Update: A second round for submissions has been opened with new deadlines (this is strictly speaking not a deadline extension as the submissions of the first round will be reviewed already now and notificated as planned):

2nd round Submission deadline: March 27 2026

2nd round Notification: April 30 2026

2nd round Camera ready: May 15 2026

The 17th EAI International Conference on Digital Forensics & Cyber Crime (ICDF2C 2026) will take place in Reykjavik, Iceland, 8 - 10 September, 2026. Hosted by the Computer Science department of University of Iceland. Proceedings published by Springer.

For further details, check the conference web page.

For more details, check the original call.

University of Iceland will be present at UTmessan 2026, both on the experts conference day on Friday, 6. February 2026, and on the public day, Saturday, 7. February 2026. On the conference day, research will be presented -- also from Reykjavik University, as part of our cybersecurity collaboration, e.g. the Frostbyte lab. The public day will be a mixture of student work being presented and showcasing Gagnabær ("Datatown"), a digital twin that visualises cyber attacks on our server in Iceland using a LEGO model.

This event is in the context of our cybersecurity activities and the ECCC/EU co-funded projects ICEDEF – Defend Iceland and Eyvör – the National Cybersecurity Coordination Centre of Iceland (NCC-IS).

Join us for an afternoon of exploring different aspects of Internet security! National and international experts from various sectors will gather to share their insights from a wide range of Internet security-related topics. We envisage an afternoon full of information-sharing, lively discussions and networking opportunities for the Icelandic Internet community.

Organised by ICANN, hosted by ISNIC, advertised by University of Iceland.

Agenda
14.00 – 14.05 Welcome from ISNIC & ICANN, Þór Jensen, ISNIC and Ulrich Wisser/Gabriella Schittek, ICANN

14.05 -14.25 Migrating ISNIC’s DNSSEC Keys to a New Algorithm, Einar Bjarni Halldórsson, ISNIC

14.25 – 14.50 ICANN's Work on DNS Abuse - Ulrich Wisser, ICANN

14.50 – 15.15 How the Icelandic Police Combats Cyber Crimes, Steinarr Kr. Omarsson, Reykjavik Metropolitan Police

15.15 – 15.45 Break

15.45 – 16.10 Coordinating the response to an ever-evolving phishing group, Hafsteinn Baldvinsson, CERT-IS

16.10 – 16.30 After the Click: The Race to Contain and Respond to Threats, Bergsteinn Karlsson, Ambaga

16.30 - 16.50 Surveillance and Security Requirements in the Era of NIS2 - Unnur Kristín Sveinbjarnardóttir, Cybersecurity Division, Fjarskiptastofa / Electronic Communication Office of Iceland

16.50 – 17.10 Threat Led Penetration Testing, Kristján Valur, Jónsson, Seðlabanki Íslands/Central Bank of Iceland

17.10 - 17.30 Lost While Protected: Privacy As an Alibi, Lára Herborg Ólafsdóttir, LEX

17.30 - Social event Beer Garden, Fosshotel Reykjavik

Venue
ISNIC
Katrínartún 2
Reykjavik

Registration needed

ICANN (the organisation that, e.g., decided that there is an .is top-level domain) will offer a technical training on DNSSEC that is hosted by the Computer Science department of University of Iceland.

DNSSEC uses cryptography to guarantee that not everyone can fake an answer to a request to resolve, e.g. island.is, to an IP address, i.e. only the authoritative owner of that domain will be able to return the legitimate IP address.

This training is for everyone who now or in future is in charge of a domain and wants to use DNSSEC to secure the address resolution of that domain -- or for those who just want to learn about how the Domain Name System (DNS) works.

To quote one of our MSc students in Cybersecurity who participated at such a training event last year:
“It was really interesting to see everything that goes into securing the DNS. Really good training with talented experts! Highly recommend going!”

Topics

Introduction / DNS Recap

• Zone Files, Resource Records and roles
• Reverse DNS 
• DNS Resolution Process and debugging
• TSIG and ACL

DNSSEC

• Signing
• Validation
• Non-existence
• Key management
• Chain of Trust
• Policy Considerations
• Setting up validation in a Recursive Server
• Signing Zones (Authoritative Servers)
• DNSSEC operations and maintenance
• Tools: Troubleshooting and Monitoring
• Overview of DANE, TLS and DNSSEC

Labs

• DNS/DNSSEC debugging 
• Zone creation and configuration: primary and secondaries
• Zone signing: manualand automatic  signing
• Establish and confirm chain of trust
• DNSSEC validation (recursive resolver)

Trainer: Ulrich Wisser, ICANN Technical Engagement Manager, Europe. The training will be in English language.

