Weekly #cybersecurity digest to your inbox

Subscribe for our weekly digest and get each Friday the most important cyber security news, list of upcoming free webinars and a summary of Cyberday development to your inbox.
Thanks! See you in your inbox on Fridays. :)
Unfortunately something went wrong. You can contact us at team@cyberdayai.
Recent #cybersecurity weekly digests
See full archive? Go to Weekly digests -page >>

🛡️ Cyberdigest: Cyberday available in Lithuanian and Latvian! 💻 🎄 December's admin webinar coming up! 🧑‍💻

Published at 

17:02

Open digest

🛡️ Cyberdigest: Physical Security in cybersecurity 🏢 Phishing risks in christmas shopping?🛍️

Published at 

17:02

Open digest

🛡️ Cyberdigest: Introduction to DORA framework ⭐️ Check out our webinars! 💻

Published at 

17:01

Open digest

Webinars
See the full calendar? Go to Webinars-page >>
Watch now
Webinar

Coming up on:

Wednesday

30

.

5

.

at

14:00

Admin training (part 3/5): Risk management and security control implementation

Register now
Watch now
Webinar

Coming up on:

Wednesday

7

.

6

.

at

14:00

Admin training (part 5/5): Operating and improving an ISMS and reporting compliance

Register now
Watch now
Webinar

Coming up on:

Wednesday

13

.

6

.

at

14:00

Admin training (part 4/5): Automating employee awareness, guidance and training

Register now
Watch now
Webinar

Coming up on:

Wednesday

21

.

6

.

at

15:00

ISO 27001 (part 3/5): Certification audit fundamentals

Register now
Watch now
Webinar

Coming up on:

Wednesday

9

.

8

.

at

14:00

Admin training (part 2/5): Framework selection and asset identification

Register now
Watch now
Webinar

Coming up on:

Wednesday

9

.

8

.

at

15:00

ISO 27001 (part 4/5): Staff training, guidelines and policy documents

Register now
Blog posts
Info of new posts? Subscribe now >>

Recognising growth: move to new offices with Cyberday!

Join the Cyberday team when it's time to upgrade to a bigger office space. Read about the highlights of the autumn, and let's reflect together on how growth and physical security can shape the workspace.

article

28.11.2024

Understanding Physical Security in Cybersecurity: Insights from ISO 27001 and Best Practices

Physical security controls are essential, but often undervalued, in safeguarding information systems from unauthorized access, which might otherwise lead to data breaches or business disruptions.

article

22.11.2024

DORA essentials: Introduction, Scope and key requirements

In this blog, we’ll get an comprehensive introduction what DORA is, what it entails, who the requirements framework applies to, and how DORA is implemented within Cyberday. DORA framework is available in Cyberday!

article

14.11.2024

Cyberday goes Cyber Security Nordic 2024!

Our Cyberday team attended the Cyber Security Nordic 2024 event 29th-30th October. Read about the event, keynote and our insights. This post offers insight into topical themes, also for those who were unable to attend.

article

31.10.2024

From Compliance to Collaboration: How NIS2 Encourages Stronger Supply Chain Security Collaboration

Discover how NIS2 shifts focus from simple compliance to creating collaborative security partnerships, enhancing supply chain resilience and trust. 

article

25.10.2024

Agendium Ltd is now Cyberday Inc.!

We are thrilled to announce that our company is entering an exciting new chapter with an updated brand, from Agendium Ltd to Cyberday Inc, our new name better reflects our entity, and the direction we are heading.

article

24.10.2024

10 compliance traps & how to avoid them

Explore crucial cyber security compliance pitfalls for SMEs, from outdated policies to insider threats, and learn effective strategies to mitigate risks and enhance security measures.

article

18.10.2024

ISO 9001 standard: A peek inside the Quality framework

This blog post explores ISO 9001, the globally recognized standard for quality management systems (QMS), benefits for utilizing the standard and its significance in today’s competitive business environment.

article

8.10.2024

News articles
Get weekly news? Subscribe now >>

These Highly Exploited Vulnerabilities Indicate Organizations are Still Failing to Apply Patches

​Researchers at Recorded Future have revealed a list of top vulnerabilities that saw mass exploitation from threat actors in 2019. Six of these commonly exploited vulnerabilities for the year are repeats from 2018. Apparently, all these repeated vulnerabilities are related to Microsoft products. Although patches for all these reported vulnerabilities already exist, software patching is often not performed in a timely manner by companies and individuals.

