Weekly #cybersecurity digest to your inbox

Subscribe for our weekly digest and get each Friday the most important cyber security news, list of upcoming free webinars and a summary of Cyberday development to your inbox.

Thanks! See you in your inbox on Fridays. :)

Unfortunately something went wrong. You can contact us at team@cyberdayai.

Recent #cybersecurity weekly digests

See full archive? Go to Weekly digests -page >>

🛡️ Cyberdigest: Secure your passwords! 📝 DORA has come into effect 💰 News: data protection 🔐

Published at

17:01

Open digest

🛡️ Cyberdigest: DORA is coming into effect January 17th, are you ready? 🛡️ Security trends 2025 ⭐️

Published at

17:04

Open digest

🛡️ Cyberdigest: No time to waste, join us for the first webinars of the year 2025! ➡️💻 Impactful cybersecurity events of 2024 📰

Published at

17:03

Open digest

Webinars

See the full calendar? Go to Webinars-page >>

Coming up on:

Wednesday

30

.

5

.

at

14:00

Admin training (part 3/5): Risk management and security control implementation

Coming up on:

Wednesday

7

.

6

.

at

14:00

Admin training (part 5/5): Operating and improving an ISMS and reporting compliance

Coming up on:

Wednesday

13

.

6

.

at

14:00

Admin training (part 4/5): Automating employee awareness, guidance and training

Coming up on:

Wednesday

21

.

6

.

at

15:00

ISO 27001 (part 3/5): Certification audit fundamentals

Coming up on:

Wednesday

9

.

8

.

at

14:00

Admin training (part 2/5): Framework selection and asset identification

Coming up on:

Wednesday

9

.

8

.

at

15:00

ISO 27001 (part 4/5): Staff training, guidelines and policy documents

Blog posts

Info of new posts? Subscribe now >>

Ransomware, AI Act 101, NIST CSF 2.0: Cyberday product and news round up 3/2024 🛡️

In the March digest, development themes include new frameworks, risk management improvements and a new visual view for documentation cards. The news features Information Security Trailblazers, data breaches and AI Act 101.

21.3.2024

Empowering Employees: The Keystone in Incident Detection and Reporting

Employees are vital for detecting and reporting cyber threats and bolstering security. Proper training fosters a resilient culture, ensuring timely responses and safeguarding against breaches.

15.3.2024

Incident reporting in NIS2: Requirements and related ISO 27001 best practices

This post outlines NIS2 incident reporting and further describes ISO 27001 best practices, and their application in crafting successful incident reporting processes for your organization.

8.3.2024

Top 7 information security standards, frameworks and laws explained

Many information security frameworks are available to help organizations build their own security plans. This article provides key information about some of the most popular information security frameworks.

4.3.2024

ISO 27001 and NIS2: Understanding their Connection

Learn how the ISO 27001 and the NIS2 are "connected" and why they are brought up together pretty often. Understand their differences and synergy with the help of this blog post.

1.3.2024

Guide to Incident Detection and Reporting: Prepared for the Worst

In this guide you'll learn to navigate the incident detection and reporting process, explore various mechanisms, understand reporting, documentation, and derive crucial lessons. We also glance at other ingredients for successful incident management.

22.2.2024

NIS2 Overview: History, key contents and significance for top management

Get an overview of NIS2's main contents and understand how it makes top management clearly responsible for organization's information security efforts.

16.2.2024

Best Practices and Common Challenges of ISMS Implementation

No matter if you are an IT professional, a cyber security expert, or in a management role, this post will provide you with valuable insights into the best practices for a successful ISMS implementation and how to navigate common challenges.

14.2.2024

News articles

Get weekly news? Subscribe now >>

Increased monetization means more ransomware attacks

Organizations are detecting and containing attacks faster as the global median dwell time, defined as the duration between the start of a cyber intrusion and it being identified, was 56 days. This is 28% lower than the 78-day median observed in the previous year, according to FireEye. Consultants attribute this trend to organizations improving their detection programs, as well as changes in attacker behaviors such as the continued rise in disruptive attacks (e.g. ransomware and … More → The post Increased monetization means more ransomware attacks appeared first on Help Net Security.

Go to article at

Microsoft's IE Zero-day Fix is Breaking Windows Printing

Microsoft's temporary fix for a recently disclosed Internet Explorer zero-day vulnerability is causing numerous problems in Windows, including breaking printing for some users. [...]

Go to article at

Unpatched Vulnerabilities

NetSupport Manager RAT Spread via Bogus NortonLifeLock Docs

The legitimate remote-access tool is being used to maliciously infect victims and allow remote code-execution.

Go to article at

Don't fall for this phish attempt from fraudsters

When Chase bank e-mails you to warn of a fraud alert to your account, you pay attention. But when your work e-mail is associated with a card you don't have, and when the return address isn't from Chase, it's so obvious a fraudulent e-mail that we laugh it off. But it looked and felt real. So much so, I wanted to just quickly show it to you and flag it, to make sure you don't fall victim to this phishing attempt. Remember, one click on the e-mail, and the hackers can take control of our digital lives. That's what happened to Hillary Clinton's campaign manager for the 2016 election that led to the hack of her e-mails. He got a bogus e-mail that looked like it was from Google, asking John Podesta to update his credentials in what's called a "spear-phishing" attack." One click, and Wikileaks got access to the campaign e-mails.

Go to article at

Most Ransomware Gets Executed Three Days After Initial Breach

Ransomware gets deployed three days after an organization's network gets infiltrated in the vast majority of attacks, with post-compromise deployment taking as long as 299 days in some of the dozens of attacks researchers at cybersecurity firm FireEye examined between 2017 and 2019. [...]

Go to article at

NetSupport Manager RAT Spread via Bogus NortonLifeLock Docs

The legitimate remote-access tool is being used to maliciously infect victims and allow remote code-execution.

Go to article at

LabCorp Exposed Thousands Of Medical Documents

Go to article at

Illegal Personal Data Processing

Critical WordPress Bug Leaves 320,000 Sites Open to Attack

Authentication bypass bugs in WordPress plugins InfiniteWP Client and WP Time Capsule leave hundreds of thousands of sites open to attack.

Go to article at

Unpatched Vulnerabilities

Email Server of Special Olympics of New York Hacked; Later Used To Launch a Phishing Campaign

Go to article at

Get started today

Start free, in your familiar Teams environment.
If you have some questions first, book a meeting with us.

Start free 14-day trial