Articles of interest from the week of February 10, 2020
Hacks on Louisiana Parishes Hint at Nightmare Election Scenario Expert believes November ransomware attacks timed to election, ‘A very dangerous...
24/7/365 Monitoring & Alerting
Compromise Assessments
Threat Hunting
Vulnerability Management
CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR®/RMF Pro)
ATO/RMF Support
If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.
Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.
At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.
2 min read
John Frasier : Jan 20, 2020 12:00:00 AM
The ConnectWise Control security vulnerabilities disclosed this week by security researcher Bishop Fox are the tip of the iceberg for MSPs using Remote Monitoring and Management (RMM) tools, according to MSPs. (By O'Ryan Johnson and Steven Burke, CRN) Ingalls: Even MSPs are at risk of exposing themselves and their clients to a disastrous data breach. Having proper security controls is vital to keeping data safe, such as enabling MFA, properly managing and preventing Powershell executions, and deploying next-generation anti-virus. Read more about how to properly secure your RMM usage here.
Software firm is "aware of limited targeted attacks" exploiting a scripting issue vulnerability in Internet Explorer 9, 10, and 11 that previously has not been disclosed. (By Robert Lemos, Dark Reading) Ingalls: Our MDR (Managed Detection and Response) services offer layered cybersecurity controls for effective risk management and rapid response. It was designed to be a method of proactive prevention against security threats to your environment, especially zero-day threats, making it one of the industry's leading cybersecurity tools. MDR is critical when it comes to staying ahead of all kinds of threats, detecting and stopping them before they become breaches.
Beleaguered foreign currency exchange company Travelex confirmed on Friday that the first of its U.K.-based customer-facing systems were back up and running after the New Year’s Eve discovery of Sodinokibi ransomware on its network prompted a shutdown of key systems. (By Bradly Barth, SCMagazine) Ingalls: Enhancing your patch management process to include vulnerability scanning, a robust remediation workflow, and metrics-based decision support from data collection can do a lot more for your risk management than simply plugging holes whenever a software vendor produces a patch. In our downloadable “8 Effective Cybersecurity Controls For SMBs” guide we discuss how to do more with patch management, and the benefits of a mature Vulnerability Lifecycle Management program. If your business or a client needs expert cybersecurity risk management that includes Vulnerability Lifecycle Management, please contact us today to schedule an engagement with Ingalls Information Security!
Within the field of incident response, planning and testing are key elements of a good security posture. The importance of training and methods of developing tests both feature highly on security professionals’ priority lists. Here are a few lessons I’ve learned about incident response from having run tabletop exercises within IBM and alongside our clients. (By Robert Calvert, Security Intelligence) Ingalls: All organizations are at risk for a data breach, no matter the size. The way you respond to the breach can be just as important as your security defenses. A thorough Incident Response Plan, created before a breach ever happens, can significantly reduce the negative impact of the breach. Read more about how to properly respond to a data breach here.
Attackers don't always need to breach the networks of their victims themselves to plant malware as there are plenty of professional intruders offering their services on underground markets. (By Ionut Ilascu, Bleeping Computer) Ingalls: There's no way of knowing that all hosts within a network are protected without Managed Detection & Response. The threat landscape is constantly changing, and it's critical that any gaps in your endpoint security is detected and resolved quickly. The traditional methods of network monitoring and Intrusion Detection Systems (IDS) may no longer be a valid security control. Read more about Ingalls' next-generation Network Intrustion Detection here.
Hacks on Louisiana Parishes Hint at Nightmare Election Scenario Expert believes November ransomware attacks timed to election, ‘A very dangerous...
1 min read
FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals On Monday, Oct. 26, KrebsOnSecurity began following up on a tip...
US Secret Service Reports an Increase in Hacked Managed Service Providers (MSPs) The US Secret Service sent out a security alert last month to the US...