Cyber News

The Iris Experts Group (IEG) will hold their annual meeting on Thursday June 17, 2021. The meeting will be virtual using the BlueJeans Meeting platform. The meeting is a full day meeting with breaks scattered through the day. The IEG is a forum for the discussion of technical questions of interest to US government(USG) agencies and their staff that are employing or may employ iris recognition to carry out their mission. Members include subject matter experts from USG agencies, academia and the commercial world. The meeting agenda is based on input from the members. The agendas of past meetings

The NIST Information Technology Laboratory will host a workshop focused on AI Measurement and Evaluation as a continuation of NIST engagement efforts in Trustworthy AI.

The NIST Post-Quantum Cryptography Standardization Process has entered the third phase, in which 7 third round finalists and eight alternate candidates are being considered for standardization. NIST plans to hold a third NIST PQC Standardization Conference in June 2021 to discuss various aspects of these candidates, and to obtain valuable feedback for the final selection(s). NIST will invite each submission team of the 15 finalists and alternates to give a short update on their algorithm. The conference will take place virtually. Call for Papers Submission deadline: April 23, 2021 Notification

On June 2-3, NIST will host a virtual workshop to enhance the security of the software supply chain and to fulfill the President’s Executive Order (EO) on improving the Nation’s Cybersecurity, issued on May 12, 2021. Among other things, Section 4 of that Executive Order (EO) directs the Secretary of Commerce, through NIST, to consult with federal agencies, the private sector, academia, and other stakeholders in identifying standards, tools, best practices, and other guidelines to enhance software supply chain security. Those standards and guidelines will be used by other agencies to govern the

Attackers are sending messages disguised as offers from meal-kit services, like HelloFresh.

At the first-ever virtual Google I/O, Alphabet Chief Executive Officer Sundar Pichai talked about news on Workspace, quantum computing and privacy needs.

The NoCry ransomware, which is very similar to Judge, creates a mutex to prevent multiple instances from running in parallel, provides sandbox detection, and deletes system restore points.

Attackers can take advantage of the fact these apps access, gather, store and transmit more information than any other app their victims have installed.

The Japanese government will reportedly introduce new regulations across 44 sectors to bolster national cyber defence, partly in response to the Colonial Pipeline hack that occurred last week.

Cybersecurity firm Tessian revealed it had uncovered a number of SMS scams impersonating well-known meal kit delivery companies, including the likes of Gousto and HelloFresh.

Eldorado-based cybersecurity firm Shared Assessments has been acquired for an undisclosed price by one of its member organizations, OneTrust, at one time the fastest-growing company on the Inc. 5000.

Digital extortion gangs like DarkSide take great care to make their entire platforms geopolitical, because their malware is engineered to work only in certain parts of the world.

In July 2018, when Guizhou-Cloud Big Data (GCBD) agreed to a deal with state-owned telco China Telecom to move iCloud data belonging to Apple's China-based users to the latter's servers, the shift raised concerns that it could make user data vulnerable to state surveillance. Now, according to a deep-dive report from The New York Times, Apple's privacy and security concessions have "made it

The Biden administration on Tuesday detailed how it wants to fund efforts to counter a wave of massive hacks in the wake of this month’s Colonial Pipeline ransomware attack.

Simps botnet binary uses Mirai and Gafgyt modules for DDOS functionality. The botnet might be in the early stages of development because of the presence of the infected.log file after execution.

The FBI says that complaints concerning online scams and investment fraud have now reached a record-breaking level. The FBI's IC3 received its six millionth complaint on May 15, 2021.

Anurag Kahol, CTO at Bitglass, discusses options for detecting malicious or dangerous activity from within an organization.

Despite the fact that third party code in IoT projects has grown 17% in the past five years, only 56% of OEMs have formal policies for testing security, a VDC Research reveals.

In an F-1 form filed this week with the U.S. Securities and Exchange Commission (SEC) for Monday.com's proposed IPO, the company shared details on the extent of the Codecov breach.

Security researchers have documented an attack technique that may allow attackers to leverage a legitimate Amazon VPC feature to mask their use of stolen API credentials inside AWS.