Weekly #cybersecurity digest to your inbox

Subscribe for our weekly digest and get each Friday the most important cyber security news, list of upcoming free webinars and a summary of Cyberday development to your inbox.
Thanks! See you in your inbox on Fridays. :)
Unfortunately something went wrong. You can contact us at team@cyberdayai.
Recent #cybersecurity weekly digests
See full archive? Go to Weekly digests -page >>

🛡️ Cyberdigest: Secure your passwords! 📝 DORA has come into effect 💰 News: data protection 🔐

Published at 

17:01

Open digest

🛡️ Cyberdigest: DORA is coming into effect January 17th, are you ready? 🛡️ Security trends 2025 ⭐️

Published at 

17:04

Open digest

🛡️ Cyberdigest: No time to waste, join us for the first webinars of the year 2025!  ➡️💻 Impactful cybersecurity events of 2024 📰 

Published at 

17:03

Open digest

Webinars
See the full calendar? Go to Webinars-page >>
Watch now
Webinar

Coming up on:

Wednesday

30

.

5

.

at

14:00

Admin training (part 3/5): Risk management and security control implementation

Register now
Watch now
Webinar

Coming up on:

Wednesday

7

.

6

.

at

14:00

Admin training (part 5/5): Operating and improving an ISMS and reporting compliance

Register now
Watch now
Webinar

Coming up on:

Wednesday

13

.

6

.

at

14:00

Admin training (part 4/5): Automating employee awareness, guidance and training

Register now
Watch now
Webinar

Coming up on:

Wednesday

21

.

6

.

at

15:00

ISO 27001 (part 3/5): Certification audit fundamentals

Register now
Watch now
Webinar

Coming up on:

Wednesday

9

.

8

.

at

14:00

Admin training (part 2/5): Framework selection and asset identification

Register now
Watch now
Webinar

Coming up on:

Wednesday

9

.

8

.

at

15:00

ISO 27001 (part 4/5): Staff training, guidelines and policy documents

Register now
Blog posts
Info of new posts? Subscribe now >>

NIS2 & national implementation: which local NIS2 laws are available in Cyberday?

EU Member States are required to adopt NIS2 into national law. Key national decisions include defining local authorities, monitoring mechanisms, and tailoring regulations to meet specific needs.

article

23.1.2025

ISO 27001 certification: What happens in the certification audit?

This blog post gives an overall intro to information security auditing and a detailed go-through of the ISO 27001 certification audit process.

article

22.1.2025

What is ISO 27001? Intro to the global information security gold standard.

Whether you're new to ISO 27001 or looking to strengthen your current practices, this post will walk you through its essentials, why it matters, and how it can improve your approach to information security.

article

22.1.2025

Password Security: Avoid these 5 common mistakes

Password security is something that no one should underestimate in the face of today's threats. One sensible option for secure password management is to use software designed for this purpose.

article

16.1.2025

Framework recap, role of the CISO & and vendor assessments: Cyberday product and news round-up 12/2024 🛡️

December's product and news round-up will showcase the vendor security assessments and new enterprise-level features, an overview of the key frameworks for 2025 and the roles of the CISO and personnel in an organisation's security.

article

19.12.2024

Europe's Compliance Revolution: Evolving Cyber Sec Consulting

The evolving cyber sec landscape and growing demand for compliance in combination with a shortage of professionals calls for new ways of working. With the help of partnerships and agile tools, consultants can benefit from the current situation.

article

18.12.2024

TISAX: Understanding the Automotive framework

By embracing TISAX, automotive industry operators can improve information security, enhance compliance and strengthen their market position. Read more about TISAX, its scope, requirements and how ISO 27001 fits in.

article

3.12.2024

Recognising growth: move to new offices with Cyberday!

Join the Cyberday team when it's time to upgrade to a bigger office space. Read about the highlights of the autumn, and let's reflect together on how growth and physical security can shape the workspace.

article

28.11.2024

News articles
Get weekly news? Subscribe now >>

Ransomware Locks Medical Records at Great Plains Health

Patient data likely safe On Tuesday, GPHealth announced that it was canceling a large number of non-emergent patient appointments and procedures. Mel McNea, GPHealth chief executive officer, says that there is no reason to suspect that patient data was accessed but the organization will do a full audit, nevertheless. Ransomware encrypts files on affected systems and is not typically associated with data theft. The group behind Maze ransomware carried out such an attack and threatened the victim company that they would leak the stolen data unless they paid 300 bitcoin ($2.3 million at the time) for the decryption key. Well on its way to recovery A statement on Facebook from GPHealth informs that there is no reason to believe that patient information was accessed during the attack on their systems. At this moment, it is unclear what ransomware strain was used in the attack or if the ransom was paid to restore the encrypted data.

