Weekly #cybersecurity digest to your inbox

Subscribe for our weekly digest and get each Friday the most important cyber security news, list of upcoming free webinars and a summary of Cyberday development to your inbox.
Thanks! See you in your inbox on Fridays. :)
Unfortunately something went wrong. You can contact us at team@cyberdayai.
Recent #cybersecurity weekly digests
See full archive? Go to Weekly digests -page >>

🛡️ Cyberdigest: Secure your passwords! 📝 DORA has come into effect 💰 News: data protection 🔐

Published at 

17:01

Open digest

🛡️ Cyberdigest: DORA is coming into effect January 17th, are you ready? 🛡️ Security trends 2025 ⭐️

Published at 

17:04

Open digest

🛡️ Cyberdigest: No time to waste, join us for the first webinars of the year 2025!  ➡️💻 Impactful cybersecurity events of 2024 📰 

Published at 

17:03

Open digest

Webinars
See the full calendar? Go to Webinars-page >>
Watch now
Webinar

Coming up on:

Wednesday

30

.

5

.

at

14:00

Admin training (part 3/5): Risk management and security control implementation

Register now
Watch now
Webinar

Coming up on:

Wednesday

7

.

6

.

at

14:00

Admin training (part 5/5): Operating and improving an ISMS and reporting compliance

Register now
Watch now
Webinar

Coming up on:

Wednesday

13

.

6

.

at

14:00

Admin training (part 4/5): Automating employee awareness, guidance and training

Register now
Watch now
Webinar

Coming up on:

Wednesday

21

.

6

.

at

15:00

ISO 27001 (part 3/5): Certification audit fundamentals

Register now
Watch now
Webinar

Coming up on:

Wednesday

9

.

8

.

at

14:00

Admin training (part 2/5): Framework selection and asset identification

Register now
Watch now
Webinar

Coming up on:

Wednesday

9

.

8

.

at

15:00

ISO 27001 (part 4/5): Staff training, guidelines and policy documents

Register now
Blog posts
Info of new posts? Subscribe now >>

How do you benefit from ISO 27001 certification?

Why do organizations choose to go for ISO 27001 certification? In this blog article, we will give you our top 5 reasons to get certified. Certification will certainly benefit your security directly, but there are other kind of benefits available too.

article

25.10.2023

Working towards NIS2 compliance with Cyberday

✈️ You want to lift your cyber security management to a new level & get NIS2 compliant with a smart tool like Cyberday? In this post you'll learn how your organization can achieve NIS2 compliance in a smart way by building an own agile ISMS.

article

23.8.2023

Who does NIS2 apply to? Scope and required security measures explained.

In this post you'll learn about what industries are affected by NIS2, security requirements the directive sets, and the available enforcement methods if an organization is not compliant.

article

23.8.2023

What is NIS2 directive? Know EU's new cyber security legislation

Learn about the background and reasons behind the EU's new Network and Information Security 2 (NIS2) Directive. How does it affect your company and how should you react to be compliant?

article

1.8.2023

SOC 2: Working towards compliance

With the help of SOC 2, organisations can provide proof of effectively implemented controls and the use of best practices to protect the data to their customers and stakeholders, which may help to build trust.

article

31.7.2023

Personnel information security training and guidelines in Cyberday

Most data breaches start with human error. Still, investments in technical information security are often made more eagerly. We tell you why staff information security training and guidelines are important and how to implement then efficiently.

article

13.6.2023

Information security risk management in Cyberday: Identifying risks, evaluation, treatment and closure

Every cyber security framework highlights risk management in its own way. We summarize in this post, what's essential in information security risk management and what kind of an approach Cyberday offers for it.

article

13.6.2023

Become a Cyberday partner: Features, benefits and best practices

A good and efficient tool such as Cyberday is a great way to work on the organization's cyber secuirty. However, for some organizations that is not enough and the expertise and support of a consultant is needed. Our partner program offers both!

article

6.6.2023

News articles
Get weekly news? Subscribe now >>

Ransomware Locks Medical Records at Great Plains Health

Patient data likely safe On Tuesday, GPHealth announced that it was canceling a large number of non-emergent patient appointments and procedures. Mel McNea, GPHealth chief executive officer, says that there is no reason to suspect that patient data was accessed but the organization will do a full audit, nevertheless. Ransomware encrypts files on affected systems and is not typically associated with data theft. The group behind Maze ransomware carried out such an attack and threatened the victim company that they would leak the stolen data unless they paid 300 bitcoin ($2.3 million at the time) for the decryption key. Well on its way to recovery A statement on Facebook from GPHealth informs that there is no reason to believe that patient information was accessed during the attack on their systems. At this moment, it is unclear what ransomware strain was used in the attack or if the ransom was paid to restore the encrypted data.

