Weekly #cybersecurity digest to your inbox

Subscribe for our weekly digest and get each Friday the most important cyber security news, list of upcoming free webinars and a summary of Cyberday development to your inbox.

Thanks! See you in your inbox on Fridays. :)

Unfortunately something went wrong. You can contact us at team@cyberdayai.

Recent #cybersecurity weekly digests

See full archive? Go to Weekly digests -page >>

🛡️ Cyberdigest: Most important documents in ISO 27001 audit 📑 Join our NIS2 & ISO 27001 webinars ➡️ Look into cyberthreat trends 👾

Published at

17:05

Open digest

🛡️ Cyberdigest: 7 new frameworks! 🎉 Explore our ISO 27001 collection 📚 Malware & privacy news 📰

Published at

17:02

Open digest

🛡️ Cyberdigest: Secure your passwords! 📝 DORA has come into effect 💰 News: data protection 🔐

Published at

17:01

Open digest

Webinars

See the full calendar? Go to Webinars-page >>

Coming up on:

Wednesday

30

.

5

.

at

14:00

Admin training (part 3/5): Risk management and security control implementation

Coming up on:

Wednesday

7

.

6

.

at

14:00

Admin training (part 5/5): Operating and improving an ISMS and reporting compliance

Coming up on:

Wednesday

13

.

6

.

at

14:00

Admin training (part 4/5): Automating employee awareness, guidance and training

Coming up on:

Wednesday

21

.

6

.

at

15:00

ISO 27001 (part 3/5): Certification audit fundamentals

Coming up on:

Wednesday

9

.

8

.

at

14:00

Admin training (part 2/5): Framework selection and asset identification

Coming up on:

Wednesday

9

.

8

.

at

15:00

ISO 27001 (part 4/5): Staff training, guidelines and policy documents

Blog posts

Info of new posts? Subscribe now >>

Become a Cyberday partner: Features, benefits and best practices

A good and efficient tool such as Cyberday is a great way to work on the organization's cyber secuirty. However, for some organizations that is not enough and the expertise and support of a consultant is needed. Our partner program offers both!

6.6.2023

Cyberday Community has been launched!

We just launched a new Community section inside Cyberday. Our goal is to make collaboration with your peers and with us easier and thus help you improve your information security even further!

24.3.2023

ISO 27001 standard updated to 2022 version - what changed?

What has changed when comparing 2013 vs. 2022 versions of ISO 27001 and how are these updates visible on Cyberday?‍

18.11.2022

Efficient cyber risk management with new autopilot mode

We're constatly searching for ways to automate and create efficient cyber risk management. Our newest additions is risk autopilot mode. It's concept is described on this post.

1.6.2022

Infographic: Why is cyber security getting more and more important?

Here's a visual summary of some of the drivers that continue to make cyber security more and more important for all organizations.

11.2.2022

Cyberday Teams app is now available!

Our Teams app passed the latest Microsoft tests and is now available from the Teams app store. This article reviews the benefits and deployment of Cyberday's Teams app.

1.7.2020

Content update published to Cyberday

We released an update to Cyberday documentation. The goal was to streamline documentation, highlight the most important things and significantly reduce the amount of separately documented items.

11.6.2020

Cyberday launched: Frameworks, Teams-integration and much more

Cyberday works now inside a Microsoft Teams and by choosing a framework you can guide your own work. In this blog you'll find a summary from reforms!

20.5.2020

News articles

Get weekly news? Subscribe now >>

10 Credential Stealing Python Libraries Found on PyPI Repository

⚠️ Growing #cybersecurity threat - bad actors publish rogue software on popular public repositories. Now 10 modules removed from Python Package Index (PyPI) that harvest critical data (e.g. passwords, API tokens). Details in article >>

Go to article at

Hackers Compromise Employee Accounts to Access Twilio Internal Systems

⚠️ Twilio's employees were hit with SMS #phishing messages supposedly from the company’s IT department. Organizations serious about their customers’ data should actively guide employees to spot scams. Article has some tips for this >>

Go to article at

Slack admits to leaking hashed passwords for five years

Slack notified users of an embarrassing #cybersecurity snafu, as workspace invitations included senders hashed password. 🔐 This article also includes clearly worded info about password hashing, salting and stretching. Valuable read!

Go to article at

Start as you mean to go on: the top 10 steps to securing your new computer

Protect your PC from #cybersecurity threats: 🔧 Auto-updates for OS, software and browser 🛑 Remove bloatware 💾 Configure backups 🌐 Check browser privacy/security settings 🔏 Use a password manager and MFA Continues on the article >>

Go to article at

VirusTotal Reveals Most Impersonated Software in Malware Attacks

To create e.g. successful #phishing attacks, cyber criminals are mimicking legitimate businesses and apps. 📱 Most impersonated apps include: Skype Adobe Reader TeamViewer CCleaner MS Edge Zoom WhatsApp

Go to article at

How IT Teams Can Use 'Harm Reduction' for Better Cybersecurity Outcomes

Harm reduction approach in #cybersecurity guidance: ⛔ "Never use QR codes!" vs. ⚠️ "Well.. if you do use a QR code, at least use these cues to know, if you landed on a secure site or not." Efficient or sloppy?

Go to article at

FEMA warns emergency alert systems could be hacked to transmit fake messages unless software is updated

⚠️ #Cybersecurity researcher provided FEMA with evidence that unpatched EAS (Emergency Alert System) devices are vulnerable. 📺 TV and radio networks use these to transmit alerts. This could allow hackers to broadcast fake alert messages.

Go to article at

Microsoft accounts targeted with new MFA-bypassing phishing kit

⚠️ Ongoing large-scale attack uses typo-squatted domains and proxy-based #phishing kit to target MS users and bypass MFA. Goal - breach corporate accounts for BEC attacks and divert payments to attacker's bank accounts. Attack details >>

Go to article at

Industroyer: A cyber‑weapon that brought down a power grid

Back in 2017, Industroyer was the first #malware targeted for hitting power grids. ⚠️ In 04/22 Rus attacked grids in UKR. Attack was luckily thwarted, but critical infrastructure is becoming more and more frequent target for cyber attacks.

Go to article at

Get started today

Start free, in your familiar Teams environment.
If you have some questions first, book a meeting with us.

Start free 14-day trial