Greetings <<First Name>>! This newsletter brings to your inbox every Friday:
🗞️ this week's most important cyber security news, 📅 next week's upcoming webinar trainings and 🛡️ most recent Cyberday development.
#Cybercrime growing fast in Africa, driven by internet use growth and opportunities due to economic crisis.
🚨 In Nov. police seized 70 members & 50 properties linked to Black Axe gang operating in South Africa, Nigeria and Ivory Coast.
Qakbot #malware now used actively to attack companies. Starts with phishing, ends in ransomware.
⚠️ "Attacks are swift, with ransomware deployed in less than half a day after obtaining domain admin privileges in under two hours."
US DoD introduced new #cybersecurity framework CMMC, that contractors must pass to bid for contracts.
⚠️ There's work to be done - now only 13% of contractors are at "good enough" compliance level (CMMC coming into force next year).
Authorities fine Meta 275M€ and require #cybersecurity changes.
👉 Data protection by design and default was inadequate, as threat actors were able to use "data scraping" to exfiltrate massive amounts of collated personal user data.
In Aug LastPass reported a breach - attackers planted malware on dev's computer.
⚠️ Now reports of related breach “using info obtained in prev incident”.
Passwords weren't stolen but customer data was, that can cause credible #phishing.
ISO 27001, the world's leading information security standard, got an update for the first time in 9 years. What has changed when comparing 2013 vs. 2022 versions of ISO 27001 and how are these updates visible on Cyberday?