For the labs, you need to bring your own laptop. ICANN will provide you with virtual machines. As WiFi is only provided via Eduroam, you need to use your phone as hotspot if you have no educational account, e.g. from a university.

Dates and Location

Tuesday and Wednesday, 3th and 4th of February 2026, 9:00-17:00, Askja building, University of Iceland

Registration

Limited space available for students (as it is also open for industry people): first-come-first-served.

https://www.icann.org/en/engagement-calendar/details/dnssec-training-at-iceland-university-2026-02-03

This event is in the context of our cybersecurity activities and the ECCC/EU co-funded projects ICEDEF – Defend Iceland and Eyvör – the National Cybersecurity Coordination Centre of Iceland (NCC-IS).

On Monday, 12.1.2026, 16:00, room Ada (Computer Science department, 3rd floor of building Gróska), there will be an information meeting on the joint cybersecurity master's programme and cysec courses being offered at University of Iceland and Reykjavik University. The cybersecurity courses can also be taken by students who are not enrolled in the cybersecurity specialization. Everyone is welcome to attend!

You can find more info here: https://uni.hi.is/helmut/cybersecurity/ -- including the presented slides will.

This joint cybersecurity master's programme would not be possible without funding from the University Collaboration Fund of the Ministry of Higher Education, Science and Innovation and co-funding from the ECCC/EU for the projects ICEDEF – Defend Iceland and Eyvör – the National Cybersecurity Coordination Centre of Iceland (NCC-IS).

Update: A 2nd round for submissions has been opened with new deadlines (This is strictly speaking not a deadline extension as the submissions of the first round will be reviewed already now and notificated as planned):

Submission deadline: March 27 2026

Notification: April 30 2026

Camera ready: May 15 2026

The 17th EAI International Conference on Digital Forensics & Cyber Crime (ICDF2C 2026) will take place in Reykjavik, Iceland, 8 - 10 September, 2026. Hosted by the Computer Science department of University of Iceland. Proceedings published by Springer.

Deadline for workshop proposals (includes tutorial or doctoral consortium): 5 December, 2025

Poster and Demo submission deadline: 30th of March, 2026.

For further details, check the conference web page.
As poster (with QR code and URL added, but currently still with deadlines from the first round) in: 100 DPI JPG format, A4 format, A3 format, US Legal format, US Letter format.

Video introducing ICDF2C 2026 in Reykjavik, Iceland - Click to play

CALL FOR PAPERS (Apologies for cross-posting)

EAI ICDF2C 2026: 
17th EAI International Conference on Digital Forensics & Cyber Crime
publication by Springer

https://icdf2c.eai-conferences.org/2026/

When: 8 - 10 September, 2026

Where: Reykjavik, Iceland

Deadline for workshop proposals
(includes tutorial or doctoral consortium): 5 December, 2025

Notification of workshop proposal acceptance: 10 December, 2025

Paper submission deadline: 20th January, 2026

Paper notification deadline: 25th April, 2026

Paper camera-ready deadline: 15th May, 2026

Poster and Demo submission deadline: 30th of March, 2026.


Scope

The 17th EAI International Conference on Digital Forensics & Cyber
Crime (ICDF2C) will be held on 8-10 September, 2026, in Reykjavik
(Iceland). This three-day event is expected to attract over 100
participants, including academics, practitioners, criminologists (or
law enforcement) and vendors, providing business and intellectual
engagement opportunities among attendees. The conference is organized
by the European Alliance for Innovation (EAI).

This conference's theme is cyber analytics and forensics in the era of
emerging threats. Novel cyber threats are continuously emerging,
catalysed by the rapid deployment of Large Language Models and other
AI across many domains which increases the threat surface in many
sectors such as Smart Industry, Fintech and digital government. The
focus of this conference is to provide a platform for discussing these
emerging threats and to identify priorities for the community to
target with the next generation of cyber analytics. We particularly
welcome research which studies the dynamics between human factors and
AI technologies and the corresponding impact upon cybersecurity and
forensics.

