Articles of interest from the week of July 15, 2019
Cybercriminals are Increasingly Targeting the Financial Services Industry Universally, consumers and small and large businesses alike, are...
24/7/365 Monitoring & Alerting
Compromise Assessments
Threat Hunting
Vulnerability Management
CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR®/RMF Pro)
ATO/RMF Support
If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.
Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.
At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.
2 min read
John Frasier : May 18, 2020 12:00:00 AM
The latest Data Breach Investigations Report (DBIR) from Verizon Business highlighted a number of alarming statistics about the data breach landscape and the actors behind attacks, finding two-fold increases in web application breaches as well as growth in the number of data breaches conducted for financial gain. (By Jonathan Greig, TechRepublic) Ingalls: Every business needs a plan to deal with emergencies, and we have a blog that covers how to build a cybersecurity incident response plan.
A new ransomware attack method takes defense evasion to a new level—deploying as a full virtual machine on each targeted device to hide the ransomware from view. In a recently detected attack, Ragnar Locker ransomware was deployed inside an Oracle VirtualBox Windows XP virtual machine. The attack payload was a 122 MB installer with a 282 MB virtual image inside—all to conceal a 49 kB ransomware executable. (By Mark Loman, Sophos News) Ingalls: Our Managed Detection And Response (MDR) service is the perfect solution to issues like this. Our MDR service delivers threat monitoring, detection and response leveraging a combination of technologies, advanced analytics, threat intelligence, and human expertise in incident investigation and response.
A recent ransomware attack that targeted a law firm that serves celebrities may have been facilitated by a Pulse Secure VPN server that was not properly patched and mitigated against a well-known vulnerability, some security experts say. (By Scott Ferguson, BankInfoSecurity) Ingalls: Check out our blog post that discusses the importance of patch management, and the benefits of a mature Vulnerability Lifecycle Management program. If you ever have to deal with a ransomware attack, we have another blog that offers some insight when thinking through the Ransomware payment question.
With the current upheaval, business leaders may lose focus and push off implementing security measures, managing risk, and keeping up with compliance requirements. That's a big mistake! (By Baan Alsinawi, Dark Reading) Ingalls: We understand what the risk is, and we are highly-skilled in developing the security controls necessary to manage the risk compliance at the level determined as acceptable. We demonstrate compliance with the regulatory laws and meet all corporate compliance requirements such as PCI DSS, HIPAA, GLBA, Sarbanes-Oxley and many others.
Microsoft's Security Intelligence team has warned that it has been tracking a "massive" phishing campaign that attempts to install a remote access tool onto PCs by tricking users into opening email attachments containing malicious Excel 4.0 macros. (By Steve Ranger, ZDNet) Ingalls: Phishing is one of the most widely used cyber-attack vectors. Even the most trained and sophisticated users can get tricked into divulging their credentials or clicking on attachments containing malicious Excel 4.0 macros. Click here for a detailed Social Engineering Red Flags PDF courtesy of KnowBe4.
Cybercriminals are Increasingly Targeting the Financial Services Industry Universally, consumers and small and large businesses alike, are...
Top 25 Financial Data Breach Statistics for 2020 Data breach statistics show that cybercriminals know exactly how sensitive online banking data is in...
If You Don’t Already Have a Generative AI Security Policy, There’s No Time To Lose Businesses are finding more and more compelling reasons to use...