Weekly #cybersecurity digest to your inbox

Subscribe for our weekly digest and get each Friday the most important cyber security news, list of upcoming free webinars and a summary of Cyberday development to your inbox.
Thanks! See you in your inbox on Fridays. :)
Unfortunately something went wrong. You can contact us at team@cyberdayai.

Corporate Security Alert: Identifying Dangerous Apps on Employee Phones

This article uncovers hidden security risks of popular apps on work devices, covering social media, messaging, cloud storage, gaming, utility, health, VPN, and shopping apps, with recommendations to safeguard corporate data.

article

20.9.2024

NIS2 national legistation, ransomware and a new development forum: Cyberday product and news round-up 9/2024 🛡️

This is the September news and product review from Cyberday. Read news about ransomware, new phishing techniques and local NIS2-legistations.

article

20.9.2024

IT and OT Cyber Security: Different Environments, Different Priorities

This blog post outlines the key differences between IT and OT cyber security, focusing on their distinct areas, objectives, environments, threat landscapes, and compliance requirements.

article

4.9.2024

Cyber Security in Supply Chain Risk Management

Businesses should prioritize supply chain security by adopting best cyber security practices, fostering resilience, and promoting collaboration to protect against evolving cyber threats. Learn more about this topic in this blog post.

article

22.8.2024

Spreadsheet vs. ISMS tool - top 10 reasons why a tool is better than the traditional way

Discover the top 10 reasons why agile tools outperform traditional spreadsheets in managing cyber security compliance, from centralized management to continuous improvement.

article

22.8.2024

ISMS Essentials: Mastering a Data System Inventory for Your Organization

This post provides essential insights for maintaining a data system inventory within your organization's ISMS, detailing key processes, asset types, and tackling common challenges.

article

15.8.2024

Incident Detection: Building, Nurturing, and Continuously Improving a Proactive Environment

Shift from reactive to proactive incident detection. Use advanced tools, continuous learning, and customised strategies to anticipate and prevent issues. Focus on constant improvement and innovation to boost security and resilience.

article

15.8.2024

ISO 27001 and ISO 9001: Differences, how they work together and benefits of combining

Learn about the synergy between ISO 27001 and ISO 9001. Learn how integrating these standards enhances information security, quality management, and overall operational efficiency, using case examples and actionable insights.

article

6.6.2024

Android apps with 45 million installs used data harvesting SDK

Warning about Play apps stealing data with an SDK by a shady Panama-based firm. ⚠️ Apps were collecting data with significant #privacy risks, e.g. any clipboard content, GPS data, emails and phone numbers. List of apps in the article >

Go to article at
8.4.2022

Germany Shuts Down Russian Hydra Darknet Market; Seizes $25 Million in Bitcoin

🚨 Takedown of Hydra, a Russian-language darkweb market of 17M users and active since 2015, was announced on Tuesday. It was used to sell e.g.: 💊 illegal narcotics 🆔 forged documents / IDs 💳 stolen credit / sim cards #cybersecurity

Go to article at
8.4.2022

Lapsus$ And SolarWinds Hackers Both Use The Same Old Trick To Bypass MFA

MFA is one of most important safeguards in #cybersecurity. ⚠️ But hackers have ways to clear weaker forms of MFA. A technique called MFA prompt-bombing has been used in multiple high-profile company hacks lately. Learn more here >>

Go to article at
8.4.2022

A Detailed Look at the Conti Ransomware Gang

Ukrainian researcher leaked 60,000 messages from inside Conti - a #ransomware gang that extorted 180M$ just last year. ☢️ Msgs reveal e.g. a business-like hierarchy, ways to dodge law enforcement and negotiation tactics. Learn more >>

Go to article at
1.4.2022

Hackers Use Google reCAPTCHA To Hide Phishing URLs and Defeat Email Security Scanners To Steal User Credentials

Websites use Google's reCAPTCHA to ensure they interact with humans, not bots. 🎣 Criminals use it to hide #phishing URLs. You get an email with an attachment taking you to reCAPTCHA. Only after the puzzle, you get to e.g. fake MS login.

Go to article at
1.4.2022

CISA warns of attacks targeting Internet-connected UPS devices

UPS devices are used as power backups in critical environments. ⚠️ They connect to internet to allow e.g. power monitoring and maintenance. CISA warns of attacks! Disconnect, use VPN & MFA / strong passwords for better #cybersecurity.

Go to article at
1.4.2022

Ukraine dismantles 5 disinformation bot farms, seizes 10,000 SIM cards

Ukrainian Security Service (SSU) raided locations used to host bot farms. 🤖 These fueled 100,000 fake social media accounts spreading false information with the goal of discouraging Ukrainian citizens and instill panic. #cybersecurity

Go to article at
1.4.2022

RCE Bug in Spring Cloud Could Be the Next Log4Shell, Researchers Warn

Spring Cloud is an open-source microservices framework used by millions of developers. An "easy to exploit" #vulnerability found, requiring attacker to only send a malicious string to Java app’s HTTP service. Best defence is a quick patch

Go to article at
1.4.2022

"It's coming": President Biden warns of "evolving" Russian cyber threat to U.S.

🔐 "Lock your digital doors" U.S. officials have spotted 'preparatory work' for Russian #cybercrime, to retaliate against sanctions. They warn of increasing vulnerability hunting especially towards companies in critical infrastructure.

Go to article at
25.3.2022