Weekly #cybersecurity digest to your inbox

Subscribe for our weekly digest and get each Friday the most important cyber security news, list of upcoming free webinars and a summary of Cyberday development to your inbox.
Thanks! See you in your inbox on Fridays. :)
Unfortunately something went wrong. You can contact us at team@cyberdayai.
Recent #cybersecurity weekly digests
See full archive? Go to Weekly digests -page >>

🛡️ Cyberdigest: Secure your passwords! 📝 DORA has come into effect 💰 News: data protection 🔐

Published at 

17:01

Open digest

🛡️ Cyberdigest: DORA is coming into effect January 17th, are you ready? 🛡️ Security trends 2025 ⭐️

Published at 

17:04

Open digest

🛡️ Cyberdigest: No time to waste, join us for the first webinars of the year 2025!  ➡️💻 Impactful cybersecurity events of 2024 📰 

Published at 

17:03

Open digest

Webinars
See the full calendar? Go to Webinars-page >>
Watch now
Webinar

Coming up on:

Wednesday

30

.

5

.

at

14:00

Admin training (part 3/5): Risk management and security control implementation

Register now
Watch now
Webinar

Coming up on:

Wednesday

7

.

6

.

at

14:00

Admin training (part 5/5): Operating and improving an ISMS and reporting compliance

Register now
Watch now
Webinar

Coming up on:

Wednesday

13

.

6

.

at

14:00

Admin training (part 4/5): Automating employee awareness, guidance and training

Register now
Watch now
Webinar

Coming up on:

Wednesday

21

.

6

.

at

15:00

ISO 27001 (part 3/5): Certification audit fundamentals

Register now
Watch now
Webinar

Coming up on:

Wednesday

9

.

8

.

at

14:00

Admin training (part 2/5): Framework selection and asset identification

Register now
Watch now
Webinar

Coming up on:

Wednesday

9

.

8

.

at

15:00

ISO 27001 (part 4/5): Staff training, guidelines and policy documents

Register now
Blog posts
Info of new posts? Subscribe now >>

Best Practices and Common Challenges of ISMS Implementation

No matter if you are an IT professional, a cyber security expert, or in a management role, this post will provide you with valuable insights into the best practices for a successful ISMS implementation and how to navigate common challenges.

article

14.2.2024

ISMS Guide: Top 10 ISMS Implementation Benefits

What is an ISMS and why does your organization benefit from its implementation in the long run? This blog post will give you a short guide about all the basics you need to know about an ISMS and its top 10 benefits.

article

9.2.2024

Intro to Incident Management: Definitions, benefits and best practices

Learn how an incident management process improves communication, documentation, and continuous improvement for IT organisations.

article

6.2.2024

5 Efficient Ways for Involving People in Your Security Work

Discover how teamwork, education, reporting, and risk assessments empower ISMS. Explore 5 ways to engage people for a secure, collaborative digital space.

article

1.2.2024

AI Act, cyber risks and breaches: Cyberday product and news roundup 1/2024 🛡️

In January's summary, development themes include reporting updates, improved report sharing and upgraded Academy. On the news side talk about AI Act, cyber risks and breaches.

article

30.1.2024

10 most important tasks for a CISO and tips for being successful

This article provides an insight into the main responsibilities of a CISO, from implementing security principles to fostering collaboration. It also presents valuable tips for successful performance, emphasizing constant learning as a key ingredient.

article

24.1.2024

The Human Firewall Effect: Tips for Securing Your Organization from Within

This blog post emphasizes the critical role employees play in bolstering an organization's cyber security. It discusses developing clear guidelines, employee training, and monitoring progress to create a strong human firewall.

article

19.1.2024

Encryption, RaaS, supply chain attacks: Monthly Cyberday product and news roundup 12/2023 🛡️

In December's summary, development themes include UI updates and information security statements. On the news side talk about encryption, RaaS and supply chain attacks.

article

15.12.2023

News articles
Get weekly news? Subscribe now >>

Ransomware Locks Medical Records at Great Plains Health

Patient data likely safe On Tuesday, GPHealth announced that it was canceling a large number of non-emergent patient appointments and procedures. Mel McNea, GPHealth chief executive officer, says that there is no reason to suspect that patient data was accessed but the organization will do a full audit, nevertheless. Ransomware encrypts files on affected systems and is not typically associated with data theft. The group behind Maze ransomware carried out such an attack and threatened the victim company that they would leak the stolen data unless they paid 300 bitcoin ($2.3 million at the time) for the decryption key. Well on its way to recovery A statement on Facebook from GPHealth informs that there is no reason to believe that patient information was accessed during the attack on their systems. At this moment, it is unclear what ransomware strain was used in the attack or if the ransom was paid to restore the encrypted data.

