Antivirus

Biden bans massive antivirus software company due to Russian hacker concerns

Whether you know it or not, odds are good that you have at some point in your life worked with Kaspersky Lab software. Founded in the late 1990s, the Moscow tech company has spent decades cementing its reputation as a global powerhouse in antiviral and cybersecurity products. It claims on its website to serve some

Published 1 year ago in
Biden bans massive antivirus software company due to Russian hacker concerns

Whether you know it or not, odds are good that you have at some point in your life worked with Kaspersky Lab software. Founded in the late 1990s, the Moscow tech company has spent decades cementing its reputation as a global powerhouse in antiviral and cybersecurity products. It claims on its website to serve some 400 million users and 250,000 corporate clients, all in the name of “building a safer world” in which “technology improves all of our lives.”

Despite its position in the uppermost echelons of elite cybersecurity businesses, Kaspersky has long been dogged by allegations of Russian government influence, leading in part to a 2017 U.S. government ban on using the company’s software on federal computers. Those tensions reached a crescendo last week, however, when Commerce Secretary Gina Raimondo announced plans to “prohibit Kaspersky Lab and all of its affiliates, subsidiaries and parent company from providing cyber security and antivirus software anywhere in the United States” in a call with reporters. While Kaspersky’s alleged susceptibility to Russian influence has “certainly been on the government’s radar for a number of years,” the “malign activity from Russia in particular over the past couple of years” led the government to “more broadly address this threat,” said Commerce Department’s Office of Information and Communications Technology and Services head Liz Cannon to NPR last week.

Subscribe to The Week

Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.

SUBSCRIBE & SAVE

https://cdn.mos.cms.futurecdn.net/flexiimages/jacafc5zvs1692883516.jpg

Sign up for The Week’s Free Newsletters

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

Sign up

Read More

Be the first to write a comment.

Leave a Reply

Your email address will not be published. Required fields are marked *

Antivirus

Hackers abuse Triofox antivirus feature to deploy remote access tools

Hackers exploited a critical vulnerability and the built-in antivirus feature in Gladinet’s Triofox file-sharing and remote-access platform to achieve remote code execution with SYSTEM privileges. …

Published 4 days ago in
Hackers abuse Triofox antivirus feature to deploy remote access tools

Hackers exploited a critical vulnerability and the built-in antivirus feature in Gladinet’s Triofox file-sharing and remote-access platform to achieve remote code execution with SYSTEM privileges. …
Read More

Continue Reading
Antivirus

Moonlock review: We put MacPaw’s new antivirus suite to work

Macworld At a glanceExpert’s Rating Pros Excellent viral and malware protection and detection Good purchase options Access to learning tools and YouTube links Cons Security Advisor module lacks functionality Menus don’t offer enough clarity sScan scheduler only allowing for 15-minute increments VPN auto-connects to the closest server Our Verdict Moonlock isn’t perfect…

Published 1 week ago in
Moonlock review: We put MacPaw’s new antivirus suite to work

Macworld

At a glanceExpert’s Rating

Pros

Excellent viral and malware protection and detection

Good purchase options

Access to learning tools and YouTube links

Cons

Security Advisor module lacks functionality

Menus don’t offer enough clarity

sScan scheduler only allowing for 15-minute increments

VPN auto-connects to the closest server

Our Verdict
Moonlock isn’t perfect…
Read More

Continue Reading
Antivirus

Avast Free Antivirus for Mac review: Basic protection, for free

Macworld At a glanceExpert’s Rating Pros Easy installation and setup Solid customization options such as whitelists, exceptions, and scheduled scans Handy network tools like Traffic Monitor and Network Inspector Cons Steady stream of ads, upgrade prompts, and assorted locked features The Web Guard module failed to catch obvious scam links The Scam Guard failed to

Published 2 weeks ago in
Avast Free Antivirus for Mac review: Basic protection, for free

