Weekly #cybersecurity digest to your inbox

Subscribe for our weekly digest and get each Friday the most important cyber security news, list of upcoming free webinars and a summary of Cyberday development to your inbox.

Thanks! See you in your inbox on Fridays. :)

Unfortunately something went wrong. You can contact us at team@cyberdayai.

Recent #cybersecurity weekly digests

See full archive? Go to Weekly digests -page >>

🛡️ Cyberdigest: 10 things I wish I knew before ISO 27001 process 👀 2024 cyber trends ⚖️

Published at

17:02

Open digest

🛡️ Cyberdigest: Easter Greetings! 🐣 Read about NIS2 supervision and penalties 📝🛡️

Published at

17:00

Open digest

🛡️ Cyberdigest: Read about EU's top frameworks! 🛡️ AI in cybersecurity 🧠 Next week's webinars ➡️

Published at

17:00

Open digest

Webinars

See the full calendar? Go to Webinars-page >>

Coming up on:

Wednesday

30

.

5

.

at

14:00

Admin training (part 3/5): Risk management and security control implementation

Coming up on:

Wednesday

7

.

6

.

at

14:00

Admin training (part 5/5): Operating and improving an ISMS and reporting compliance

Coming up on:

Wednesday

13

.

6

.

at

14:00

Admin training (part 4/5): Automating employee awareness, guidance and training

Coming up on:

Wednesday

21

.

6

.

at

15:00

ISO 27001 (part 3/5): Certification audit fundamentals

Coming up on:

Wednesday

9

.

8

.

at

14:00

Admin training (part 2/5): Framework selection and asset identification

Coming up on:

Wednesday

9

.

8

.

at

15:00

ISO 27001 (part 4/5): Staff training, guidelines and policy documents

Blog posts

Info of new posts? Subscribe now >>

What is the NIS2 Law in Belgium? 🇧🇪 Introduction to requirements

Learn what the Belgian NIS2 Law is, Belgium’s national implementation of the EU NIS2 Directive. Understand key requirements, compliance timelines, sector coverage, and how Cyberday helps you meet them.

29.4.2025

What is CyberFundamentals? 🇧🇪 Belgium's cybersecurity framework

Learn what is CyberFundamentals, Belgium's cybersecurity framework for SMEs. Get an overview of requirements, benefits, and steps for compliance.

29.4.2025

10 things I wish I knew: Starting your ISO 27001 project on the right track

This post shares 10 key lessons learned from going through an ISO 27001 certification project - from the importance of setting clear goals and managing documentation to the realities of risk management and the value of using the right tools.

23.4.2025

Understanding NIS2: supervision and penalties of non-compliance

Let's now look into the NIS2 directive, it's supervision in EU member states and what is supervised. We'll also check out NIS2 penalties for noncompliance and how you can stay compliant (to avoid penalties).

15.4.2025

Comparing EU cybersecurity frameworks: NIS2, GDPR, DORA and more

A comparison of key cybersecurity frameworks in the EU, including NIS2, GDPR, DORA, CRA, and ISO 27001. Learn who they apply to and what they require.

10.4.2025

ISO 27001 compliance vs. certification: differences, benefits & which path to choose

Understanding when to pursue ISO 27001 compliance rather than going for certification—or vice versa—hinges on your organizational priorities, resources, and long-term security strategies. Check the differences and learn which path to choose.

1.4.2025

Framework recap, US security & and role management: Cyberday product and news summary 3/2025 🛡️

The March product and news update presents updates to role management and the new Trust Center, a review of the key frameworks for 2025 and US security.

28.3.2025

Understanding DORA compliance: Key steps to prepare your organization

Understand DORA compliance and get a clear DORA requirements summary with key compliance areas, practical steps, and essential guidelines to strengthen your organization's digital resilience.

18.3.2025

News articles

Get weekly news? Subscribe now >>

100 people arrested in UK’s biggest fraud investigation

Over 200k victims were targeted via the iSpoof fraud website, which was taken down by Scotland Yard’s #cybercrime unit. 100 people arrested. Almost 20 people every minute were being contacted by scammers - stealing reported £50m.

Go to article at

Bahamut cybermercenary group targets Android users with fake VPN apps

Active #malware campaign ongoing disquising as legitimate SecureVPN app. Main purpose of the app modifications is to extract sensitive user data and actively spy on victims’ messaging apps. Read a detailed analysis >>

Go to article at

Ouch! Ransomware gang says it won’t attack AirAsia again due to the “chaotic organisation” and sloppy security of hacked airline’s network

⚠️ #Ransomware breach can also lead to gross public humiliation. Daixin gang said Air Asia, who lost data of 5M passengers and all employees, had so chaotic and poorly-secured IT infra that it refuses to repeat the attack.

Go to article at

ICS cyberthreats in 2023 – what to expect

2023 #cybersecurity trends: More attacks on "real economy" - food 🌾 transport 🚢 energy ⚡ medical 💊 Rising number of political hacktivists 🦹 Ransomware towards critical infra 🏭 Rise of embedded phishing pages on legitimate sites 🎣

Go to article at

Token tactics: How to prevent, detect, and respond to cloud token theft

⚠️ When we increase MFA coverage, threat actors need more sophisticated techniques to compromise resources. Recently there's been a significant increase in token theft. Read Microsoft's DART team's report on the #cybersecurity threat >>

Go to article at

Google to Pay $391 Million Privacy Fine for Secretly Tracking Users' Location

391M$ fine: Google's #privacy actions deemed deceptive. ⚠️ "misled users to think they turned off location tracking, but continued to collecting data" Location is combined with behavioral data to create user profiles eg for ad targeting.

Go to article at

Instagram Impersonators Target Thousands, Slipping by Microsoft's Cybersecurity

⚠️ #Phishing attack targets 22k students in the US with a "unusual login on Instagram" scam. To note: attack used a valid 41-month old domain with a good reputation, and was able to pass e.g. MS 365 and Exchange email protections.

Go to article at

It’s time. Delete your Twitter DMs

Twitter is in quite a chaos. Security people are advising to e.g. delete DMs 💬 and stop using Twitter SSO 🔐. Recently quitted Twitter employees include: - CISO - Head of Trust & Safety - CPO (privacy) - CCO (compliance) #cybersecurity

Go to article at

The Biggest Phishing Breaches of 2022 and How to Avoid them for 2023

#Phishing attacks were once primitive and full of typos, but nowadays even experts have trouble identifying them. Top types in 2022: 🅰️ Typosquatting 🌐 Lookalike domains 👔 Executive impersonation 🧑‍💼 High-level employee targeting

Go to article at

Get started today

Start free, in your familiar Teams environment.
If you have some questions first, book a meeting with us.

Start free 14-day trial