Your Weekly Cybersecurity Digest

Welcome to the CyberDigest, your go-to source for the latest news and updates in the ever-evolving world of cybersecurity. In this fast-paced digital age, staying informed about the latest threats, technological advancements, and best practices is crucial. Our newsletter is designed to keep you ahead of the curve with timely reports on cyber attacks, data breaches, emerging security technologies, regulatory changes, and expert insights.

Whether you're a seasoned security professional or simply keen to safeguard your digital life, CyberDigest is here to equip you with the knowledge you need to navigate the complex landscape of cybersecurity. Stay vigilant, stay informed, and stay secure with us.

The Cybersecurity Training Academy You've Been Waiting For!

The Cybersecurity global talent shortage could reach 85 million workers by 2030! As the gap grows in the supply and demand for talent, we launched our Training Academy to help both the youth and professionals to advance their career in cybersecurity. Find out more here.

Palo Alto Networks Patches Critical Flaw in Expedition Migration Tool

Palo Alto Networks has released security updates to address five security flaws impacting its products, including a critical bug that could lead to an authentication bypass.

Cataloged as CVE-2024-5910 (CVSS score: 9.3), the vulnerability has been described as a case of missing authentication in its Expedition migration tool that could lead to an admin account takeover. Read more here.

60 New Malicious Packages Uncovered in NuGet Supply Chain Attack

Threat actors have been observed publishing a new wave of malicious packages to the NuGet package manager as part of an ongoing campaign that began in August 2023, while also adding a new layer of stealth to evade detection. Learn more here.

PHP Vulnerability Exploited to Spread Malware and Launch DDoS Attacks

Multiple threat actors have been observed exploiting a recently disclosed security flaw in PHP to deliver remote access trojans, cryptocurrency miners, and distributed denial-of-service (DDoS) botnets. Find out more here.

New OpenSSH Vulnerability Discovered: Potential Remote Code Execution Risk

Select versions of the OpenSSH secure networking suite are susceptible to a new vulnerability that can trigger remote code execution (RCE).

The vulnerability, tracked as CVE-2024-6409 (CVSS score: 7.0), is distinct from CVE-2024-6387 (aka RegreSSHion) and relates to a case of code execution in the privsep child process due to a race condition in signal handling. It only impacts versions 8.7p1 and 8.8p1 shipped with Red Hat Enterprise Linux 9. Read more about this.

Did you catch our article about Alignment between ZTA and SASE?

Read it here.

.