Potential workshops may include: doctoral consortium for PhD students, 
tutorials such as password cracking for forensics, forensic education, 
forensic applications of AI, responding to an incident from a police 
or corporate interaction perspective, including what to expect when 
you involve law enforcement.

We encourage the authors to use the Posters and Demos venue as a way to 
open up discussions with the ICDF2C community about their early work in 
progress and develop the work for future collaborations. 
Representatives from industry, including established companies and 
startups, are warmly welcome to showcase products and services that 
are related to the topics of the conference.

***

Publication

All registered papers will be submitted for publishing by Springer –
LNICST series and made available through SpringerLink Digital Library:
ICDF2C proceedings.

Proceedings will be submitted for inclusion in leading indexing
services, such as Web of Science, Compendex, Scopus, DBLP, EU Digital
Library, IO-Port, MatchSciNet, Inspec and Zentralblatt MATH.

All accepted authors are eligible to submit an extended version 
in a fast track of:
- EAI Endorsed Transactions on Security and Safety
- EAI Endorsed Transactions on Internet of Things

***

Topics

Theme: Cyber analytics and forensics in the era of emerging threats.

Applications of artificial intelligence (AI) and other related technologies:
- Anti-forensics and anti-anti-forensics (e.g., deepfake)
- Deep learning
- Explainable AI (XAI)
- Generative AI (GenAI)
- Large language model (LLM)

Device forensics:
- Blockchain investigations
- Internet of Things (IoT) forensics 
 (including industrial IoT, medical IoT, military IoT, battlefield IoT, and vehicular IoT)
- Edge and/or cloud forensics
- Network and distributed system forensics
- Virtual / augmented reality (VR/AR) forensics
- Other emerging / contemporary technologies 
 (e.g., hardware and software such as firmware and operating systems)

Financial crime investigations:
- Financial frauds and scams
- Cryptocurrency investigations
- Market manipulation investigations
- Anti-money laundering / counter terrorism financing investigations
- Anti-corruption investigations

Cyber security and analytics:
- Network security (e.g., intrusion detection)
- Malware analysis
- IoT security
- Security operations center
- Virtual / augmented reality (VR/AR)

Education and Evaluation:
- Case studies – legal (e.g., child sexual abuse material) and/or technical
- Infrastructure
- Methodology
- Replicability and validity
- Tool validation

Theory and fundamentals:
- Anti-forensics and anti-anti-forensics (e.g., encryption and deepfake)
- Frameworks (legal, policy, and/or technical)
- Privacy-preserving forensics
- Social and privacy
- Steganography and steganalysis
- Visualization methods and tools for forensic analysis

***

General Chairs
Helmut Neukirchen - University of Iceland, Iceland
Kim-Kwang Raymond Choo - University of Texas at San Antonio, USA

Technical Program Committee Chairs
Thomas Welsh - University of Iceland, Iceland
Hans P. Reiser - Reykjavík University, Iceland
Raymond Chan - Singapore Institute of Technology, Singapore

***

This event is organized by EAI https://eai.eu/

EAI – European Alliance for Innovation is a non-profit organization
and a professional community established in cooperation with the
European Commission to empower the global research and innovation, and
to promote cooperation between European and International ICT
communities. 

After successful two rounds of Cybersecurity grants for Icelandic SME companies, Icelandic Smaller and Middle-size Enterprises (SMEs) can now for a third time apply for cybersecurity-related funding. The call topics are the same as last time:

• strengthening cybersecurity culture and awareness,
• efficient education, research and development,
• secure digital services and innovation,
• stronger law enforcement, defense and national security,
• effective response to incidents, and
• strong infrastructure, technology and legal framework.

There is a meeting organised by Rannís:

17. November 2025, 9:00-10:15 at Arion Banki, Borgartúni 19, room Þingvellir.

This funding is in the context of the ECCC/EU co-funded project Eyvör – the National Cybersecurity Coordination Centre of Iceland (NCC-IS). See also the official web page of Eyvör NCC-IS.