Go to article at
15.5.2020
Ransomware

SG: Public healthcare cluster NHG fined $6,000 for not securing personal data

Hariz Baharudin reports: Public healthcare cluster National Healthcare Group (NHG) has been fined $6,000 for failing to...

Go to article at
15.5.2020
Illegal Personal Data Processing

Microsoft: 44 Million User Passwords Have Been Breached

Redmond urges users to switch on MFA

Go to article at
15.5.2020
Password Attacks

Security Considerations for a Blended Workforce

A blended workforce consisting of external organizations, traditional workers and non-traditional workers such as freelancers, remote workers, temporary workers and independent contractors (ICs) can provide an organization with the added potential for collaboration, innovation and timely responses to shifting demands. While the integration of a blended workforce can provide exceptional benefits, there are also unique.. The post Security Considerations for a Blended Workforce appeared first on Security Boulevard.

Go to article at
15.5.2020
Employee Negligence

Phishing psychology: The prevalence effect

One explanation of phishing success lies in a known psychological effect.

Go to article at
15.5.2020
Phishing

IT exec sets up fake biz, uses it to bill his bosses $6m for phantom gear, gets caught by Microsoft Word metadata

And now he faces up to 20 years in the slammer A now-former senior IT exec has admitted conning his employer out of $6m – by setting up a fake tech services biz that billed his bosses for bogus services.…

Go to article at
15.5.2020
Insider Attacks

Mysterious New Ransomware Targets Industrial Control Systems

Now, a malware sample has surfaced that uses specific knowledge of control systems to target them with a far blunter, and more familiar, tactic: Kill the target's software processes, encrypt the underlying data, and hold it hostage. Over the last month, researchers at security firms including Sentinel One and Dragos have puzzled over a piece of code called Snake or EKANS, which they now believe is specifically designed to target industrial control systems, the software and hardware used in everything from oil refineries to power grids to manufacturing facilities. But EKANS also uses another trick to ratchet up the pain: It's designed to terminate 64 different software processes on victim computers, including many that are specific to industrial control systems. EKANS is actually the second ransomware to hit industrial control systems. According to Dragos, another ransomware strain known as Megacortex that first appeared last spring included all of the same industrial control system process-killing features, and may in fact be a predecessor to EKANS developed by the same hackers.

Go to article at
15.5.2020
Ransomware

Hackers are using the COVID-19 pandemic to spread malware

Several cybersecurity firms are reporting an uptick in attacks against a range of targets, all using the ongoing COVID-19 pandemic as a hook to hoodwink their victims into running malware.

Go to article at
15.5.2020
Malware

Trello exposed! Search turns up huge trove of private data

A surprising number of users seem to be setting Trello boards, and their often highly sensitive content, to ‘public’.

Go to article at
15.5.2020
Employee Negligence

Get started today

Start free, in your familiar Teams environment.
If you have some questions first, book a meeting with us.

Start free 14-day trial
Book a meeting
How it works?
SummarySecurity tasks and assuranceDocumentation workflowsEmployee guidelinesReporting templates
Use cases
By frameworkAll frameworksISO 27001NIS2 directiveNIST CSFCSA CCMISO 27701GDPRISO 27017ISO 27018
By methodCyber risk managementEmployee awarenessCompliance reportingControl managementAsset managementDynamic policy documentsPrivacy management
Resources
AcademyWebinarsBlogHelp articlesVideo coursesWeekly news digestsSubscribe to AcademyLeave a reviewPartner programTeamTerms of usePrivacy policy
Contact us
+358 10 231 6010
team@cyberday.ai
App works in:
Known in Finland as Digiturvamalli
© Cyberday Inc. Kalevantie 2 33100 Tampere, Finland
Cyberday.ai - Improve and certify your cyber security