Posts Tagged ‘Best Buy’

Russia’s Kaspersky to Allow Outside Review of Its Cybersecurity Software

October 23, 2017

Company hopes sharing source code will build trust after allegations its software helped Russia spy on Americans

Kaspersky Lab, the Moscow-based cybersecurity firm whose software U.S. officials suspect helped the Russian government spy on Americans, promised to make its source code available for an independent review.

The company said Monday the review is part of a “global transparency initiative” that it hopes will improve the trustworthiness of its products. It said it would hand over the source code for its software in the first quarter of next year but didn’t specify who would undertake the review or how widely the code would be…

 https://www.wsj.com/articles/russian-cybersecurity-firm-kaspersky-to-make-source-code-available-for-review-1508756502
.
Related:
.
.
.

Image result for Eugene Kaspersky, photos

Eugene Kaspersky

*****************************************************

Kaspersky fights spying claims with code review plan

October 23, 2017 — 0745

Apple Pay now in 20 markets, nabs 90% of all mobile contactless transactions where active

Russian cybersecurity software maker Kaspersky Labs has announced what it’s dubbing a “comprehensive transparency initiative” as the company seeks to beat back suspicion that its antivirus software has been hacked or penetrated by the Russian government and used as a route for scooping up US intelligence.

In a post on its website today the Moscow-based company has published a four point plan to try to win back customer trust, saying it will be submitting its source code for independent review, starting in Q1 2018. It hasn’t yet specified who will be conducting the review but says it will be “undertaken with an internationally recognized authority”.

It has also announced an independent review of its internal processes — aimed at verifying the “integrity of our solutions and processes”. And says it will also be establishing three “transparency centers” outside its home turf in the next three years — to enable “clients, government bodies and concerned organizations to review source code, update code and threat detection rules”.

It says the first center will be up and running in 2018, and all three will be live by 2020. The locations are listed generally as: Asia, Europe and the U.S.

No automatic alt text available.

Finally it’s also increasing its bug bounty rewards — saying it will pay up to $100K per discovered vulnerability in its main Kaspersky Lab products.

That’s a substantial ramping up of its current program which — as of April this year — could pay out up to $5,000 per discovered remote code execution bugs. (And, prior to that, up to $2,000 only.)

Kaspersky’s moves follow a ban announced by the US Department of Homeland Security on its software last month, citing concerns about ties between “certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks”.

The US Senate swiftly followed suit, voting to oust Kaspersky software from federal use. While three months earlier the General Services Administration also removed Kaspersky Lab from a list of approved federal vendors.

The extensive system-wide permissions of antivirus software could certainly make it an attractive target for government agents seeking to spy on adversaries and scoop up data, given the trust it demands of its users.

The WSJ has previously reported that Russian hackers working for the government were able to obtain classified documents from an NSA employee who had stored them on a personal computer that ran Kaspersky software.

Earlier this month CEO Eugene Kaspersky blogged at length — rebutting what he dubbed “false allegations in U.S. media”, and writing: “Our mission is to protect our users and their data. Surveillance, snooping, spying, eavesdropping… all that is done by espionage agencies (which we occasionally catch out and tell the world about), not us.”

We’re proud to keep on protecting people against all cyberthreats – no matter of false allegations in U.S. media https://kas.pr/x78t 

Photo published for What’s going on?

What’s going on?

I doubt you’ll have missed how over the last couple months our company has suffered an unrelenting negative-news campaign in the U.S. press.

eugene.kaspersky.com

But when your business relies so firmly on user trust — and is headquartered close to the Kremlin, to boot — words may evidently not be enough. Hence Kaspersky now announcing a raft of “transparency” actions.

Whether those actions will be enough to restore the confidence of US government agencies in Russian-built software is another matter though.

Kaspersky hasn’t yet named who its external reviewers will be, either. But reached for comment, a company spokeswoman told us: “We will announce selected partners shortly. Kaspersky Lab remains focused on finding independent experts with strong credentials in software security and assurance testing for cybersecurity products. Some recommended competencies include, but are not limited to, technical audits, code base reviews, vulnerability assessments, architectural risk analysis, secure development lifecycle process reviews, etc. Taking a multi-stakeholder approach, we welcome input and recommendations from interested parties at transparency@kaspersky.com

She also sent the following general company statement:

Kaspersky Lab was not involved in and does not possess any knowledge of the situation in question, and the company reiterates its willingness to work alongside U.S. authorities to address any concerns they may have about its products as well as its systems.

