comprehensive framework to unify government, industry and global partners in their response to significant security incidents involving AI just after conducting the first-ever AI security incident tabletop exercise.
The four-hour event held at Microsoft’s Virginia offices brought together over 50 AI experts and was intended to support the development of the AI Security Incident Collaboration playbook that is expected to be released later this year.
Participants in the event included the FBI, the NSA, the Office of the Director of National Intelligence and the Defense and Justice departments as well as AI and software developers including, but not limited to:
OpenAI
Microsoft
IBM
Cisco
Amazon Web Services
The Joint Cyber Defense Collaborative, CISA’s flagship public-private partnership, organized the exercise and is developing the playbook through a planning effort called JCDC.AI. The collaborative is planning a second exercise later this year on AI integration in U.S. critical infrastructure.
FBI Cyber Division Assistant Director Bryan Vorndran said the exercise showed that both sectors are better prepared to handle cyberthreats when there is adequate coordination.
“We are stronger when we come together to share information and determine best practices in the evolving AI landscape.”
“Determining and aligning on best practices in the evolving AI landscape is a great endeavor and a needed exercise. However, the criminals are clearly not participating and march to their own drum, which is why we need to stay vigilant with the development of cyber resiliency approaches against the ever-increasingly complex and AI-driven attacks.”
Exercises like this one are a good thing in my mind as it helps to flush out weaknesses for improvement and strengthens the things that organizations do well. Others should look at this and copy it as this is a good model to work from.
Posted in Commentary with tags Hacked on June 19, 2024 by itnerd
In a filing with the SEC late last week, life and supplemental health insurance provider Globe Life disclosed a data breach impacting the information of its consumers and policyholders.
The company said after an inquiry from a state insurance regulator, it launched an investigation into “potential vulnerabilities related to access permissions and user identity management for a Company web portal”, which showed that the vulnerabilities likely allowed unauthorized access to consumer and policyholder data.
Globe Life removed external access to the compromised portal it believes the issue is isolated to. The company does not anticipate operations to be significantly impacted.
According to its website, Globe Life companies have more than 17 million policies.
This comes during the aftermath of the UnitedHealthcare February attack, one of the worst to hit American healthcare impacting an estimated 50% of U.S. medical claims.
Experts with Cyware and Horizon3.AI offer perspectives on the matter.
Stephen Gates, Principal Security SME, Horizon3.AI had this to say:
“In this scenario, it seems that a web portal was likely there to allow third-parties, agents, or employees to remotely access insurance information, initiate new applications, potentially make claims, and so on. It is also likely that two-factor authentication (2FA) was not implemented, as indicated by the mention of “potential vulnerabilities related to access permissions and user identity management.
“Typically, a portal provides access to information stored in a database within the network. If an attacker gained access to the portal, it would generally imply they could access the data stored in that database. While there isn’t sufficient evidence to suggest that the attacker moved laterally within the network, there are indications of a potential breach involving confidential data.
“I would suggest looking for any information that may have been logged by the web portal in the context of activities that would suggest a breach of information. This is one of the reasons why logging user activities are always recommended.”
Emily Phelps, Director, Cyware follows with this comment:
“When dealing with potential vulnerabilities in web portals, detaching the portal from the network can be a quick mitigation step, but it’s often more complex. There’s always a chance of lateral movement, especially if the attacker had time to explore the network before detection. It’s crucial to conduct a thorough investigation to understand the extent of the breach and whether any data was exfiltrated or manipulated.
“The depth of the information stolen and the exact nature of the breach—whether it involves ransomware or not—can impact the company’s response and regulatory obligations. Companies often report breaches to demonstrate transparency and compliance, but the material impact can vary widely.
“The SEC has been progressively tightening regulations around data breaches and cybersecurity. As breaches continue to occur, we can expect even stricter oversight and requirements for companies to implement robust cybersecurity measures and provide timely, detailed disclosures.
“In general, these incidents highlight the need for continuous improvement in cybersecurity practices, particularly in access permissions and user identity management, to prevent unauthorized access and minimize potential damage from breaches.”
No breach is good. But this one seems really bad based on scale alone. Until companies get their heads around looking holistically at their security, this sort of thing will unfortunately keep happening.
The US Bans Kaspersky
Posted in Commentary with tags Kaspersky on June 21, 2024 by itnerdNow some of you reading this headline will be thinking “wait, didn’t the US already ban Kaspersky?” The answer is sort of. They were banned on federal government networks. But you and I could still get a copy of the anti-virus software for example. Well, that has changed as the Biden administration has banned them outright:
Yesterday, the Department of Commerce issued a final determination pursuant to Executive Order (E.O.) 13873 prohibiting Kaspersky Lab, Inc., its affiliates, subsidiaries and parent companies directly or indirectly from providing anti-virus software and cybersecurity products or services in the United States or to U.S. persons. Commerce reached this determination after an investigation found transactions involving the products and services of Kaspersky Lab, Inc. and its corporate family pose unacceptable risk to U.S. national security or the safety and security of U.S. persons, as outlined in E.O. 13873.
In addition, the Department of Commerce has designated AO Kaspersky Lab and OOO Kaspersky Group (Russia), and Kaspersky Labs Limited (United Kingdom) on the Entity List for their cooperation with Russian military and intelligence authorities in support of the Russian government’s cyber intelligence objectives. These activities are contrary to U.S. national security and foreign policy interests.
Damir J. Brescic, CISO, Inversion6 had this comment:
The reason that the U.S. government took such a stance is due to the concerns that Kaspersky could/has complied with the Russian government in what could be seen as assisting in cyber espionage or other malicious activity. The concern is obviously heightened by some of the controversial laws Russia has in general regarding cybersecurity; where they require companies to assist the government in intelligence gathering activities. Similar to other nation-state threat actors, such as China, Iran and North Korea.
There are a few key aspects that companies and even government agencies need to take into consideration when assessing the impact of a software tool, such as Kaspersky. The major concern is that the Kaspersky antivirus solution, when implemented in an organization, requires extensive system privileges to function correctly, as most solutions of its kind do. This type of technology can provide a threat actor the potential to exploit and gain access to a systems configuration, sensitive data, and network connections.
If an organization is currently utilizing the Kaspersky antivirus software, they should look to conduct the following steps:
All of this is good advice as unlike the when the US government network ban came into effect, Kaspersky sued the government, I can’t find any statements or any other reaction from the Russian software company. Their silence suggests a lot in my opinion.
1 Comment »