Greetings <<First Name>>! This newsletter brings to your inbox every Friday:
🗞️ this week's most important cyber security news, 📅 next week's upcoming webinar trainings and 🛡️ most recent Cyberday development.
ISO 27001, the world's leading information security standard, got an update for the first time in 9 years. What has changed when comparing 2013 vs. 2022 versions of ISO 27001 and how are these updates visible on Cyberday?
⚠️ When we increase MFA coverage, threat actors need more sophisticated techniques to compromise resources.
Recently there's been a significant increase in token theft.
Read Microsoft's DART team's report on the #cybersecurity threat >>
391M$ fine: Google's #privacy actions deemed deceptive.
⚠️ "misled users to think they turned off location tracking, but continued to collecting data"
Location is combined with behavioral data to create user profiles eg for ad targeting.
⚠️ #Phishing attack targets 22k students in the US with a "unusual login on Instagram" scam.
To note: attack used a valid 41-month old domain with a good reputation, and was able to pass e.g. MS 365 and Exchange email protections.
Twitter is in quite a chaos. Security people are advising to e.g. delete DMs 💬 and stop using Twitter SSO 🔐.
Recently quitted Twitter employees include:
- Head of Trust & Safety
- CPO (privacy)
- CCO (compliance)