Free ebook: NIS2 ready using ISO 27001 best practices
Download ebook
Academy home
Blogs
NIS2 national legistation, ransomware and a new development forum: Cyberday product and news round-up 9/2024 🛡️

This is the September news and product review from Cyberday. Our next Admin Webinar, to cover things live, will take place in December 2024. You can register for the webinar on our Webinars page closer to the date.

Latest cybersecurity news 9/2024

The NIS2 Directive is advancing at a good pace

Article from twobirds.com

The NIS2 Directive will enter into force in October 2024, with the aim of protecting key and essential actors and maintaining the overall security of the digital infrastructure.

The national NIS2 laws of EU Member States must be in place by 17 October 2024, after which the directive will apply. Many EU countries are in the process of finalising their own laws and the implementation of the Directive is progressing well. There are some differences in national legislation, but because the NIS2 Directive is more detailed than its predecessor, the scope for Member States to influence national legislation is less. The differences are mainly found in the definition of sectors or in the emphasis given to security measures.

Currently there are 4 countries with finalized transitions regarding this: Belgium, Croatia, Hungary, Latvia

To help you, we have published a free NIS2 takeover using ISO 27001 best practices booklet.  In our free e-book, we will guide you through the world of NIS2 and show you how to leverage ISO 27001 best practices to achieve compliance. Grab yours here: https://www.cyberday.ai/ebook

RansomHub Ransomware Group Targets 210 Victims Across Critical Sectors

Article from thehackernews.com

The RaaS cybercrime group RansomHub has already targeted 210 organisations since February 2024, targeting a number of key sectors, including water, IT, government, healthcare, food, finance, manufacturing, logistics and communications.

The RansomHub team has exploited vulnerabilities that were originally published. Features that have emerged in attacks include disabling anti-virus software, using intermittent encryption and deploying tools for network scanning and reconnaissance.

The RansomHub attacks highlight common trends seen in ransomware attacks:

  • Triple and quadruple extortion strategies
  • RaaS, or Ramsomware-as-a-Service, is a way for cybercriminal groups to finance their activities.

The evolution of ransomware strategies highlights the urgent need for organisations to strengthen their cybersecurity against increasingly complex threats.

How Law Enforcement's Ransomware Strategies Are Evolving

Article from thehackernews.com

The fight against ransomware attacks has for years felt like a heavy and endless struggle, time after time, attack after attack. And if and when an attack is repelled or a cybercriminal group is caught, there is inevitably criticism that the measures taken are temporary and that cybercriminal groups will only regenerate and come back. One of the biggest challenges in combating ransomware attacks is their global nature. The only way to achieve results would be international cooperation, which is not the easiest to organise.

The use of increasingly sophisticated technology is needed to track and catch cybercriminals. In the case of ransomware, the aim is also to minimise the prey for criminals, with the aim of making fewer and fewer victims pay the attackers.

However, the past year has seen some of the biggest takedowns in history, with law enforcement agencies working together internationally and using new tactics. Perhaps this is the beginning of a new era?

Rapid Growth of Password Reset Attacks Boosts Fraud and Account Takeovers

Article from infosecurity-magazine.com

According to the report, up to 25% of password reset requests are scams. In the UK, there are around 70,000 such attacks every week as cybercriminals try to take over the passwords of individuals. According to the report, desktop computer users are particularly targeted by reset attacks. The number of bot-triggered password reset attacks has increased by a staggering 1680%.

The introduction of multi-factor authentication and improved password reset functionality is crucial to protect against these attacks. Password reset systems should be as well managed as logon systems.

It would be important for organisations to raise awareness and train staff to recognise potential phishing attacks, such as the password reset request scams mentioned in this article. In addition to multi-factor authentication, the risk of being compromised can be mitigated, for example by password management systems.

Here’s How Phishing Messages Break Through Email Filters

Article from cybersecurity.att.com

Phishing techniques are constantly changing and evolving, and unfortunately they also get through the email filters. This is why it is so important to identify potential phishing messages to avoid major damage. In this article, we looked at a few phishing tactics that can help you avoid filters:

  • Hybrid Vishing Attacks - Scammers send an urgent email message asking victims to call a phone number to resolve a fake problem, such as a bank account lockout. This method bypasses typical spam filters and security checks.
  • Compromised SharePoint Accounts - Scammers exploit previously compromised Microsoft SharePoint accounts to spread phishing emails. The messages often direct recipients to a malicious OneNote document disguised as a login page, and victims unknowingly provide their identity.
  • Impersonation of Major Banks - Phishers often pose as trusted financial institutions, such as Bank of America, and send emails asking victims to update their account details via a phishing link that looks like the bank's official website.
  • Hidden ZIP Archives - Impersonating harmless ZIP attachments, these archives bypass scanning tools, allowing malware to infiltrate victims' systems.
  • Obfuscated HTML Code - Manipulating the HTML code of an email, reversing the text or mixing different scripts. This method confuses security filters and shows the recipient a readable message, increasing the chances of an attack succeeding.

How does your organisation ensure that phishing attempts remain an attempt?

Most important themes in Cyberday development

Development idea forum

Now you can share your ideas with other Cyberday users and vote for your favourites! 🎉 We added a new Development ideas -section to Cyberday Community. Here you can post own ideas or vote for other ideas to bring them up on the lists. We're hoping many active users take part to bring their opinions visible and indicate which improvements would be truly beneficial!  Learn about the new feature here.

MFA improvements for web users

All Cyberday users can now enable MFA through their own profile page. In the past, the use of multi-factor authentication has been the default situation when using Teams, and possible to enforce by an organization-level decision in the web UI.

Other small improvements

  • UX improvements to documentation (when adding / linking new items)
  • Easier excel exports for different documentation tables
  • Managing Teams domais in own account
  • MFA for web browser users
Read more about the current development here.

Multiple new frameworks

Local NIS2 legislation into Cyberday

We will be introducing national NIS2 legislation to Cyberday on demand. We have just published the Finnish Kyberturvallisuuslaki to support the NIS2 requirements framework. Next up is Belgium's CyberFundamentals and Norway's NSM ICT Security Principles.

ISO 9001

ISO 9001 is a globally recognised quality management standard. It helps organisations of all sizes and in all industries to improve their performance, meet customer expectations and demonstrate their commitment to quality.

The upcoming frameworks for Cyberday are TISAX & National NIS2 Cybersecurity legistation

See the available and upcoming requirements frameworks in the Cyberday application or on the Frameworks website.

Content

Share article