Weekly #cybersecurity digest to your inbox

Subscribe for our weekly digest and get each Friday the most important cyber security news, list of upcoming free webinars and a summary of Cyberday development to your inbox.
Thanks! See you in your inbox on Fridays. :)
Unfortunately something went wrong. You can contact us at team@cyberdayai.
Recent #cybersecurity weekly digests
See full archive? Go to Weekly digests -page >>

🛡️ Cyberdigest: Secure your passwords! 📝 DORA has come into effect 💰 News: data protection 🔐

Published at 

17:01

Open digest

🛡️ Cyberdigest: DORA is coming into effect January 17th, are you ready? 🛡️ Security trends 2025 ⭐️

Published at 

17:04

Open digest

🛡️ Cyberdigest: No time to waste, join us for the first webinars of the year 2025!  ➡️💻 Impactful cybersecurity events of 2024 📰 

Published at 

17:03

Open digest

Webinars
See the full calendar? Go to Webinars-page >>
Watch now
Webinar

Coming up on:

Wednesday

30

.

5

.

at

14:00

Admin training (part 3/5): Risk management and security control implementation

Register now
Watch now
Webinar

Coming up on:

Wednesday

7

.

6

.

at

14:00

Admin training (part 5/5): Operating and improving an ISMS and reporting compliance

Register now
Watch now
Webinar

Coming up on:

Wednesday

13

.

6

.

at

14:00

Admin training (part 4/5): Automating employee awareness, guidance and training

Register now
Watch now
Webinar

Coming up on:

Wednesday

21

.

6

.

at

15:00

ISO 27001 (part 3/5): Certification audit fundamentals

Register now
Watch now
Webinar

Coming up on:

Wednesday

9

.

8

.

at

14:00

Admin training (part 2/5): Framework selection and asset identification

Register now
Watch now
Webinar

Coming up on:

Wednesday

9

.

8

.

at

15:00

ISO 27001 (part 4/5): Staff training, guidelines and policy documents

Register now
Blog posts
Info of new posts? Subscribe now >>

NIS2 Compliance: Top 5 Reasons for the Manufacturing Sector

The article highlights the critical importance for manufacturers to comply with NIS2 regulations to safeguard their operations and infrastructure from cyber threats.

article

31.5.2024

Cannes Hospital data breach, the impact of AI and NIS2 evolution: the Cyberday product and news round-up 5/2024 🛡️

May's Product and News Update presents the new monthly ISMS reports as well as the Metrics page. Other topics include Cyberday's new framework DORA and recent news around the world.

article

17.5.2024

6 ways to assess security work effectiveness

Evaluating the effectiveness of your cybersecurity involves examining the adequacy of your existing security measures. This process helps you identify your current security status and determine the necessary actions to enhance and fortify.

article

3.5.2024

System acquisition and development in NIS2: Suggested best practices

Get tips on securely acquiring and developing systems with a focus on ISO 27001, helping meet NIS2 requirements. Post explains key aspects like secure coding, acquiring secure applications and testing or publishing changes in a controlled manner.

article

16.4.2024

Continuity management in NIS2: Benchmark measures for business continuity and backups with ISO 27001

This post offers insight on complying with NIS2's continuity and backup requirements using ISO 27001's best practices. It guides you through continuity planning, backup processes, challenges, and achieving compliance effectively.

article

12.4.2024

HR security in NIS2: Best practices for compliance

Discover how the crucial role of HR in information security not only shapes the corporate security culture, but also steers the organization towards ISO 27001 and NIS2 compliance, ensuring secure handling of information assets and much more.

article

5.4.2024

Access control & MFA in NIS2: Build a solid foundation with ISO 27001 controls

What are the requirements for access control and MFA in NIS2 and ISO 27001 and how can they be implemented successfully? Learn more about the controls, requirements, best practices and how to overcome potential challenges in this blog post.

article

4.4.2024

Potential Struggles IT Companies might Encounter with Incident Identification and Reporting Today

The complexities of incident identification and reporting in IT, touching on coordination problems, tool inadequacies, and process deficiencies. It explores modern challenges like cyber threats and alert fatigue, as well as the cognitive gap.

article

28.3.2024

News articles
Get weekly news? Subscribe now >>

Ransomware Locks Medical Records at Great Plains Health

Patient data likely safe On Tuesday, GPHealth announced that it was canceling a large number of non-emergent patient appointments and procedures. Mel McNea, GPHealth chief executive officer, says that there is no reason to suspect that patient data was accessed but the organization will do a full audit, nevertheless. Ransomware encrypts files on affected systems and is not typically associated with data theft. The group behind Maze ransomware carried out such an attack and threatened the victim company that they would leak the stolen data unless they paid 300 bitcoin ($2.3 million at the time) for the decryption key. Well on its way to recovery A statement on Facebook from GPHealth informs that there is no reason to believe that patient information was accessed during the attack on their systems. At this moment, it is unclear what ransomware strain was used in the attack or if the ransom was paid to restore the encrypted data.