As there has not been any evidence presented, Kaspersky Lab cannot investigate these unsubstantiated claims, and if there is any indication that the company’s systems may have been exploited, we respectfully request relevant parties responsibly provide the company with verifiable information. It’s disappointing that these unverified claims continue to perpetuate the narrative of a company which, in its 20 year history, has never helped any government in the world with its cyberespionage efforts.

In addition, with regards to unverified assertions that this situation relates to Duqu2, a sophisticated cyber-attack of which Kaspersky Lab was not the only target, we are confident that we have identified and removed all of the infections that happened during that incident. Furthermore, Kaspersky Lab publicly reported the attack, and the company offered its assistance to affected or interested organisations to help mitigate this threat.

Contrary to erroneous reports, Kaspersky Lab technologies are designed and used for the sole purpose of detecting all kinds of threats, including nation-state sponsored malware, regardless of the origin or purpose. The company tracks more than 100 advanced persistent threat actors and operations, and for 20 years, Kaspersky Lab has been focused on protecting people and organisations from these cyberthreats — its headquarters’ location doesn’t change that mission.

“We want to show how we’re completely open and transparent. We’ve nothing to hide,” added Kaspersky in another statement.

Interestingly enough, the move is pushing in the opposite direction of US-based cybersecurity firm Symantec — which earlier this month announced it would no longer be allowing governments to review the source code of its software because of fears the agreements would compromise the security of its products.

Source:https://techcrunch.com/2017/10/23/kaspersky-fights-spying-claims-with-code-review-plan/

Advertisements

US agencies banned from using Russia’s Kaspersky software

September 14, 2017

Federal agencies in the US have 90 days to wipe Kaspersky software from their computers. Officials are concerned about the Russian company’s ties to the Kremlin and possible threats to national security.

Headquarters of Internet security giant Kaspersky in Moscow (Getty Images/AFP/K. Kudryavtsev)

The administration of US President Donald Trump has ordered government agencies to remove products made by Russian company Kaspersky Labs from their computers.

The Department of Homeland Security (DHS) said Wednesday it was concerned that the cybersecurity firm was susceptible to pressure from Moscow and thus a potential threat to national security.

Read more: Facebook, Russia and the US elections – what you need to know

DHS said in a statement that it was “concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies,” as well as Russian laws that might compel Kaspersky to hand over information to the government.

But the makers of the popular anti-virus software have said “no credible evidence has been presented publicly by anyone or any organization as the accusations are based on false allegations and inaccurate assumptions.”

US tech retailer Best Buy confirmed earlier Wednesday that it would no longer sell Kaspersky products, but has declined to give further details on the decision.

Ties between Kaspersky, Kremlin ‘alarming’

Civilian government agencies have 90 days to completely remove Kaspersky software from their computers. The products have already been banned in the Pentagon.

US congressional leaders have applauded the move. Democratic Senator Jeanne Shaheen said the “strong ties between Kaspersky Lab and the Kremlin are alarming and well-documented,” and asked the DHS if the company’s products were used for any critical infrastructure, such as for voting systems, banks and energy supply.

Although Kaspersky Labs was founded by a KGB-trained entrepreneur, Eugene Kaspersky, and has done work for Russian intelligence, the company has repeatedly denied carrying out espionage on behalf of President Vladimir Putin and his government.

es/cmk (AP, Reuters)

http://www.dw.com/en/us-agencies-banned-from-using-russias-kaspersky-software/a-40500232

Store closings are the hottest trend in retail

February 25, 2016

By  Paul R. La Monica
C
NN Money

It’s not easy being a big retail these days.

Amazon (AMZN, Tech30) is eating almost everyone’s lunch. And consumers aren’t spending as much as many economists thought they would — despite lower gas prices and rising wages. It seems that people are saving more and paying down debt.

That’s bad news for the likes of Best Buy, Kohl’s and Sears. All three reported their latest results on Thursday.

Best Buy’s (BBY) profits did top forecasts. But sales fell during the fourth quarter. And the company is forecasting a bigger than expected drop in sales for the first quarter.