Go to article at
15.5.2020
Unpatched Vulnerabilities

Widely Known Flaw in Pulse Secure VPN Being Used in Ransomware Attacks

New Year's Eve attack on currency exchange service Travelex may have involved use of the flaw.

Go to article at
15.5.2020
Ransomware,Unpatched Vulnerabilities

RevengeHotels: cybercrime targeting hotel front desks worldwide

RevengeHotels is a targeted cybercrime malware campaign against hotels, hostels, hospitality and tourism companies, mainly, but not exclusively, located in Brazil. We have confirmed more than 20 hotels that are victims of the group.

Go to article at
15.5.2020
Malware

BEC Attacks Hit More Than 2,100 Companies throughout the US

A prolific and dangerous group called Exaggerated Lion has been hitting targets in the United States with business email compromise (BEC) attacks that follow a very specific model. They have racked up thousands of attempts and hundreds of millions of dollars stolen every month. The post BEC Attacks Hit More Than 2,100 Companies throughout the US appeared first on Security Boulevard.

Go to article at
15.5.2020
Business-Email-Compromise

Cost of Insider Threats Rises 31%

New study finds dramatic increase in the cost and frequency of insider threats

Go to article at
15.5.2020
Insider Attacks

Racoon Malware Steals Your Data From Nearly 60 Apps

An infostealing malware that is relatively new on cybercriminal forums can extract sensitive data from about 60 applications on a targeted computer. [...]

Go to article at
15.5.2020
Malware

Human-Operated Ransomware Is a Growing Threat to Businesses: Microsoft

Different from auto-spreading ransomware, these are hands-on-keyboard attacks, where attackers adapt to the compromised network’s configuration, and show extensive knowledge of systems administration.

Go to article at
15.5.2020
Ransomware

Pirated Software is All Fun and Games Until Your Data’s Stolen

Passwords stolen through software cracks BleepingComputer has been tracking adware bundles for a long time and in the past, they would install unwanted programs, but had no long-term ramifications to your data, privacy, or financial information. Security researcher Benkøw has recently noticed that monetized installers pretending to be software cracks and key generators are now commonly installing password-stealing Trojans or remote access Trojans (RATs) when they are executed. In his tests over the past week by downloading various programs promoted as game cheats, software key generators, and licensed software, when installing them he was infected with password-stealing Trojans and backdoors such as Dreambot, Glupteba, and Racoon Stealer. Distributed via torrent sites, YouTube, and fake crack sites To distribute these adware bundles, attackers will upload them to torrent sites, create fake YouTube videos with links to alleged license key generators, or create sites designed to just promote adware bundles disguised as software cracks.

Go to article at
15.5.2020
Malware

Fake Executive Tricks New York City Medical Center into Sharing Patient Info

An employee at a New York City medical center was tricked into giving out patient information by a threat actor purporting to be one of the facility's executives. In a Notice of Data Privacy Incident statement published on VCRN's website, the company stated: "The unauthorized actor requested certain information related to VCRN patients. Information obtained by the threat actor included first and last names, dates of birth, and medical insurance information, including provider name and ID number for 674 patients. The medical center said that they weren't aware of any personal patient information having been misused as a result of this event. VCRN has taken steps to notify all the patients who have potentially been impacted by the cyber-attack. VCRN advised patients "to remain vigilant against incidents of identity theft and fraud and to review account statements, credit reports, and explanation of benefits forms for suspicious activity and report any suspicious activity immediately to your insurance company, health care provider, or financial institution."

Go to article at
15.5.2020
Phishing

Get started today

Start free, in your familiar Teams environment.
If you have some questions first, book a meeting with us.

Start free 14-day trial
Book a meeting
How it works?
SummarySecurity tasks and assuranceDocumentation workflowsEmployee guidelinesReporting templates
Use cases
By frameworkAll frameworksISO 27001NIS2 directiveNIST CSFCSA CCMISO 27701GDPRISO 27017ISO 27018
By methodCyber risk managementEmployee awarenessCompliance reportingControl managementAsset managementDynamic policy documentsPrivacy management
Resources
AcademyWebinarsBlogLeave a reviewPartner programTeamTerms of usePrivacy policy
Contact us
+358 10 231 6010
team@cyberday.ai
App works in:
Known in Finland as Digiturvamalli
© Cyberday Inc. Kalevantie 2 33100 Tampere, Finland
Cyberday.ai - Improve and certify your cyber security