Go to article at
15.5.2020
Ransomware

SG: Public healthcare cluster NHG fined $6,000 for not securing personal data

Hariz Baharudin reports: Public healthcare cluster National Healthcare Group (NHG) has been fined $6,000 for failing to...

Go to article at
15.5.2020
Illegal Personal Data Processing

Microsoft: 44 Million User Passwords Have Been Breached

Redmond urges users to switch on MFA

Go to article at
15.5.2020
Password Attacks

Security Considerations for a Blended Workforce

A blended workforce consisting of external organizations, traditional workers and non-traditional workers such as freelancers, remote workers, temporary workers and independent contractors (ICs) can provide an organization with the added potential for collaboration, innovation and timely responses to shifting demands. While the integration of a blended workforce can provide exceptional benefits, there are also unique.. The post Security Considerations for a Blended Workforce appeared first on Security Boulevard.

Go to article at
15.5.2020
Employee Negligence

Phishing psychology: The prevalence effect

One explanation of phishing success lies in a known psychological effect.

Go to article at
15.5.2020
Phishing

IT exec sets up fake biz, uses it to bill his bosses $6m for phantom gear, gets caught by Microsoft Word metadata

And now he faces up to 20 years in the slammer A now-former senior IT exec has admitted conning his employer out of $6m – by setting up a fake tech services biz that billed his bosses for bogus services.…

Go to article at
15.5.2020
Insider Attacks

Mysterious New Ransomware Targets Industrial Control Systems

Now, a malware sample has surfaced that uses specific knowledge of control systems to target them with a far blunter, and more familiar, tactic: Kill the target's software processes, encrypt the underlying data, and hold it hostage. Over the last month, researchers at security firms including Sentinel One and Dragos have puzzled over a piece of code called Snake or EKANS, which they now believe is specifically designed to target industrial control systems, the software and hardware used in everything from oil refineries to power grids to manufacturing facilities. But EKANS also uses another trick to ratchet up the pain: It's designed to terminate 64 different software processes on victim computers, including many that are specific to industrial control systems. EKANS is actually the second ransomware to hit industrial control systems. According to Dragos, another ransomware strain known as Megacortex that first appeared last spring included all of the same industrial control system process-killing features, and may in fact be a predecessor to EKANS developed by the same hackers.

Go to article at
15.5.2020
Ransomware

Hackers are using the COVID-19 pandemic to spread malware

Several cybersecurity firms are reporting an uptick in attacks against a range of targets, all using the ongoing COVID-19 pandemic as a hook to hoodwink their victims into running malware.

Go to article at
15.5.2020
Malware

Trello exposed! Search turns up huge trove of private data

A surprising number of users seem to be setting Trello boards, and their often highly sensitive content, to ‘public’.

Go to article at
15.5.2020
Employee Negligence

Get started today

Start free, in your familiar Teams environment.
If you have some questions first, book a meeting with us.

Start free 14-day trial
Book a meeting
How it works?
SummarySecurity tasks and assuranceDocumentation workflowsEmployee guidelinesReporting templates
Use cases
By frameworkAll frameworksISO 27001NIS2 directiveNIST CSFCSA CCMISO 27701GDPRISO 27017ISO 27018
By methodCyber risk managementEmployee awarenessCompliance reportingControl managementAsset managementDynamic policy documentsPrivacy management
Resources
AcademyWebinarsBlogHelp articlesVideo coursesWeekly news digestsSubscribe to AcademyLeave a reviewPartner programTeamTerms of usePrivacy policy
Contact us
+358 10 231 6010
team@cyberday.ai
App works in:
Known in Finland as Digiturvamalli
© Cyberday Inc. Kalevantie 2 33100 Tampere, Finland
Cyberday.ai - Improve and certify your cyber security