Network Security News | Ingalls Information Security

Articles of interest from the week of May 18, 2020

Written by John Frasier | May 18, 2020 4:00:00 AM

Verizon Finds Increases in Financially Motivated Data Breaches  and Attacks on Web Applications

The latest Data Breach Investigations Report (DBIR) from Verizon Business highlighted a number of alarming statistics about the data breach landscape and the actors behind attacks, finding two-fold increases in web application breaches as well as growth in the number of data breaches conducted for financial gain. (By  Jonathan Greig, TechRepublic) Ingalls: Every business needs a plan to deal with emergencies, and we have a blog that covers how to build a cybersecurity incident response plan.


Ragnar Locker Ransomware Deploys Virtual Machine to Dodge Security

A new ransomware attack method takes defense evasion to a new level—deploying as a full virtual machine on each targeted device to hide the ransomware from view. In a recently detected attack, Ragnar Locker ransomware was deployed inside an Oracle VirtualBox Windows XP virtual machine. The attack payload was a 122 MB installer with a 282 MB virtual image inside—all to conceal a 49 kB ransomware executable. (By Mark Loman, Sophos News) Ingalls: Our Managed Detection And Response (MDR) service is the perfect solution to issues like this. Our MDR service delivers threat monitoring, detection and response leveraging a combination of technologies, advanced analytics, threat intelligence, and human expertise in incident investigation and response.


Hacked Law Firm May Have Had Unpatched Pulse Secure VPN

A recent ransomware attack that targeted a law firm that serves celebrities may have been facilitated by a Pulse Secure VPN server that was not properly patched and mitigated against a well-known vulnerability, some security experts say. (By Scott Ferguson, BankInfoSecurity) Ingalls: Check out our blog post that discusses the importance of patch management, and the benefits of a mature Vulnerability Lifecycle Management program. If you ever have to deal with a ransomware attack, we have another blog that offers some insight when thinking through the Ransomware payment question.


The Need for Compliance in a Post-COVID-19 World

With the current upheaval, business leaders may lose focus and push off implementing security measures, managing risk, and keeping up with compliance requirements. That's a big mistake! (By Baan Alsinawi, Dark Reading) Ingalls: We understand what the risk is, and we are highly-skilled in developing the security controls necessary to manage the risk compliance at the level determined as acceptable. We demonstrate compliance with the regulatory laws and meet all corporate compliance requirements such as PCI DSS, HIPAA, GLBA, Sarbanes-Oxley and many others. 


Microsoft: Beware This Massive Phishing Campaign Using Malicious Excel Macros to Hack PCs

Microsoft's Security Intelligence team has warned that it has been tracking a "massive" phishing campaign that attempts to install a remote access tool onto PCs by tricking users into opening email attachments containing malicious Excel 4.0 macros. (By Steve Ranger, ZDNet) Ingalls: Phishing is one of the most widely used cyber-attack vectors. Even the most trained and sophisticated users can get tricked into divulging their credentials or clicking on attachments containing malicious Excel 4.0 macros. Click here for a detailed Social Engineering Red Flags PDF courtesy of KnowBe4.