Macworld

At a glanceExpert’s Rating

Pros

Easy installation and setup

Solid customization options such as whitelists, exceptions, and scheduled scans

Handy network tools like Traffic Monitor and Network Inspector

Cons

Steady stream of ads, upgrade prompts, and assorted locked features

The Web Guard module failed to catch obvious scam links

The Scam Guard failed to detect scam…
Read More

Continue Reading
Antivirus

OpenAI’s shiny new Atlas browser might have some serious security shortcomings – and it’s not the only one under threat from dangerous spoof attacks

Fake AI sidebars can perfectly imitate real ones to steal secrets, experts warn Malicious extensions need only minimal permissions to cause maximum chaos AI browsers risk turning helpful automation into channels for silent data theft New “agentic” browsers which offer an AI-powered sidebar promise convenience but may widen the window for deceptive attacks, experts have

Published 2 weeks ago in
OpenAI’s shiny new Atlas browser might have some serious security shortcomings – and it’s not the only one under threat from dangerous spoof attacks
  • Fake AI sidebars can perfectly imitate real ones to steal secrets, experts warn
  • Malicious extensions need only minimal permissions to cause maximum chaos
  • AI browsers risk turning helpful automation into channels for silent data theft

New “agentic” browsers which offer an AI-powered sidebar promise convenience but may widen the window for deceptive attacks, experts have warned.

Researchers from browser security firm SquareX found a benign-looking extension can overlay a counterfeit sidebar onto the browsing surface, intercept inputs, and return malicious instructions that appear legitimate.

This technique undermines the implicit trust users place in in-browser assistants and makes detection difficult because the overlay mimics standard interaction flows.

You may like

  • ChatGPT Atlas OpenAI’s new Atlas browser may have some extremely concerning security issues, experts warn – here’s what we know
  • Representational image of a hacker Millions of users have fallen victim to malicious browser extensions because of a critical flaw, but things are changing — here’s what you need to know
  • Two hands typing on a laptop keyboard with a warning exclamation mark above it The surveillance browser trap: AI companies are copying Big Tech’s worst privacy mistakes

How the spoofing works in practice

The attack uses extension features to inject JavaScript into web pages, rendering a fake sidebar that sits above the genuine interface and captures user actions.

Reported scenarios include directing users to phishing sites and capturing OAuth tokens through fake file-sharing prompts. It also recommends commands that install remote access backdoors on victims’ devices.

The consequences escalate quickly when these instructions involve account credentials or automated workflows.

Many extensions request broad permissions, such as host access and storage, that are commonly granted to productivity tools, which reduces the value of permission analysis as a detection method.

Conventional antivirus suites and browser permission models were not designed to recognize a deceptive overlay that never modifies the browser code itself.

As more vendors integrate sidebars across major browser families, the collective attack surface expands and becomes harder to secure.

Users should treat in-browser AI assistants as experimental features and avoid handling sensitive data or authorizing account linkages through them, because doing so can greatly raise the risk of compromise.

You may like

  • ChatGPT Atlas OpenAI’s new Atlas browser may have some extremely concerning security issues, experts warn – here’s what we know
  • Representational image of a hacker Millions of users have fallen victim to malicious browser extensions because of a critical flaw, but things are changing — here’s what you need to know
  • Two hands typing on a laptop keyboard with a warning exclamation mark above it The surveillance browser trap: AI companies are copying Big Tech’s worst privacy mistakes

Security teams should tighten extension governance, implement stronger endpoint controls, and monitor for abnormal OAuth activity to reduce risk.

The threat also links directly to identity theft when fraudulent interfaces harvest credentials and session tokens with convincing accuracy.

Agentic browsers introduce new convenience while also creating new vectors for social engineering and technical abuse.

Therefore, vendors need to build interface integrity checks, improve extension vetting, and provide clearer guidance about acceptable use.

Until those measures are widely established and audited, users and organizations should remain skeptical about trusting sidebar agents with any tasks involving sensitive accounts.

Security teams and vendors must prioritize practical mitigations, including mandatory code audits for sidebar components and transparent update logs that users and administrators can review regularly.

Via BleepingComputer

Best antivirus software header
The best antivirus for all budgets

Our top picks, based on real-world testing and comparisons

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mob

Read More

Continue Reading