Blog | Cyberday.ai

CA: Panama-Buena Vista School District ransomware attack will delay report cards

23ABC reports: The Panama-Buena Vista School District said that due to the recent ransomware attack, teachers will not be...

Go to article at

15.5.2020

Ransomware

Police Warn of Physical IT Risk from Malicious Contractors

Insiders at cleaning, decorating and other firms could access networks

Go to article at

15.5.2020

Supply Chain Attacks

Intel CSME bug is worse than previously thought

Researchers say a full patch requires replacing hardware. Only the latest Intel 10th generation CPUs are not affected.

Go to article at

15.5.2020

Unpatched Vulnerabilities

Belgian Data Protection Authority Releases Direct Marketing Recommendation

On February 10, 2020, the Belgian Data Protection Authority published its Recommendation on data processing activities for direct marketing purposes. The Recommendation aims to clarify the complex rules relating to processing personal data for direct marketing purposes. Continue Reading

Go to article at

15.5.2020

Illegal Personal Data Processing

Android malware can steal Google Authenticator 2FA codes

A new version of the "Cerberus" Android banking trojan will be able to steal one-time codes generated by the Google Authenticator app and bypass 2FA-protected accounts.

Go to article at

15.5.2020

Malware

Research Finds Microsoft Edge Has Privacy-Invading Telemetry

While Microsoft Edge shares the same source code as the popular Chrome browser, it offers better privacy control for users. New research, though, indicates that it may have more privacy-invading telemetry than other browsers. [...]

Go to article at

15.5.2020

Violations of Data Subject Rights

When it comes to zero-day vulnerabilities, the best approach is preventative action

Zero-day vulnerabilities are software security flaws with the potential to be exploited by cybercriminals – they’re unintended flaws found in programs or operating systems that, if left unaddressed, create security holes that can and almost certainly will be exploited. The problem stems from the traditional software development and QA testing processes that fail to identify bugs and flaws that manifest in live usage. Static and dynamic testing, RASP, and vulnerability assessments all look for known problems or known fallible coding techniques which makes it difficult to identify zero-day vulnerabilities (which are, by definition, unknown.) Even using blue-green or canary staging approaches, software bugs may not be seen and will propagate, meaning the code or application problems caused by these flaws are pushed live, because that code is not tested with production traffic. Since the existing testing methodologies have trouble finding these critical zero-day vulnerabilities, other approaches are being tried, including advanced log analysis and bug bounty programs.

Go to article at

15.5.2020

Unpatched Vulnerabilities

New year, new critical Cisco patches to install – this time for a dirty dozen of bugs that can be exploited to sidestep auth, inject commands, etc

Data Center Network Manager bugapalooza with three must-fix flaws Cisco is kicking off 2020 with the release of a crop of patches for its Data Center Network Manager.…

Go to article at

15.5.2020

Unpatched Vulnerabilities

FBI says that sharing personal info online only helps scammers

The FBI Charlotte office is warning social media users to pay close attention to the information they share online.

Go to article at

15.5.2020

Phishing

Weekly #cybersecurity digest to your inbox

🛡️ Cyberdigest: Secure your passwords! 📝 DORA has come into effect 💰 News: data protection 🔐

🛡️ Cyberdigest: DORA is coming into effect January 17th, are you ready? 🛡️ Security trends 2025 ⭐️

🛡️ Cyberdigest: No time to waste, join us for the first webinars of the year 2025! ➡️💻 Impactful cybersecurity events of 2024 📰

Admin training (part 3/5): Risk management and security control implementation

Admin training (part 5/5): Operating and improving an ISMS and reporting compliance

Admin training (part 4/5): Automating employee awareness, guidance and training

ISO 27001 (part 3/5): Certification audit fundamentals

Admin training (part 2/5): Framework selection and asset identification

ISO 27001 (part 4/5): Staff training, guidelines and policy documents

Ransomware, AI Act 101, NIST CSF 2.0: Cyberday product and news round up 3/2024 🛡️

Empowering Employees: The Keystone in Incident Detection and Reporting

Incident reporting in NIS2: Requirements and related ISO 27001 best practices

Top 7 information security standards, frameworks and laws explained

ISO 27001 and NIS2: Understanding their Connection

Guide to Incident Detection and Reporting: Prepared for the Worst

NIS2 Overview: History, key contents and significance for top management

Best Practices and Common Challenges of ISMS Implementation

CA: Panama-Buena Vista School District ransomware attack will delay report cards

Police Warn of Physical IT Risk from Malicious Contractors

Intel CSME bug is worse than previously thought

Belgian Data Protection Authority Releases Direct Marketing Recommendation

Android malware can steal Google Authenticator 2FA codes

Research Finds Microsoft Edge Has Privacy-Invading Telemetry

When it comes to zero-day vulnerabilities, the best approach is preventative action

New year, new critical Cisco patches to install – this time for a dirty dozen of bugs that can be exploited to sidestep auth, inject commands, etc

FBI says that sharing personal info online only helps scammers

Get started today

How it works?

Use cases

Resources

Contact us

Weekly #cybersecurity digest to your inbox

🛡️ Cyberdigest: Secure your passwords! 📝 DORA has come into effect 💰 News: data protection 🔐

🛡️ Cyberdigest: DORA is coming into effect January 17th, are you ready? 🛡️ Security trends 2025 ⭐️

🛡️ Cyberdigest: No time to waste, join us for the first webinars of the year 2025! ➡️💻 Impactful cybersecurity events of 2024 📰

Admin training (part 3/5): Risk management and security control implementation

Admin training (part 5/5): Operating and improving an ISMS and reporting compliance

Admin training (part 4/5): Automating employee awareness, guidance and training

ISO 27001 (part 3/5): Certification audit fundamentals

Admin training (part 2/5): Framework selection and asset identification

ISO 27001 (part 4/5): Staff training, guidelines and policy documents

Ransomware, AI Act 101, NIST CSF 2.0: Cyberday product and news round up 3/2024 🛡️

Empowering Employees: The Keystone in Incident Detection and Reporting

Incident reporting in NIS2: Requirements and related ISO 27001 best practices

Top 7 information security standards, frameworks and laws explained

ISO 27001 and NIS2: Understanding their Connection

Guide to Incident Detection and Reporting: Prepared for the Worst

NIS2 Overview: History, key contents and significance for top management

Best Practices and Common Challenges of ISMS Implementation

CA: Panama-Buena Vista School District ransomware attack will delay report cards

Police Warn of Physical IT Risk from Malicious Contractors

Intel CSME bug is worse than previously thought

Belgian Data Protection Authority Releases Direct Marketing Recommendation

Android malware can steal Google Authenticator 2FA codes

Research Finds Microsoft Edge Has Privacy-Invading Telemetry

When it comes to zero-day vulnerabilities, the best approach is preventative action

New year, new critical Cisco patches to install – this time for a dirty dozen of bugs that can be exploited to sidestep auth, inject commands, etc

FBI says that sharing personal info online only helps scammers

Stay up-to-date on cyber security

Subscribe for our free, weekly newsletter

* Your email won't be sold nor disclosed forward. Confirmation has more info. Learn more

Get started today

Pysy kärryillä digiturvasta

Tilaa Digiturvauutiset sähköpostiisi

* Osoitetta ei myydä tai luovuteta eteenpäin. Vahvistusviestissä lisätietoja. Lue lisää

How it works?

Use cases

Resources

Contact us