Cyber News

The Iris Experts Group (IEG) will hold their annual meeting on Thursday June 17, 2021. The meeting will be virtual using the BlueJeans Meeting platform. The meeting is a full day meeting with breaks scattered through the day. The IEG is a forum for the discussion of technical questions of interest to US government(USG) agencies and their staff that are employing or may employ iris recognition to carry out their mission. Members include subject matter experts from USG agencies, academia and the commercial world. The meeting agenda is based on input from the members. The agendas of past meetings

The NIST Post-Quantum Cryptography Standardization Process has entered the third phase, in which 7 third round finalists and eight alternate candidates are being considered for standardization. NIST plans to hold a third NIST PQC Standardization Conference in June 2021 to discuss various aspects of these candidates, and to obtain valuable feedback for the final selection(s). NIST will invite each submission team of the 15 finalists and alternates to give a short update on their algorithm. The conference will take place virtually. Call for Papers Submission deadline: April 23, 2021 Notification

Microsoft on Friday warned of active attacks exploiting unpatched Exchange Servers carried out by multiple threat actors, as the hacking campaign is believed to have infected tens of thousands of businesses, government entities in the U.S., Asia, and Europe. The company said "it continues to see increased use of these vulnerabilities in attacks targeting unpatched systems by multiple malicious

Indian farmers’ protest is an ongoing fight against three farm acts that were passed by the Parliament of...

The post Activists turn hacktivists – new ransomware that does not demand money appeared first on Quick Heal Blog | Latest computer security news, tips, and advice.

This week, security researcher MalwareHunterTeam found an in-development decryptor for the Hog Ransomware that requires victims to join their Discord server to decrypt their files.

The campaign begins with phishing emails that appear to come from a unified communications system used for streamlining corporate communication. This email contains a malicious email attachment.

Every vulnerability addressed by this update, has either a 'High' or 'Critical' severity rating, making this update a must for Android users so that their devices remain protected.

According to a press release issued on March 5, the department said that it received reports that there were certain bad actors who were creating fake websites which copied the websites of SWAs.

This was tested on Intel Coffee Lake and Skylake CPUs, client-class CPUs, and should work on server CPUs like Xeon Broadwell. It's unknown whether more recent Intel server chips are susceptible.

Signaling a major shift to its ads-driven business model, Google on Wednesday unequivocally stated it would not build alternate identifiers or tools to track users across multiple websites once it begins phasing out third-party tracking cookies from its Chrome browser by early 2022. "Instead, our web products will be powered by privacy-preserving APIs which prevent individual tracking while

Enterprise cloud security firm Qualys has become the latest victim to join a long list of entities to have suffered a data breach after zero-day vulnerabilities in its Accellion File Transfer Appliance (FTA) server were exploited to steal sensitive business documents. As proof of access to the data, the cybercriminals behind the recent hacks targeting Accellion FTA servers have shared

Cybercriminals are now deploying remote access Trojans (RATs) under the guise of seemingly innocuous images hosted on infected websites, once again highlighting how threat actors quickly change tactics when their attack methods are discovered and exposed publicly. New research released by Cisco Talos reveals an active malware campaign targeting organizations in South Asia that utilize malicious

The number one step for protecting your mobile device is making sure it has a strong screen lock on it so only you can access it.

A sophisticated attack on Microsoft Corp.’s widely used business email software is morphing into a global cybersecurity crisis, as hackers race to infect as many victims as possible before companies can secure their computer systems.

Newly discovered flaws in Microsoft Corp.’s software for email and contacts has raised concerns at the highest levels of the U.S. government, which is urging users to immediately apply patches.

A sophisticated attack on Microsoft Corp.’s widely used business email software is morphing into a global cybersecurity crisis, as hackers race to infect as many victims as possible before companies can secure their computer systems.

Technology advancements have made it relatively easy for many employees to carry out their regular job duties from the comfort of their home.

Related: Poll confirms rise of Covid 19-related hacks

This is something companies are under pressure to allow … (more…)

A 30-million-year-old vampire squid fossil was found, lost, and then re-found in Hungary.

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Read my blog posting guidelines here.

At least 30,000 organizations across the United States -- including a significant number of small businesses, towns, cities and local governments -- have over the past few days been hacked by an unusually aggressive Chinese cyber espionage unit that's focused on stealing email from victim organizations, multiple sources tell KrebsOnSecurity. The espionage group is exploiting four newly-discovered flaws in Microsoft Exchange Server email software, and has seeded hundreds of thousands of victim organizations worldwide with tools that give the attackers total, remote control over affected systems.

In a public disclosure, the Swiss outfit confirmed it had last month fallen victim to a wide-ranging data security incident that ensnared passengers from some of the world’s largest airlines.