We have two research papers accepted: one at the 3rd International Conference on Foundation and Large Language Models (FLLM2025) and one at the 12th IEEE International Conference on Social Networks Analysis, Management and Security (SNAMS-2025) -- both conferences are co-located, saving CO2 footprint as only one presenter needs to fly to Vienna in order to present both papers.

• Adetayo Adebimpe, Helmut Neukirchen, Thomas Welsh
  SBASH: a Framework for Designing and Evaluating RAG vs. Prompt-Tuned LLM Honeypots.
  The 3rd International Conference on Foundation and Large Language Models (FLLM2025), IEEE, to appear 2025.
  Download Postprint DOI: 10.48550/arXiv.2510.21459
• Thomas Welsh, Kristófer Finnsson, Brynjólfur Stefánsson, Helmut Neukirchen
  Towards Socio-Technical Topology-Aware Adaptive Threat Detection in Software Supply Chains.
  The 12 International Conference on Social Networks Analysis, Management and Security (SNAMS 2025), IEEE, to appear 2025.
  Download Postprint DOI: 10.48550/arXiv.2510.21452

This research is in the context of our cybersecurity activities and the ECCC/EU co-funded projects ICEDEF – Defend Iceland and Eyvör – the National Cybersecurity Coordination Centre of Iceland (NCC-IS).

While systems based on AMD AI max+ 395 are cheaper (and might in some cases even be faster), the NVIDIA Spark DGX systems have the advantage of providing the CUDA ecosystem. (However, if you just want to run LLMs, then Ollama and LM Studio support the AMD AI processors as well as CUDA.) Both system suffer from the fact, that standard DDR5 RAM is used (or to be more precise LPDDR5, i.e. soldered, instead of upgradable DIMMs).

I did some research on the Spark DGX

• Comes with no 200 GB QSFP Direct Attach Cable (DAC) to cluster two of them without a 200 GB switch in-between, i.e. you need to buy an extra one.
• enP7p1s0 is the Realteak-based 10 GB RJ45 Ethernet port. The others (enp1s0f0np0 enp1s0f1np1 enP2p1s0f0np0 enP2p1s0f1np1) are the 200 GB QSFP56 ports, it seems that as the CPU consists essentially of two parts, each with its own PCIe and each CPU part handles one 100 GB connection and therefore, the 200 GB connection is reported as two 100 GB devices).
• Setup is described here: https://docs.nvidia.com/dgx/dgx-spark/first-boot.html
• While it is setting up, it creates a WiFi AP (SSID shown a booklet that ships with the hardware) so that you can connect and create a user via a Web browser. It uses the Ethernet connection for installing OS updates. Once that setup has been finished, the WiFi AP gets disabled! You should be able to enable the AP again, e.g. using NetworkManager, but this will not NAT the WiFi AP client traffic via the Ethernet connection, i.e. while your WiFi AP client can access the DGX Spark, you cannot browse the Internet.
• From the documentation:
  

  The machine name is your DGX Spark hostname with .local appended, such as spark-xxxx.local. You can find the default hostname on the Quick Start Guide that came in the box. The .local address uses mDNS (multicast DNS) to automatically locate your DGX Spark on the net-work without needing to know its IP address. This is particularly useful if your router periodically reassigns IP addresses.

  For Windows users: mDNS requires Bonjour Print Services from Apple. If you have iTunes or other
  Apple software installed, you likely already have this. Otherwise, you can download it from Ap-
  ple’s website. Alternatively, you can try using just the hostname without .local (such as spark-xxxx),
  though this method is less reliable on modern networks.

  Why .local might not work: .local hostnames may not work in enterprise networks with strict se-
  curity policies, networks that block multicast traffic, or other restricted network environments.

  Using an IP address instead: If .local hostnames do not work, you will need to use the IP address. To
  find the IP address, physically log in to your DGX Spark and click the network icon in the top right
  corner of the Ubuntu desktop. Select Settings from the dropdown menu, then navigate to the
  Network section. The IP address will be displayed under as "Realtek Ethernet". Click on the settings icon to see its IPv4 and IPv6 address.
  Alternatively, you
  can log in to your router’s administration console to view connected devices and their IP addresses.

• As this OS Ubuntu 2024.04 and uses Netplan for all network configuration.
  To change the hostname, you can either use the DGX Dashboard (see below and then Settings, System, Edit Hostname):

  sudo hostnamectl set-hostname new_hostname

  E.g.: sudo hostnamectl set-hostname spark1

  Restart the device or its services for the change to take effect.