Go to article at
15.5.2020
Ransomware

SG: Public healthcare cluster NHG fined $6,000 for not securing personal data

Hariz Baharudin reports: Public healthcare cluster National Healthcare Group (NHG) has been fined $6,000 for failing to...

Go to article at
15.5.2020
Illegal Personal Data Processing

Microsoft: 44 Million User Passwords Have Been Breached

Redmond urges users to switch on MFA

Go to article at
15.5.2020
Password Attacks

Security Considerations for a Blended Workforce

A blended workforce consisting of external organizations, traditional workers and non-traditional workers such as freelancers, remote workers, temporary workers and independent contractors (ICs) can provide an organization with the added potential for collaboration, innovation and timely responses to shifting demands. While the integration of a blended workforce can provide exceptional benefits, there are also unique.. The post Security Considerations for a Blended Workforce appeared first on Security Boulevard.

Go to article at
15.5.2020
Employee Negligence

Phishing psychology: The prevalence effect

One explanation of phishing success lies in a known psychological effect.

Go to article at
15.5.2020
Phishing

IT exec sets up fake biz, uses it to bill his bosses $6m for phantom gear, gets caught by Microsoft Word metadata

And now he faces up to 20 years in the slammer A now-former senior IT exec has admitted conning his employer out of $6m – by setting up a fake tech services biz that billed his bosses for bogus services.…

Go to article at
15.5.2020
Insider Attacks

Mysterious New Ransomware Targets Industrial Control Systems

Now, a malware sample has surfaced that uses specific knowledge of control systems to target them with a far blunter, and more familiar, tactic: Kill the target's software processes, encrypt the underlying data, and hold it hostage. Over the last month, researchers at security firms including Sentinel One and Dragos have puzzled over a piece of code called Snake or EKANS, which they now believe is specifically designed to target industrial control systems, the software and hardware used in everything from oil refineries to power grids to manufacturing facilities. But EKANS also uses another trick to ratchet up the pain: It's designed to terminate 64 different software processes on victim computers, including many that are specific to industrial control systems. EKANS is actually the second ransomware to hit industrial control systems. According to Dragos, another ransomware strain known as Megacortex that first appeared last spring included all of the same industrial control system process-killing features, and may in fact be a predecessor to EKANS developed by the same hackers.

Go to article at
15.5.2020
Ransomware

Hackers are using the COVID-19 pandemic to spread malware

Several cybersecurity firms are reporting an uptick in attacks against a range of targets, all using the ongoing COVID-19 pandemic as a hook to hoodwink their victims into running malware.

Go to article at
15.5.2020
Malware

Trello exposed! Search turns up huge trove of private data

A surprising number of users seem to be setting Trello boards, and their often highly sensitive content, to ‘public’.

Go to article at
15.5.2020
Employee Negligence

Get started today

Start free, in your familiar Teams environment.
If you have some questions first, book a meeting with us.

Start free 14-day trial
Book a meeting
How it works?
SummarySecurity tasks and assuranceDocumentation workflowsEmployee guidelinesReporting templates
Use cases
By frameworkAll frameworksISO 27001NIS2 directiveNIST CSFCSA CCMISO 27701GDPRISO 27017ISO 27018
By methodCyber risk managementEmployee awarenessCompliance reportingControl managementAsset managementDynamic policy documentsPrivacy management
Resources
AcademyWebinarsBlogHelp articlesVideo coursesWeekly news digestsSubscribe to AcademyLeave a reviewPartner programTeamTerms of usePrivacy policy
Contact us
+358 10 231 6010
team@cyberday.ai
App works in:
Known in Finland as Digiturvamalli
© Cyberday Inc. Kalevantie 2 33100 Tampere, Finland
Cyberday.ai - Improve and certify your cyber security