Skip to the main content.
Government Programs
Integrated technology, solutions, and services that support rapid innovation within the DoD ecosystem.

CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR/RMF Pro)
ATO/RMF Support

Book GP Demo

Professional Services
Expertise in security strategy, incident response readiness, policy development, and risk assessments.

Risk Assessments
vCISO
Penetration Testing

Book ProServ Demo

Digital Forensics & Incident Response
Are You Under Attack?

If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.

CONTACT US

Subscribe-to-NetSec-News-v4Subscribe to NetSec News

Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.

SIGN UP

Ingalls Information Security

At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.

Meet The Leadership Team

2 min read

Articles of interest from the week of May 18, 2020

Verizon Finds Increases in Financially Motivated Data Breaches  and Attacks on Web Applications

The latest Data Breach Investigations Report (DBIR) from Verizon Business highlighted a number of alarming statistics about the data breach landscape and the actors behind attacks, finding two-fold increases in web application breaches as well as growth in the number of data breaches conducted for financial gain. (By  Jonathan Greig, TechRepublic) Ingalls: Every business needs a plan to deal with emergencies, and we have a blog that covers how to build a cybersecurity incident response plan.


Ragnar Locker Ransomware Deploys Virtual Machine to Dodge Security

A new ransomware attack method takes defense evasion to a new level—deploying as a full virtual machine on each targeted device to hide the ransomware from view. In a recently detected attack, Ragnar Locker ransomware was deployed inside an Oracle VirtualBox Windows XP virtual machine. The attack payload was a 122 MB installer with a 282 MB virtual image inside—all to conceal a 49 kB ransomware executable. (By Mark Loman, Sophos News) Ingalls: Our Managed Detection And Response (MDR) service is the perfect solution to issues like this. Our MDR service delivers threat monitoring, detection and response leveraging a combination of technologies, advanced analytics, threat intelligence, and human expertise in incident investigation and response.


Hacked Law Firm May Have Had Unpatched Pulse Secure VPN

A recent ransomware attack that targeted a law firm that serves celebrities may have been facilitated by a Pulse Secure VPN server that was not properly patched and mitigated against a well-known vulnerability, some security experts say. (By Scott Ferguson, BankInfoSecurity) Ingalls: Check out our blog post that discusses the importance of patch management, and the benefits of a mature Vulnerability Lifecycle Management program. If you ever have to deal with a ransomware attack, we have another blog that offers some insight when thinking through the Ransomware payment question.


The Need for Compliance in a Post-COVID-19 World

With the current upheaval, business leaders may lose focus and push off implementing security measures, managing risk, and keeping up with compliance requirements. That's a big mistake! (By Baan Alsinawi, Dark Reading) Ingalls: We understand what the risk is, and we are highly-skilled in developing the security controls necessary to manage the risk compliance at the level determined as acceptable. We demonstrate compliance with the regulatory laws and meet all corporate compliance requirements such as PCI DSS, HIPAA, GLBA, Sarbanes-Oxley and many others. 


Microsoft: Beware This Massive Phishing Campaign Using Malicious Excel Macros to Hack PCs

Microsoft's Security Intelligence team has warned that it has been tracking a "massive" phishing campaign that attempts to install a remote access tool onto PCs by tricking users into opening email attachments containing malicious Excel 4.0 macros. (By Steve Ranger, ZDNet) Ingalls: Phishing is one of the most widely used cyber-attack vectors. Even the most trained and sophisticated users can get tricked into divulging their credentials or clicking on attachments containing malicious Excel 4.0 macros. Click here for a detailed Social Engineering Red Flags PDF courtesy of KnowBe4.

Sign Up For Network Security News