Go to article at
15.5.2020
Ransomware

SG: Public healthcare cluster NHG fined $6,000 for not securing personal data

Hariz Baharudin reports: Public healthcare cluster National Healthcare Group (NHG) has been fined $6,000 for failing to...

Go to article at
15.5.2020
Illegal Personal Data Processing

Microsoft: 44 Million User Passwords Have Been Breached

Redmond urges users to switch on MFA

Go to article at
15.5.2020
Password Attacks

Security Considerations for a Blended Workforce

A blended workforce consisting of external organizations, traditional workers and non-traditional workers such as freelancers, remote workers, temporary workers and independent contractors (ICs) can provide an organization with the added potential for collaboration, innovation and timely responses to shifting demands. While the integration of a blended workforce can provide exceptional benefits, there are also unique.. The post Security Considerations for a Blended Workforce appeared first on Security Boulevard.

Go to article at
15.5.2020
Employee Negligence

Phishing psychology: The prevalence effect

One explanation of phishing success lies in a known psychological effect.

Go to article at
15.5.2020
Phishing

IT exec sets up fake biz, uses it to bill his bosses $6m for phantom gear, gets caught by Microsoft Word metadata

And now he faces up to 20 years in the slammer A now-former senior IT exec has admitted conning his employer out of $6m – by setting up a fake tech services biz that billed his bosses for bogus services.…

Go to article at
15.5.2020
Insider Attacks

Mysterious New Ransomware Targets Industrial Control Systems

Now, a malware sample has surfaced that uses specific knowledge of control systems to target them with a far blunter, and more familiar, tactic: Kill the target's software processes, encrypt the underlying data, and hold it hostage. Over the last month, researchers at security firms including Sentinel One and Dragos have puzzled over a piece of code called Snake or EKANS, which they now believe is specifically designed to target industrial control systems, the software and hardware used in everything from oil refineries to power grids to manufacturing facilities. But EKANS also uses another trick to ratchet up the pain: It's designed to terminate 64 different software processes on victim computers, including many that are specific to industrial control systems. EKANS is actually the second ransomware to hit industrial control systems. According to Dragos, another ransomware strain known as Megacortex that first appeared last spring included all of the same industrial control system process-killing features, and may in fact be a predecessor to EKANS developed by the same hackers.

Go to article at
15.5.2020
Ransomware

Hackers are using the COVID-19 pandemic to spread malware

Several cybersecurity firms are reporting an uptick in attacks against a range of targets, all using the ongoing COVID-19 pandemic as a hook to hoodwink their victims into running malware.

Go to article at
15.5.2020
Malware

Trello exposed! Search turns up huge trove of private data

A surprising number of users seem to be setting Trello boards, and their often highly sensitive content, to ‘public’.

Go to article at
15.5.2020
Employee Negligence

Get started today

Start free, in your familiar Teams environment.
If you have some questions first, book a meeting with us.

Start free 14-day trial
Book a meeting
How it works?
SummarySecurity tasks and assuranceDocumentation workflowsEmployee guidelinesReporting templates
Use cases
By frameworkAll frameworksISO 27001NIS2 directiveNIST CSFCSA CCMISO 27701GDPRISO 27017ISO 27018
By methodCyber risk managementEmployee awarenessCompliance reportingControl managementAsset managementDynamic policy documentsPrivacy management
Resources
AcademyWebinarsBlogHelp articlesVideo coursesWeekly news digestsSubscribe to AcademyLeave a reviewPartner programTeamTerms of usePrivacy policy
Contact us
+358 10 231 6010
team@cyberday.ai
App works in:
Known in Finland as Digiturvamalli
© Cyberday Inc. Kalevantie 2 33100 Tampere, Finland
Cyberday.ai - Improve and certify your cyber security