Skip to the main content.
Government Programs
Integrated technology, solutions, and services that support rapid innovation within the DoD ecosystem.

CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR/RMF Pro)
ATO/RMF Support

Book GP Demo

Professional Services
Expertise in security strategy, incident response readiness, policy development, and risk assessments.

Risk Assessments
vCISO
Penetration Testing

Book ProServ Demo

Digital Forensics & Incident Response
Are You Under Attack?

If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.

CONTACT US

Subscribe-to-NetSec-News-v4Subscribe to NetSec News

Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.

SIGN UP

Ingalls Information Security

At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.

Meet The Leadership Team

2 min read

Articles of interest from the week of June 1, 2020

Office 365 Phishing Baits Remote Workers With Fake VPN Configs

Microsoft Office 365 customers are targeted by a phishing campaign using bait messages camouflaged as notifications sent by their organization to update the VPN configuration they use to access company assets while working from home. (By Sergiu Gatlan, Bleeping Computer) Ingalls: In our Critical Control: Deploy Advanced Email Account Security blog we discuss email systems and how they are being used by attackers to gain a foothold, perform reconnaissance, execute crippling financial attacks, and what can be done to prevent and respond to them.

Hurricane-Related Scams

June 1 marks the official start of the 2020 Atlantic hurricane season. The Cybersecurity and Infrastructure Security Agency (CISA) warns users to remain on alert for malicious cyber activity targeting potential disaster victims and charitable donors following a hurricane. Fraudulent emails—often containing malicious links or attachments—are common after major natural disasters. Exercise caution in handling emails with hurricane-related subject lines, attachments, or hyperlinks. In addition, be wary of social media pleas, texts, or door-to-door solicitations relating to severe weather events. To avoid becoming victims of malicious activity, users and administrators should review the resources linked on the CISA website and take preventative measures. (By CISA) Ingalls: These CISA tips are just the beginning when it comes to protecting yourself against scams, phishing attacks, and ransomware. You need help. That's where we come in! Contact us today with your cybersecurity concerns!


REvil Ransomware Gang Starts Auctioning Victim Data

The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software. The move marks an escalation in tactics aimed at coercing victims to pay up — and publicly shaming those who don’t. But it may also signal that ransomware purveyors are searching for new ways to profit from their crimes as victim businesses struggle just to keep the lights on during the unprecedented economic slowdown caused by the COVID-19 pandemic. (By Krebs on Security) Ingalls: One of the most telling statistics from this year’s Verizon Data Breach Investigations Report (DBIR) is that Ransomware remains a serious threat to all industries and accounts for nearly a quarter of all malware based attacks. Ransomware has become so widespread and commonplace that a normal attack garners neither the shock of security professionals nor the attention of the media. Are You Prepared To Defend Against Ransomware?


Judge Demands Capital One Release Mandiant Cyberforensic Report on Data Breach

On Tuesday, Judge John Anderson from the US District Court for the Eastern District of Virginia ruled that Capital One is required to provide a copy of the report to attorneys suing the firm on behalf of customers impacted by the breach. (By Charlie Osborne, ZDNet) Ingalls: Responsibility for information security is one of a company’s greatest assets; many companies now understand information security is no longer an IT responsibility but rather is a risk-informed, executive level consideration. An effectively managed and implemented information security program is critical. Our Virtual Chief Information Security Officer Program provides cybersecurity risk management as a service.


Mailto Ransomware Attacks Michigan State University

Michigan State University (MSU) recently suffered a Mailto ransomware attack, though the overall impact of the attack has not been disclosed — and an extortion payment deadline appears to be approaching. (By Joe Panettieri, MSSP Alert) Ingalls: Although navigating a cybersecurity ransom payment process is an exercise best handled by those with experience, our recent blog offers some critical aspects you should consider.

Sign Up For Network Security News