Weekly #cybersecurity digest to your inbox

Subscribe for our weekly digest and get each Friday the most important cyber security news, list of upcoming free webinars and a summary of Cyberday development to your inbox.
Thanks! See you in your inbox on Fridays. :)
Unfortunately something went wrong. You can contact us at team@cyberdayai.
Recent #cybersecurity weekly digests
See full archive? Go to Weekly digests -page >>

🛡️ Cyberdigest:Learn about TOP frameworks 🎉 Development news now in Cyberday! ➡️

Published at 

17:00

Open digest

🛡️ Cyberdigest: IEC 62443 (2-1) and DORA RMF published 🎉 Incident management & Summer kick-off 🗞️ 

Published at 

17:05

Open digest

🛡️ Cyberdigest: May's Product & News round-up 📝 Final webinars before summer break ☀️

Published at 

16:07

Open digest

Webinars
See the full calendar? Go to Webinars-page >>
Watch now
Webinar

Coming up on:

Wednesday

30

.

5

.

at

14:00

Admin training (part 3/5): Risk management and security control implementation

Register now
Watch now
Webinar

Coming up on:

Wednesday

7

.

6

.

at

14:00

Admin training (part 5/5): Operating and improving an ISMS and reporting compliance

Register now
Watch now
Webinar

Coming up on:

Wednesday

13

.

6

.

at

14:00

Admin training (part 4/5): Automating employee awareness, guidance and training

Register now
Watch now
Webinar

Coming up on:

Wednesday

21

.

6

.

at

15:00

ISO 27001 (part 3/5): Certification audit fundamentals

Register now
Watch now
Webinar

Coming up on:

Wednesday

9

.

8

.

at

14:00

Admin training (part 2/5): Framework selection and asset identification

Register now
Watch now
Webinar

Coming up on:

Wednesday

9

.

8

.

at

15:00

ISO 27001 (part 4/5): Staff training, guidelines and policy documents

Register now
Blog posts
Info of new posts? Subscribe now >>

Become a Cyberday partner: Features, benefits and best practices

A good and efficient tool such as Cyberday is a great way to work on the organization's cyber secuirty. However, for some organizations that is not enough and the expertise and support of a consultant is needed. Our partner program offers both!

article

6.6.2023

Cyberday Community has been launched!

We just launched a new Community section inside Cyberday. Our goal is to make collaboration with your peers and with us easier and thus help you improve your information security even further!

article

24.3.2023

ISO 27001 standard updated to 2022 version - what changed?

What has changed when comparing 2013 vs. 2022 versions of ISO 27001 and how are these updates visible on Cyberday?‍

article

18.11.2022

Efficient cyber risk management with new autopilot mode

We're constatly searching for ways to automate and create efficient cyber risk management. Our newest additions is risk autopilot mode. It's concept is described on this post.

article

1.6.2022

Infographic: Why is cyber security getting more and more important?

Here's a visual summary of some of the drivers that continue to make cyber security more and more important for all organizations.

article

11.2.2022

Cyberday Teams app is now available!

Our Teams app passed the latest Microsoft tests and is now available from the Teams app store. This article reviews the benefits and deployment of Cyberday's Teams app.

article

1.7.2020

Content update published to Cyberday

We released an update to Cyberday documentation. The goal was to streamline documentation, highlight the most important things and significantly reduce the amount of separately documented items.

article

11.6.2020

Cyberday launched: Frameworks, Teams-integration and much more

Cyberday works now inside a Microsoft Teams and by choosing a framework you can guide your own work. In this blog you'll find a summary from reforms!

article

20.5.2020

News articles
Get weekly news? Subscribe now >>

Android malware can steal Google Authenticator 2FA codes

A new version of the "Cerberus" Android banking trojan will be able to steal one-time codes generated by the Google Authenticator app and bypass 2FA-protected accounts.

Go to article at
15.5.2020
Malware

Research Finds Microsoft Edge Has Privacy-Invading Telemetry

While Microsoft Edge shares the same source code as the popular Chrome browser, it offers better privacy control for users. New research, though, indicates that it may have more privacy-invading telemetry than other browsers. [...]

