Copy
Share Share
Tweet Tweet
Share Share
Forward to friend Forward to friend

👋 Help us in sharing the cyber security awareness. Thanks!

Weekly #cybersecurity digest

Greetings <<First Name>>! This newsletter brings to your inbox every Friday:
🗞️ this week's most important cyber security news, 📅 next week's upcoming webinar trainings and 🛡️ most recent Cyberday development.

Published 7.10.2022 • Read all @ Cyberday.ai

WEEK'S MOST IMPORTANT CYBER SECURITY NEWS

Popular YouTube Channel Caught Distributing Malicious Tor Browser Installer

HK based popular YouTube channel used as a means for distributing malicious Tor-version. Browser's own website is blocked in China. ⚠️ #Malware campaigns using hacked channels and video description links are getting more and more popular.

7.10. 01:53 · https://thehackernews.com/2022/10/popular-youtube-channel-caught.html

8 strange ways employees can (accidently) expose data

Article has interesting "warning examples" for sensitive data exposure, incl.: 📣 LinkedIn career updates 🖨️ discarded office printers 🖼️ social media pics 📧 emails sent to personal accounts 👓 even eyeglass reflections #cybersecurity

7.10. 09:22 · https://www.csoonline.com/article/3675542/8-strange-ways-employees-can-accidently-expose-data.html

Steam Gaming Phish Showcases Browser-in-Browser Threat

⚠️ Browser-in-the-browser is a novel #phishing tactic that should be on security radars. An authentic-looking fake browser window (e.g. a login form) is deployed to steal credentials and take over accounts. Steam users are now targeted >>

7.10. 09:16 · https://www.darkreading.com/attacks-breaches/steam-gaming-phish-showcases-browser-in-browser-threat

Former Uber CSO convicted for covering up massive 2016 data theft

Former Uber CSO and DoJ #cybercrime prosecutor guilty of hiding Uber data theft. In 2016 crooks stole 57M customer records from Uber systems. Crooks were paid a ransom to cover up the incident, though law requires disclosing breaches.

7.10. 09:08 · https://www.theregister.com/2022/10/06/uber_cso_sullivan_guilty/

Lazarus hackers abuse Dell driver bug using new FudModule rootkit

☢️ North Korean hacking group spotted exploiting Dell driver CVE in its spear #phishing attacks. Attack disguises as a "job offer" to spy and steal data from carefully selected targets (e.g. aerospace experts, political journalists).

7.10. 09:02 · https://www.bleepingcomputer.com/news/security/lazarus-hackers-abuse-dell-driver-bug-using-new-fudmodule-rootkit/

NEXT WEEK'S CYBER SECURITY WEBINARS

Admin training (part 2/5): Framework selection and asset identification

We will present configuring your ISMS with proper security standards, managing users and starting the work with asset identification.

Aleksi Pulkkanen
Starts on Wed 12.10. at 2PM (EET) · duration 30 min

ISO 27001 (part 1/5): Intro to standard and Cyberday ISMS

We will go through the basics of Cyberday and ISO 27001 and tell you, what are the benefits of complying with global infosec best practices.

Aleksi Pulkkanen
Starts on Wed 12.10. at 3PM (EET) · duration 45 min

NEWS FROM CYBERDAY DEVELOPMENT TEAM

new feature

Cyberday Slack app published

You can now receive admin notifications and end user reminders directly in Slack (instead of Microsoft Teams or email)...

small improvement

"Review pending" and "Overdue" tags now showing for all items on Taskbook

Now all items on Taskbook, that jump to the "Needs attention" -section, will clearly communicate to you why they're there...

new feature

Coming up: Readiness assessments for selected frameworks

We are building a readiness assessment view that would serve e.g. the following uses: At the beginning of Cyberday use, the core team can assess organization's readiness...
See full development log >>

All content @ cyberday.ai
Facebook
Twitter
LinkedIn
Website
Email
Privacy notice | Update preferences | Unsubscribe 

© 2022 Agendium Ltd. All rights reserved. Cyberday.ai | Agendium Ltd, Kalevantie 2, 33100 Tampere, Finland