I've read and analysed last week's infosec news, so you don't have to - get up to speed on the latest in hacks, malware, tradecraft and more with this week's newsletter:

https://opalsec.substack.com/p/soc-goulash-weekend-wrap-up-d72?sd=pf

A vulnerability in the widely-used, open-source JsonWebToken package has highlighted the continued reliance on vendors for supply chain security.

It's not just APTs - cyber crims are eyeing off kernel space, with #ScatteredSpider/#UNC3944 abusing the #BYOVD technique in an attempt to load their malicious driver into kernel space and subvert EDR controls.

We take a look at research into #RaspberryRobin infrastructure - it's multi-tiered, growing, and highly flexible...but also vulnerable to takeover. Will this be the next #Andromeda, still spreading and hijacked by a 3rd-party in 10 years time?

#Fortinet warns an unknown, stealth-conscious actor with a "deep understanding of #FortiOS" has been seen exploiting the month-old FortiOS vulnerability (CVE-2022-42475) to drop additional malware & subvert logging.

There's a tonne more interesting reporting and tradecraft that I can't get to in this post, but you can find them in the newsletter - check it out, and subscribe to get the latest issues straight to your inbox, and support my work!

https://opalsec.substack.com/p/soc-goulash-weekend-wrap-up-d72?sd=pf

#infosec #CyberAttack #Hacked #cyber #news #cybernews #infosec #infosecnews #informationsecurity #cybersecurity #hacking #security #technology #hacker #vulnerability #vulnerabilities #malware #ransomware #dfir #redteam #soc