foreign adversaries Archives

Winsage

December 20, 2025

Windows RemoteApp problems, ferry malware arrest, Senator’s open-source warning

Microsoft's December 2025 security update disrupts Message Queuing (MSMQ) on older Windows 10 and Server systems. A subsequent November 2025 update causes RemoteApp connection failures on Windows 11 24H2/25H2 and Windows Server 2025 devices, particularly in Azure Virtual Desktop environments, although Windows Home or Pro editions remain unaffected. French authorities arrested two crew members of an Italian ferry for allegedly installing malware that could allow remote control of the vessel; one suspect has been released while the other is in custody. Tom Cotton, Chairman of the Senate Intelligence Committee, has urged action on vulnerabilities in open-source software, citing concerns about foreign adversaries inserting malicious code. A zero-day exploit, CVE-2025-20393, affecting Cisco email security products has been exploited by Chinese hackers since late November. DXS International reported a cybersecurity incident involving unauthorized access to its internal servers, with an investigation ongoing. A report from Resecurity indicates a rise in the criminal use of DIG AI for generating tips for illegal activities. CISA warned of a critical vulnerability in ASUS Live Update software, which has been actively exploited. An automated campaign targeting multiple VPN platforms has been reported, with credential-based attacks observed on Palo Alto Networks GlobalProtect and Cisco SSL VPN.

AppWizard

December 4, 2024

US Warns Citizens to Use Encrypted Messaging Apps Amid Cyberattack on Telecom Giants

A significant cyber intrusion has targeted major US telecommunications firms, including AT&T and Verizon, linked to Chinese state-sponsored actors and identified by Microsoft as Salt Typhoon. The FBI and CISA have confirmed that the attack focused on leading telecom companies, infiltrating sensitive data such as phone metadata, live calls, and law enforcement surveillance systems. The breach is attributed to the Chinese government, aiming to gather intelligence on American political and governmental operations, but officials state it is not intended to interfere with the 2024 elections. Types of sensitive information stolen include call logs and metadata, intercepted live conversations, and access to law enforcement systems. In response, officials are encouraging the use of encrypted messaging applications like Signal, WhatsApp, and iMessage to protect personal communications. The breach raises concerns about the vulnerability of telecom systems governed by the Communications Assistance for Law Enforcement Act (CALEA), which may not fully encrypt messages. Despite the damage caused by the Salt Typhoon operation, the breach highlights the risks associated with cyber espionage from state-sponsored groups, emphasizing the need for robust encryption to safeguard personal information.

Tech Optimizer

August 9, 2024

Kaspersky Labs: Russian antivirus firm leaving the US after ban

Kaspersky Labs has announced its exit from the U.S. market due to a ban on its software by the Biden administration, which cited security risks related to the company's ties to Moscow. The company plans to gradually cease U.S. operations starting July 20, 2024, and has already stopped sales on its U.S. website. The Commerce Department's ruling prohibits Kaspersky from selling its software or providing updates in the U.S., leveraging powers established during the Trump administration to restrict transactions with foreign adversaries. The restrictions will take effect on September 29, and Kaspersky intends to explore legal options to contest the ban.

Tech Optimizer

June 23, 2024

White House Bans Kaspersky Sales, Citing ‘Unacceptable’ Security Risk — Redmondmag.com

The U.S. government has banned all sales of Kaspersky Lab software due to concerns about cyber espionage, citing an "unacceptable risk" to national security.

Tech Optimizer

June 22, 2024

Biden administration bans Kaspersky software over security concerns

Kaspersky Lab is disappointed with the US decision to place restrictions on its operations, attributing it to geopolitical factors rather than product integrity. The restrictions will be enforced by the Commerce Department and will impact the company's reputation and international sales. The decision is part of a broader US strategy to mitigate cybersecurity risks from foreign adversaries, particularly Russia and China.

Tech Optimizer

June 21, 2024

US bans sales of Kaspersky antivirus software over Russian security risk concerns | Semafor

The US has banned Kaspersky products from federal government networks due to alleged ties to Russian intelligence, leading to restrictions on the company's activities in the US. The ban is part of increasing scrutiny over companies operated by "foreign adversaries" like Russia and China, with concerns over potential threats to American privacy and security. Threats to Western cybersecurity, especially on critical infrastructure, are increasing, with attacks attributed to groups in Russia, China, and Iran.