Kaspersky's woes deepen as further claims surface regarding Russian security services using the company's anti-virus software to gain access to systems and data.
Both private and public sector organisations need to pay more attention to the behaviour of their users, especially as they access information they haven't accessed before.
Compromised credentials played a significant part in over 70 per cent of analysed public breaches.
Artificial intelligence and machine learning-based UEBA (user and entity behaviour analytics) platforms are in hot demand for this very reason.
Russian government spies extracted NSA exploits from a US government contractor's home PC using Kaspersky Lab software, anonymous sources have claimed. The clumsy snoop broke regulations by taking the classified code, documentation and other materials home to work on using his personal computer, which was running Kaspersky's antivirus, sources told the Wall Street Journal. It is alleged Kremlin hackers exploited the security package in one way or another to identify those sensitive files and exfiltrate them. In effect, it means the Russian government has copies of the NSA's tools used to exploit vulnerabilities in computer systems and equipment to spy on other nations and targets. It also means Russia can turn the cyber-weapons on American corporations, government agencies and other networks, and steal secrets, cause merry havoc, and so on.