Weekly #cybersecurity digest to your inbox

Subscribe for our weekly digest and get each Friday the most important cyber security news, list of upcoming free webinars and a summary of Cyberday development to your inbox.
Thanks! See you in your inbox on Fridays. :)
Unfortunately something went wrong. You can contact us at team@cyberdayai.

10 most common non-conformities in ISO 27001 audits

Audits and non-conformities drive organizations toward continuous improvement. But before your first ISO 27001 certification, it's good to be aware of some most common non-conformities, so you can avoid these in your certification audit.

article

18.2.2025

Got an ISO 27001 audit interview request - what should I expect?

In this blog, we will talk about the importance of employee participation in the audit interview process, why auditors value employee insights, and look into possible questions asked in an ISO 27001 interview.

article

13.2.2025

ISO 27001 compliance and certification checklist

Looking to ensure you fill ISO 27001 requirements? This checklist will present clearly ordered key steps that guide your organization in building an ISMS and getting compliant with the ISO 27001 standard.

article

6.2.2025

Most important documents in ISO 27001 certification audit

The ISO 27001 standard does specifically define some key documents, which need to be gathered together and be easily shareable e.g. for the auditor. In this blog, we'll present these most important documents for an ISO 27001 certification audit.

article

30.1.2025

NIS2 & national implementation: which local NIS2 laws are available in Cyberday?

EU Member States are required to adopt NIS2 into national law. Key national decisions include defining local authorities, monitoring mechanisms, and tailoring regulations to meet specific needs.

article

23.1.2025

ISO 27001 certification: What happens in the certification audit?

This blog post gives an overall intro to information security auditing and a detailed go-through of the ISO 27001 certification audit process.

article

22.1.2025

What is ISO 27001? Intro to the global information security gold standard.

Whether you're new to ISO 27001 or looking to strengthen your current practices, this post will walk you through its essentials, why it matters, and how it can improve your approach to information security.

article

22.1.2025

Password Security: Avoid these 5 common mistakes

Password security is something that no one should underestimate in the face of today's threats. One sensible option for secure password management is to use software designed for this purpose.

article

16.1.2025

Facebook Engineers Admit They Don't Know What They Do With Your Data

A doc leaked earlier that said FB has no idea where user data goes and what they do with it. Now 2 veteran engineers confirmed similar things in court hearing. ⚠️ "data may be in 55 FB subsystems" ⚠️ "code is its own design doc" #privacy

Go to article at
9.9.2022

New Cybersecurity Regulations Are Coming. Here’s How to Prepare.

Governments are feeling the need to “do something”, to battle growing impact of #cyberattack's. In the US, new rules are pending by e.g. FTC and CISA. These may require e.g. reporting of cyber incidents, not just personal data breaches.

Go to article at
2.9.2022

How 1-Time Passcodes Became a Corporate Liability

Large firms are falling prey to #phishing that goes around MFA - using text messages to steal employee's credentials and one-time passcodes. ✅ Many are now making the change from phishable forms of MFA to e.g. physical security keys.

Go to article at
2.9.2022

Chrome extensions with 1.4 million installs steal browsing data

⚠️ McAfee found 5 popular Chrome extensions that steal and track your browser activity. These were not of the most dangerous type. But this is a good reminder - you can't blindly trust the quality on extension stores. #cybersecurity

Go to article at
2.9.2022

Baker & Taylor's Systems Remain Offline a Week After Ransomware Attack

⚠️ Library services provider hit by #ransomware on 23.8. "Team working around the clock", but still services remain offline. Downtime is disastrous in many industrys. Long-term disruptions from ransomware are becoming more common.

Go to article at
2.9.2022

Ex-Twitter exec blows the whistle, alleging reckless and negligent cybersecurity policies

💣 Ex-Twitter head of sec paints a pic of mismanaged company that hides issues, swindles regulators and secures data poorly. Zatko b4 held roles on Google & DoD. Fired from Twitter due to poor leadership and performance. #cybersecurity

Go to article at
26.8.2022

Is your personal data all over the internet? 7 steps to cleaning up your online presence

Minimizing your digital footprint: 🔀 Check privacy settings (e.g. in FB) 🔍 Google yourself & contact sites to remove unwanted content 🚫 Delete old posts You can also have Google remove your personal data - there's a tool. #privacy

Go to article at
26.8.2022

Meet Borat RAT, a New Unique Triple Threat

RAT #malware typically helps attacker gain control of a system, permitting access to network resources, files, and control mouse and keyboard. ☣️ Borat RAT goes beyond - deploying ransomware and DDoS attacks. Learn more from article >>

Go to article at
26.8.2022

Over 80,000 exploitable Hikvision cameras exposed online

Researchers discovered 80,000 Hikvision cameras w/ command injection #vulnerability - easily exploitable by sending specially crafted messages to server. ⚠️ Patch available for months, but thousands of organizations have not applied it.

Go to article at
26.8.2022