Weekly #cybersecurity digest to your inbox

Subscribe for our weekly digest and get each Friday the most important cyber security news, list of upcoming free webinars and a summary of Cyberday development to your inbox.

Thanks! See you in your inbox on Fridays. :)

Unfortunately something went wrong. You can contact us at team@cyberdayai.

Recent #cybersecurity weekly digests

See full archive? Go to Weekly digests -page >>

🛡️ Cyberdigest: Most important documents in ISO 27001 audit 📑 Join our NIS2 & ISO 27001 webinars ➡️ Look into cyberthreat trends 👾

Published at

17:05

Open digest

🛡️ Cyberdigest: 7 new frameworks! 🎉 Explore our ISO 27001 collection 📚 Malware & privacy news 📰

Published at

17:02

Open digest

🛡️ Cyberdigest: Secure your passwords! 📝 DORA has come into effect 💰 News: data protection 🔐

Published at

17:01

Open digest

Webinars

See the full calendar? Go to Webinars-page >>

Coming up on:

Wednesday

30

.

5

.

at

14:00

Admin training (part 3/5): Risk management and security control implementation

Coming up on:

Wednesday

7

.

6

.

at

14:00

Admin training (part 5/5): Operating and improving an ISMS and reporting compliance

Coming up on:

Wednesday

13

.

6

.

at

14:00

Admin training (part 4/5): Automating employee awareness, guidance and training

Coming up on:

Wednesday

21

.

6

.

at

15:00

ISO 27001 (part 3/5): Certification audit fundamentals

Coming up on:

Wednesday

9

.

8

.

at

14:00

Admin training (part 2/5): Framework selection and asset identification

Coming up on:

Wednesday

9

.

8

.

at

15:00

ISO 27001 (part 4/5): Staff training, guidelines and policy documents

Blog posts

Info of new posts? Subscribe now >>

Navigating the Cybersecurity Maze: Master NIS2 with the help of ISO 27001

Learn how to master NIS2 with ISO 27001 and grab our free NIS2 e-book! This blog post was originally written for the Cyber Security Nordic 2024 event where Cyderday is presented as Strategic partner.

3.10.2024

Corporate Security Alert: Identifying Dangerous Apps on Employee Phones

This article uncovers hidden security risks of popular apps on work devices, covering social media, messaging, cloud storage, gaming, utility, health, VPN, and shopping apps, with recommendations to safeguard corporate data.

20.9.2024

NIS2 national legistation, ransomware and a new development forum: Cyberday product and news round-up 9/2024 🛡️

This is the September news and product review from Cyberday. Read news about ransomware, new phishing techniques and local NIS2-legistations.

20.9.2024

IT and OT Cyber Security: Different Environments, Different Priorities

This blog post outlines the key differences between IT and OT cyber security, focusing on their distinct areas, objectives, environments, threat landscapes, and compliance requirements.

4.9.2024

Cyber Security in Supply Chain Risk Management

Businesses should prioritize supply chain security by adopting best cyber security practices, fostering resilience, and promoting collaboration to protect against evolving cyber threats. Learn more about this topic in this blog post.

22.8.2024

Spreadsheet vs. ISMS tool - top 10 reasons why a tool is better than the traditional way

Discover the top 10 reasons why agile tools outperform traditional spreadsheets in managing cyber security compliance, from centralized management to continuous improvement.

22.8.2024

ISMS Essentials: Mastering a Data System Inventory for Your Organization

This post provides essential insights for maintaining a data system inventory within your organization's ISMS, detailing key processes, asset types, and tackling common challenges.

15.8.2024

Incident Detection: Building, Nurturing, and Continuously Improving a Proactive Environment

Shift from reactive to proactive incident detection. Use advanced tools, continuous learning, and customised strategies to anticipate and prevent issues. Focus on constant improvement and innovation to boost security and resilience.

15.8.2024

News articles

Get weekly news? Subscribe now >>

The Top 10 State of Security Blog Posts from 2019

It’s been another fantastic year on The State of Security blog. With over 350 blogs published from all walks of the security community, we like to think of the blog as more of an industry resource that caters to not only experienced security professionals but also to those who are new to the community. To […]… Read MoreThe post The Top 10 State of Security Blog Posts from 2019 appeared first on The State of Security.

Go to article at

Increased monetization means more ransomware attacks

Organizations are detecting and containing attacks faster as the global median dwell time, defined as the duration between the start of a cyber intrusion and it being identified, was 56 days. This is 28% lower than the 78-day median observed in the previous year, according to FireEye. Consultants attribute this trend to organizations improving their detection programs, as well as changes in attacker behaviors such as the continued rise in disruptive attacks (e.g. ransomware and … More → The post Increased monetization means more ransomware attacks appeared first on Help Net Security.

Go to article at

Microsoft's IE Zero-day Fix is Breaking Windows Printing

Microsoft's temporary fix for a recently disclosed Internet Explorer zero-day vulnerability is causing numerous problems in Windows, including breaking printing for some users. [...]

Go to article at

Unpatched Vulnerabilities

NetSupport Manager RAT Spread via Bogus NortonLifeLock Docs

The legitimate remote-access tool is being used to maliciously infect victims and allow remote code-execution.

Go to article at

Don't fall for this phish attempt from fraudsters

When Chase bank e-mails you to warn of a fraud alert to your account, you pay attention. But when your work e-mail is associated with a card you don't have, and when the return address isn't from Chase, it's so obvious a fraudulent e-mail that we laugh it off. But it looked and felt real. So much so, I wanted to just quickly show it to you and flag it, to make sure you don't fall victim to this phishing attempt. Remember, one click on the e-mail, and the hackers can take control of our digital lives. That's what happened to Hillary Clinton's campaign manager for the 2016 election that led to the hack of her e-mails. He got a bogus e-mail that looked like it was from Google, asking John Podesta to update his credentials in what's called a "spear-phishing" attack." One click, and Wikileaks got access to the campaign e-mails.

Go to article at

Most Ransomware Gets Executed Three Days After Initial Breach

Ransomware gets deployed three days after an organization's network gets infiltrated in the vast majority of attacks, with post-compromise deployment taking as long as 299 days in some of the dozens of attacks researchers at cybersecurity firm FireEye examined between 2017 and 2019. [...]

Go to article at

NetSupport Manager RAT Spread via Bogus NortonLifeLock Docs

The legitimate remote-access tool is being used to maliciously infect victims and allow remote code-execution.

Go to article at

LabCorp Exposed Thousands Of Medical Documents

Go to article at

Illegal Personal Data Processing

Critical WordPress Bug Leaves 320,000 Sites Open to Attack

Authentication bypass bugs in WordPress plugins InfiniteWP Client and WP Time Capsule leave hundreds of thousands of sites open to attack.

Go to article at

Unpatched Vulnerabilities

Get started today

Start free, in your familiar Teams environment.
If you have some questions first, book a meeting with us.

Start free 14-day trial