Or, something flagged Kaspersky's heuristics and something worth analyzing got forwarded on to their intel partner? We don't know.
-
-
Replying to @hacks4pancakes
I’m not even sure what you describe is different from what the US is alleging.
1 reply 0 retweets 8 likes -
Replying to @matthew_d_green
In one narrative they were purposefully snooping for docs and in the other they were doing their expected job.
1 reply 4 retweets 37 likes -
Replying to @hacks4pancakes @matthew_d_green
I can't see an Israeli or US AV provider finding a piece of advanced Russian malware and not forwarding it to CTI partners.
5 replies 20 retweets 98 likes -
Replying to @hacks4pancakes @matthew_d_green
They absolutely would. However, I don't think anyone would call the Russians out of line for banning those providers on RU gov assets.
1 reply 0 retweets 5 likes -
Replying to @r0wdy_ @matthew_d_green
Sure, it's expected cyber threat intel operations that nation states should always account for.
1 reply 0 retweets 7 likes -
Replying to @hacks4pancakes @matthew_d_green
Yep. Seems to me data KSP gets ends up in RIS hands. May be their choice. May not. However, US response shouldn't need to make distinction
2 replies 0 retweets 8 likes -
Replying to @r0wdy_ @matthew_d_green
To be clear, I'm totally for banning the use of Kaspersky products in government.
3 replies 0 retweets 21 likes -
Replying to @hacks4pancakes @r0wdy_
The question is whether US commercial enterprises (with sensitive info) should also be worried.
5 replies 0 retweets 7 likes -
I wonder why someone hasn't RE'd the conditions that trigger "collect and send back" behavior in Kaspersky?
5 replies 1 retweet 17 likes
You can’t RE it. Instructions are provided in part by the server. Allegation here is that Kaspersky employees drive it for espionage.
-
-
Replying to @dguido @matthew_d_green and
Ah, ok. That would be pretty hard to verify from the outside, then.
2 replies 0 retweets 0 likes -
Replying to @moyix @matthew_d_green and
Easy to catch them in the act though. Drop a few lures on a honeypot machine and see what happens. Use Sigint to track where it goes.
0 replies 0 retweets 3 likes
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.