Weekly #cybersecurity digest to your inbox

Subscribe for our weekly digest and get each Friday the most important cyber security news, list of upcoming free webinars and a summary of Cyberday development to your inbox.
Thanks! See you in your inbox on Fridays. :)
Unfortunately something went wrong. You can contact us at team@cyberdayai.

Near-Record Year for US Data Breaches in 2022

Takeways on ITRC's US data breaches in 2022 report: ⚠️ Only 34% of breach notices incl victim and attack details. Hard for people to estimate their risk. Other info: 👥 422 million affected 🎣 Phishing and #ransomware popular vectors

Go to article at
27.1.2023

Hunting Insider Threats on the Dark Web

💣 Malicious employees cause 20% of incidents. Insider attacks are on avg. 10x larger. Companies can spot threats by spotting crooks after insider knowledge or disgruntled employees' unsavory comments - also on dark web. #cybersecurity

Go to article at
27.1.2023

Supply chain attacks caused more data compromises than malware

Steady increase on data breaches on 2nd half of 2022. ⚠️ Attacks on supply chains are becoming a big trend: - Supply chain attacks affected 10+ million people - #Malware-based attacks affected 4.3 million people

Go to article at
27.1.2023

New Python-based RAT Uses WebSockets for C2 and Data Exfiltration

☣️ New #malware dubbed PY#RATION is allowing threat actors to harvest sensitive information. "Malware is unique in its utilization of WebSockets to avoid detection, communicate and exfiltrate data." Attack details in article >>

Go to article at
27.1.2023

Zendesk Hacked After Employees Fall for Phishing Attack

Zendesk informed customers of a breach resulting from employee credentials stolen in "sophisticated sms #phishing campaign". No public notice yet. Attack may be the same that already hit e.g. Twilio and Cloudflare before. #cybersecurity

Go to article at
27.1.2023

New stronger rules start to apply for the cyber and physical resilience of critical entities and networks

NIS 2 Directive will e.g.: 🏛 expand the sectors / types of critical entities on its scope ⚠️ strengthen #cybersecurity risk management requirements 🔈 give more detailed incident reporting obligations (e.g. content and timeline)

Go to article at
20.1.2023

For password protection, dump LastPass for open source Bitwarden

In Dec, LastPass said August #cybersecurity incident had been worse than admitted. Instead of losing internal docs, they lost customer vault data. This article tells about an alternate tool to protect and organize passwords - Bitwarden.

Go to article at
20.1.2023

Ransomware severs 1,000 ships from on-shore servers

Pirating from the comfort of your home? Latest case of transport industry #cyberattack's is ShipManager, a maritime mgmt business, after ransomware forced its software offline and left 1,000 ships w/o connection to on-shore servers.

Go to article at
20.1.2023

Norton LifeLock Discloses Breach Affecting Thousands of Customer Accounts

Norton LifeLock breach may allow hackers access to password vaults. This was a credential stuffing attack — where previously leaked creds used to access accounts with same passwords. MFA and password changes help prevent. #cybersecurity

Go to article at
20.1.2023