Cyber News

The Iris Experts Group (IEG) will hold their annual meeting on Thursday June 17, 2021. The meeting will be virtual using the BlueJeans Meeting platform. The meeting is a full day meeting with breaks scattered through the day. The IEG is a forum for the discussion of technical questions of interest to US government(USG) agencies and their staff that are employing or may employ iris recognition to carry out their mission. Members include subject matter experts from USG agencies, academia and the commercial world. The meeting agenda is based on input from the members. The agendas of past meetings

The NIST Post-Quantum Cryptography Standardization Process has entered the third phase, in which 7 third round finalists and eight alternate candidates are being considered for standardization. NIST plans to hold a third NIST PQC Standardization Conference in June 2021 to discuss various aspects of these candidates, and to obtain valuable feedback for the final selection(s). NIST will invite each submission team of the 15 finalists and alternates to give a short update on their algorithm. The conference will take place virtually. Call for Papers Submission deadline: April 23, 2021 Notification

Review your bank, credit card and financial statements regularly to identify unauthorized activity. This is one of the most effective ways to quickly detect if your bank account, credit card or identity has been compromised.

The malware seems like a silly coding lark at first, but further exploration shows it can wreak serious damage in follow-on attacks.

Our new eBook goes beyond the status quo to take a look at the evolution of ransomware and what to prepare for next.

Iron Tiger threat actor group was spotted using an upgraded toolkit in an 18-month old cyberespionage campaign against a gambling firm in the Philippines.

Using Washington State's proposed law as a guide, New York, Texas and many other states are inching their way toward a data privacy law.

In a new report, Kaspersky noted that developed countries faced a large number of ransomware attacks on ICS systems during the pandemic owing to their consistency in keeping businesses up and running.

A new study finds that 84% of IT admins think allowing users to set up groups and set governance rules will save time and money.

A Mac malware campaign targeting Xcode developers has been retooled to add support for Apple's new M1 chips and expand its features to steal confidential information from cryptocurrency apps.

Sivan Tehila, cybersecurity strategist at Perimeter 81, discusses climate change and the cyber-resilience lessons companies should take away from dealing with the pandemic.

The systems administrator for a notorious organized cybercrime group has been handed a 10-year jail sentence for his part in financial crimes that cost firms and consumers billions.

Advintel observed actors conducting OSINT research related to the compromised host domain to identify the infected victim company and evaluate their revenue to assess what the ransom amount will be.

There was a 372% increase in bad bot traffic on healthcare websites since September 2020. As vaccines became more widely available, bot activity was recorded at rates of 12,000 requests per hour.

Matthew Clark Bibendum (MCB), a distributor of alcoholic beverages and soft drinks in the UK and Ireland, says it’s working to restore IT systems following a cybersecurity incident.

Manhunt, a popular gay dating service, has suffered a data breach which may have put members at risk of exposure.

The US government sanctioned this week twenty-eight cryptocurrency addresses allegedly associated with entities or individuals linked to Russian cyberattacks or election interference.

The backlash against Google's Federated Learning of Cohorts (FLoC) has continued, with a proposal raised in WordPress Core to block the alternative identifier to third-party cookies by default.

RSA has published its latest quarterly fraud report, reinforcing the migration to more precise payment authentication methods and showing a notable spike in brand abuse attacks.

The acquisition of the ethics and compliance platform brings together privacy, data governance, GRC, third-party risk, ESG and ethics and compliance together into a single operational workflow.