Go to article at
15.5.2020
Violations of Data Subject Rights

When it comes to zero-day vulnerabilities, the best approach is preventative action

Zero-day vulnerabilities are software security flaws with the potential to be exploited by cybercriminals – they’re unintended flaws found in programs or operating systems that, if left unaddressed, create security holes that can and almost certainly will be exploited. The problem stems from the traditional software development and QA testing processes that fail to identify bugs and flaws that manifest in live usage. Static and dynamic testing, RASP, and vulnerability assessments all look for known problems or known fallible coding techniques which makes it difficult to identify zero-day vulnerabilities (which are, by definition, unknown.) Even using blue-green or canary staging approaches, software bugs may not be seen and will propagate, meaning the code or application problems caused by these flaws are pushed live, because that code is not tested with production traffic. Since the existing testing methodologies have trouble finding these critical zero-day vulnerabilities, other approaches are being tried, including advanced log analysis and bug bounty programs.

Go to article at
15.5.2020
Unpatched Vulnerabilities

New year, new critical Cisco patches to install – this time for a dirty dozen of bugs that can be exploited to sidestep auth, inject commands, etc

Data Center Network Manager bugapalooza with three must-fix flaws Cisco is kicking off 2020 with the release of a crop of patches for its Data Center Network Manager.…

Go to article at
15.5.2020
Unpatched Vulnerabilities

FBI says that sharing personal info online only helps scammers

The FBI Charlotte office is warning social media users to pay close attention to the information they share online.

Go to article at
15.5.2020
Phishing

Widely Known Flaw in Pulse Secure VPN Being Used in Ransomware Attacks

New Year's Eve attack on currency exchange service Travelex may have involved use of the flaw.

Go to article at
15.5.2020
Ransomware

One man lost his life savings in a SIM hack. Here's how you can try to protect yourself

Robert Ross was sitting in his San Francisco home office in October 2018 when he noticed the bars on his phone had disappeared and he had no cell coverage. A few hours later, he had lost $1 million.

Go to article at
15.5.2020
Phishing

Phishing Campaign Uses Malicious Office 365 App

Most phishing campaigns attempt to take over accounts by tricking the victim into divulging their credentials. PhishLabs has uncovered a previously unseen tactic by attackers that uses a malicious Microsoft Office 365 App to gain access to a victim’s account without requiring them to give up their credentials to the attackers.

Go to article at
15.5.2020
Phishing

Bad news: Windows security cert SNAFU exploits are all over the web now. Also bad: Citrix gateway hole mitigations don't work for older kit

Good news: There is none. Well, apart from you can at least fully patch the Microsoft blunder Vid  Easy-to-use exploits have emerged online for two high-profile security vulnerabilities, namely the Windows certificate spoofing bug and the Citrix VPN gateway hole. If you haven't taken mitigation steps by now, you're about to have a bad time.…

Go to article at
15.5.2020
Unpatched Vulnerabilities

Get started today

Start free, in your familiar Teams environment.
If you have some questions first, book a meeting with us.

Start free 14-day trial
Book a meeting
How it works?
SummarySecurity tasks and assuranceDocumentation workflowsEmployee guidelinesReporting templates
Use cases
By frameworkAll frameworksISO 27001NIS2 directiveNIST CSFCSA CCMISO 27701GDPRISO 27017ISO 27018
By methodCyber risk managementEmployee awarenessCompliance reportingControl managementAsset managementDynamic policy documentsPrivacy management
Resources
AcademyWebinarsBlogHelp articlesVideo coursesContent libraryNewsletterLeave a reviewPartner programTeamTerms of usePrivacy policy
Contact us
+358 10 231 6010
team@cyberday.ai
App works in:
Known in Finland as Digiturvamalli
© Cyberday Inc. Kalevantie 2 33100 Tampere, Finland
Cyberday.ai - Improve and certify your cyber security