Ingalls has worked Incident Response for over 10 years; in that time we have seen some of the nastiest data breaches and a lot of victims who thought they were safe because they were using popular antivirus software. We’ve seen what works and

Cybersecurity used to involve a fairly straightforward set of technical controls that kept networks secure and data backed up in the event of a system failure. To do this 10 years ago, IT needed to implement firewalls and antivirus and perform

Microsoft recently informed SolarWinds about a Remote Memory Escape vulnerability that can result in Remote Code Execution in the SolarWinds Serv-U Managed File Transfer Server and Serv-U Secured FTP products. Microsoft provided SolarWinds with a

Microsoft has completed the investigation and has released security updates to address this vulnerability. It is recommended that these updates be installed immediately. Note that the security updates released on and after July 6, 2021, contain

CVE-2021-1675 (aka PrintNightmare) is a vulnerability in the built-in Windows “Print Spooler” service. Microsoft released a patch for CVE-2021-1675 as a low-severity vulnerability on June 8. However, it has since been determined that the

• CVE-2021-21985 - The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which