  Further netplan commands: netplan get, netplan status --all

  To generate configuration files for all the involved network tools from the yaml file:
  sudo netplan generate. To try (will revert after 120 s): netplan try To finally apply persistently: netplan apply

• Note: the netplan permissions are messed up: do chmod 600 /etc/netplan/* and run netplan apply
• Talking about Ubuntu: Release notes are available, but these refer both to the full-blown X86_64 DGX and the ARM64 DGX Spark, so search there for Spark. recovery media archive file is also available if you need to reinstall. In contrast to Ubuntu that has LTS releases, NVIDIA promises updates only for two years and there are concerns about NVIDIA supporting the Spark or other GB10 systems beyond a few years.
• As this is standard Ubuntu, you will very likely need to do some variant of the usual hardening.
• The https://build.nvidia.com/spark/connect-to-your-spark/sync NVIDIA Sync tool tunnels from your client machine via SSH to the DGX Spark: at the first usage of NVIDIA Sync, it will ask for your username and password: On Linux systems, it will then create a password-less SSH key (so that in future, NVIDIA Sync can tunnel without needing to ask for a password) and copy the public-key of the SSH key over to the DGX Spark (it will do so even if you already have an SSH key). On Mac or MS Windows system, it seems not to assume that there is support for password-less SSH keys.

  The NVIDIA Sync documentation contains some copy/paste instructions for Ubuntu/Debian of how add it as APT source: I do not like that they append it to sources.list -- I would rather make it file on its own in sources.list.d/. Also the provided deb entry might need to be changed into deb [arch=amd64] . I also had after some time to update the GPG key from NVDIA: see their curl line on the above NVDIA page.

• There seems to be an issue with the file /opt/nvidia/dgx-dashboard-service/jupyterlab_ports.yaml. But restarting the system after a user has been added, seems to help. The question is whether restarting some service using systemctl restart would do the same job as rebooting.
  Update: I tried systemctl restart dgx-dashboard.service (which will then ask for the sudo-enabled user to be used for that, incl. entering the password) and that did add the missing entry. sudo systemctl restart dgx-dashboard.service did not ask for the user to be used.
• If there is permission issue with docker: sudo usermod -aG docker $USER
newgrp docker
• https://build.nvidia.com/spark Playbooks with first steps to play around.

  Start with activating Jupyter lab viah the DGX Dashboard. There seems to be an issue with the file /opt/nvidia/dgx-dashboard-service/jupyterlab_ports.yaml, though. Also, the sample AI workload will generate a warning concerning GPU NVIDIA GB10 which is of cuda capability 12.1 and Minimum and Maximum cuda capability supported by PyTorch is (8.0) - (12.0): that can be ignored.

In general, the software quality delivered by NVIDIA is rather low: e.g. in December 2025, apt update was broken and NVIDIA provided a fix only later where some even say that it does not work. In any case, this renders unattended-upgrade not working, thus preventing security updates.

I found a nice visualisation of the most common 4-digit PIN numbers, based on 3.4 million PIN numbers from several data breaches: The 20 most common numbers make up 27% of the commonly used PIN numbers, i.e. from those 3.4 million PIN numbers used by people, more than a quarter were from this set of 20 PINs.

	PIN	Freq
#1	1234	10.713%
#2	1111	6.016%
#3	0000	1.881%
#4	1212	1.197%
#5	7777	0.745%
#6	1004	0.616%
#7	2000	0.613%
#8	4444	0.526%
#9	2222	0.516%
#10	6969	0.512%
#11	9999	0.451%
#12	3333	0.419%
#13	5555	0.395%
#14	6666	0.391%
#15	1122	0.366%
#16	1313	0.304%
#17	8888	0.303%
#18	4321	0.293%
#19	2001	0.290%
#20	1010	0.285%

A more detailed analysis is also provided, e.g. dates are also likely, either years or MMDD / DDMM (Month, Day / Day, Month).

Rule of thumb: what comes into your mind as easy to remember (e.g. birth dates) is what also comes into the mind of others -- and might therefore be tried by someone guessing your PIN code. So: do not use these!