Weekly #cybersecurity digest to your inbox

Subscribe for our weekly digest and get each Friday the most important cyber security news, list of upcoming free webinars and a summary of Cyberday development to your inbox.

Thanks! See you in your inbox on Fridays. :)

Unfortunately something went wrong. You can contact us at team@cyberdayai.

Recent #cybersecurity weekly digests

See full archive? Go to Weekly digests -page >>

🛡️ Cyberdigest: 7 new frameworks! 🎉 Explore our ISO 27001 collection 📚 Malware & privacy news 📰

Published at

17:02

Open digest

🛡️ Cyberdigest: Secure your passwords! 📝 DORA has come into effect 💰 News: data protection 🔐

Published at

17:01

Open digest

🛡️ Cyberdigest: DORA is coming into effect January 17th, are you ready? 🛡️ Security trends 2025 ⭐️

Published at

17:04

Open digest

Webinars

See the full calendar? Go to Webinars-page >>

Coming up on:

Wednesday

30

.

5

.

at

14:00

Admin training (part 3/5): Risk management and security control implementation

Coming up on:

Wednesday

7

.

6

.

at

14:00

Admin training (part 5/5): Operating and improving an ISMS and reporting compliance

Coming up on:

Wednesday

13

.

6

.

at

14:00

Admin training (part 4/5): Automating employee awareness, guidance and training

Coming up on:

Wednesday

21

.

6

.

at

15:00

ISO 27001 (part 3/5): Certification audit fundamentals

Coming up on:

Wednesday

9

.

8

.

at

14:00

Admin training (part 2/5): Framework selection and asset identification

Coming up on:

Wednesday

9

.

8

.

at

15:00

ISO 27001 (part 4/5): Staff training, guidelines and policy documents

Blog posts

Info of new posts? Subscribe now >>

Most important documents in ISO 27001 certification audit

The ISO 27001 standard does specifically define some key documents, which need to be gathered together and be easily shareable e.g. for the auditor. In this blog, we'll present these most important documents for an ISO 27001 certification audit.

30.1.2025

NIS2 & national implementation: which local NIS2 laws are available in Cyberday?

EU Member States are required to adopt NIS2 into national law. Key national decisions include defining local authorities, monitoring mechanisms, and tailoring regulations to meet specific needs.

23.1.2025

ISO 27001 certification: What happens in the certification audit?

This blog post gives an overall intro to information security auditing and a detailed go-through of the ISO 27001 certification audit process.

22.1.2025

What is ISO 27001? Intro to the global information security gold standard.

Whether you're new to ISO 27001 or looking to strengthen your current practices, this post will walk you through its essentials, why it matters, and how it can improve your approach to information security.

22.1.2025

Password Security: Avoid these 5 common mistakes

Password security is something that no one should underestimate in the face of today's threats. One sensible option for secure password management is to use software designed for this purpose.

16.1.2025

Framework recap, role of the CISO & and vendor assessments: Cyberday product and news round-up 12/2024 🛡️

December's product and news round-up will showcase the vendor security assessments and new enterprise-level features, an overview of the key frameworks for 2025 and the roles of the CISO and personnel in an organisation's security.

19.12.2024

Europe's Compliance Revolution: Evolving Cyber Sec Consulting

The evolving cyber sec landscape and growing demand for compliance in combination with a shortage of professionals calls for new ways of working. With the help of partnerships and agile tools, consultants can benefit from the current situation.

18.12.2024

TISAX: Understanding the Automotive framework

By embracing TISAX, automotive industry operators can improve information security, enhance compliance and strengthen their market position. Read more about TISAX, its scope, requirements and how ISO 27001 fits in.

3.12.2024

News articles

Get weekly news? Subscribe now >>

Cybersecurity awareness training: What is it and what works best?

82% of breaches in 2021 involved a “human element.” Bad actors exploit credulous or careless employees. Trends that grow the need for employee #cybersecurity skills: 🔓 Poor password practices 🦹 Cybercrime growth 📲 Hybrid work

Go to article at

Know your enemy! Learn how cybercrime adversaries get in…

Researchers dug into reports of 144 real-life #cyberattack's. ⚠️ Unpatched vulnerabilties entry point for 50% of attacks ⌛ Attackers around for more than a month on avg 🖥️ RDP abused to spread the attack by more than 80% of attackers

Go to article at

Apple's New Feature Will Install Security Updates Automatically Without Full OS Update

Apple: "macOS security gets even stronger with new tools that make the Mac more resistant to attack, including Rapid Security Response that works in between normal updates to easily keep security up to date without a reboot" #cybersecurity

Go to article at

Costa Rica May Be Pawn in Conti Ransomware Group’s Bid to Rebrand, Evade Sanctions

Costa Rican terveysministeriössä tulostimet menivät sekaisin tänä aamuna Hive #ransomware'ryhmän hyökkäyksen jälkeen. Kaikki järjestelmät ovat toistaiseksi alhaalla. HIVE ei ole julkaissut lunnasvaatimusta. Hyökkäykset voivat jatkua.

Go to article at

Costa Rica May Be Pawn in Conti Ransomware Group’s Bid to Rebrand, Evade Sanctions

Printers at the Costa Rican government health ministry went crazy this morning after the Hive #ransomware group attacked. All systems went down until further notice. HIVE has not released their ransom fee. Attacks are expected to follow.

Go to article at

$150 Million Fine to Twitter Over Privacy Violations; Email and Phone for “Account Security” Used in Targeted Advertising Without User Knowledge

FTC is actively regulating privacy in the US. FTC can penalize for e.g. when a social network misleads its users about how personal data will be used or protected. This is what now happened to Twitter, resulting in a 150M$ #privacy fine.

Go to article at

How to support women in cybersecurity

There are millions of unfilled #cybersecurity job openings around the globe. In the industry women make up roughly 24% of jobs, according to (ISC)². Untapped talent could mean e.g. less innovation. Reasoned thougths on women in cyber >>

Go to article at

FBI seizes domains used to sell stolen data, DDoS services

FBI seizes harmful domains ⚠️ WeLeakInfo.to sold subscriptions for searching data from 10k data breaches, eg emails, phones, and passwords for online accounts. ⛔ ipstress.in and ovh-booter.com used for DDoS ordering #cybersecurity

Go to article at

New Microsoft Zero-Day Attack Underway

MS Support Diagnostic Tool has a #vulnerability, that enables running commands remotely via using malicious MS Word documents. No patch available yet, limit by: ☑️ Turning off MSDT URL protocol ☑️ Disabling preview feature in IE

Go to article at

Get started today

Start free, in your familiar Teams environment.
If you have some questions first, book a meeting with us.

Start free 14-day trial