Kohl’s (KSS) announced that it will close 18 underperforming stores this year. It added that sales for all of 2016 could fall slightly from a year ago.

And Sears (SHLD) remains a big hot mess. The company reported earlier this month that it will close at least 50 stores. It’s no secret why.

Sales continue to plunge at both its namesake stores as well as at Kmart. (Cue Dustin Hoffman from “Rain Man.”)

Related: Sears to accelerate this year’s store closings

Sears reported another quarterly loss. Its cash balance shrank while its inventory levels rose — mainly due to an increase in unsold apparel. These are not good signs.

best buy kohls sears stocks down

All of these retailers need to do more than just cut costs if they want to improve their stock prices. They also need to win back customers.

And that may be increasingly difficult to do in these uncertain times.

High-end home furnishings retailer Restoration Hardware (RH) warned on Wednesday that its sales will weaken.

The CEO blamed the turmoil in the oil market for soft sales in Texas and Canada and suggested that market volatility may also be causing its customers to pull back on spending.

Macy’s (M) reported terrible sales earlier this week and isn’t predicting a major turnaround soon. Yet its stock also rose. Guess why? It is closing stores too.

And Gap (GPS) is likely to join the growing list of retailers reporting sluggish sales. It will release its results after the closing bell Thursday.

Related: Macy’s stock is making a comeback. But its sales are not.

The company is expected to post a 5% drop in sales from a year ago. Gap is getting killed by the fast fashion revolution. Customers are flocking to H&M and Zara — and not Gap, Banana Republic and Old Navy.

Of course, there are some retailers bucking the trend.

JCPenney (JCP) is in the midst of a somewhat amazing turnaround. It is expected to report a sales increase when it releases its fourth quarter results on Friday.

But JCPenney is also closing stores. It recently announced plans to shut down 7 more this year — after closing 74 during the past two years.

Discount retailer TJX (TJX) , which owns T.J. Maxx and Marshalls, just posted a 6% increase in same-store sales for the fourth quarter.

Target (TGT) reported impressive same-store sales growth too. Target appears to benefiting from both the problems plaguing Walmart (WMT) (which is also closing stores) as well as success in building out its own digital commerce platforms to take on Amazon.

And the resilient housing market is helping both Home Depot (HD) and Lowe’s (LOW). Each big home improvement chain reported solid sales growth this week.

Still, these seem to be the exceptions as opposed to the rule. If anything, it looks like the hot new trend in retail is to try and shut down as many stores as you can to keep Wall Street happy.

Korean Businesses and Investors Leave China for Vietnam and Myanmar

November 20, 2014

.

VietNamNet Bridge – “Companies specialising in textile, garment, leather and gems have left China since the financial crisis in 2008 to move to Vietnam and Myanmar,” said a representative of the Korea Trade-Investment Promotion Agency (KOTRA).

Currently, there are only 4,800 Korean companies doing business in Qingdao, less than one half compared to 10 years ago.

A growing number of Korean businesses are withdrawing from China. According to KOTRA and the Korea Export-Import Bank, the number of companies establishing new local branches in China fell from 2,294 to 1,301 during the period from 2006 to 2008. The number dropped to 901 in 2010, 817 in 2013 and 368 in the first half of this year.

This trend was most clearly seen in Qingdao, Guangdong province. Currently, there are only 4,800 Korean companies doing business here, less than one half compared to 10 years ago, Business Korea reported.

This trend is not only prevalent in the Korean business world. The number of Japanese companies in Shandong province also dropped from 2,000 in 2005 to approximately 1,000 this year. Several large corporations such as Google, Best Buy, and Media Markt also left China together with 130 American, 30 British and 28 Italian companies.

One of the main reasons leading to this situation is the increase in labor costs and falling profits. This year, China’s local governments set the minimum wage increase at 16.9%,  which is expected to grow 13% per year on average in the future.

Another reason is the change in policies for foreign companies. The Chinese government eliminated tax, labor and real estate incentives for foreign investors four years ago.

In addition, Beijing also provides additional support packages and incentives for domestic firms, while limiting government spending for goods originating from foreign companies.

http://english.vietnamnet.vn/fms/business/116887/many-korean-investors-leave-china-for-vietnam-and-myanmar.html