Skip to the main content.
Government Programs
Integrated technology, solutions, and services that support rapid innovation within the DoD ecosystem.

CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR®/RMF Pro)
ATO/RMF Support

Book GP Demo

Professional Services
Expertise in security strategy, incident response readiness, policy development, and risk assessments.

Risk Assessments
vCISO
Penetration Testing

Book ProServ Demo

Digital Forensics & Incident Response
Are You Under Attack?

If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.

CONTACT US

Subscribe-to-NetSec-News-v4Subscribe to NetSec News

Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.

SIGN UP

Ingalls Information Security

At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.

Meet The Leadership Team

3 min read

Articles of interest from the week of May 10, 2021

85% of Data Breaches Involve Human Interaction: Verizon DBIR

Web application attacks, phishing, and ransomware increased over the past year, emphasizing a shift as attackers took advantage of people working from home and spending more time online amid the COVID-19 pandemic. Most (85%) attacks seen in 2020 involved human interaction. (By Kelly Sheridan, Dark Reading) Ingalls: Ingalls’ tailored Managed Detection and Response (MDR) and Cybersecurity Risk Management Services enable a defense-in-depth approach so organizations of all sizes can rest easier knowing their environments are safe from criminal threats. Defense-in-depth is our blueprint, we use next-generation antivirus (NGAV) that employs artificial intelligence and machine learning to monitor, detect, and respond to criminals’ tactics, techniques, and procedures (TTPs). Our experienced analysts use multiple layers of customized and proprietary tools to provide context and actionable information, simplifying enhanced security so you can rest easier. Download our white paper to learn more about our defense-in-depth approach to information security through our Managed Detection and Response (MDR) services.


Latest Microsoft Windows Updates Patch Dozens of Security Flaws

Microsoft on Tuesday rolled out its scheduled monthly security update with patches for 55 security flaws affecting Windows, Exchange Server, Internet Explorer, Office, Hyper-V, Visual Studio, and Skype for Business. Of these 55 bugs, four are rated as Critical, 50 are rated as Important, and one is listed as Moderate in severity. Three of the vulnerabilities are publicly known, although, unlike last month, none of them are under active exploitation at the time of release. (By Ravie Lakshmanan, The Hacker News) Ingalls: Enhancing your patch management process to include vulnerability scanning, a robust remediation workflow, and metrics-based decision support from data collection can do a lot more for your risk management than simply plugging holes whenever a software vendor produces a patch. In our downloadable “8 Effective Cybersecurity Controls For SMBs” guide, we discuss how to do more with patch management, and the benefits of a mature Vulnerability Lifecycle Management program.


Colonial Pipeline was using vulnerable, outdated version of Microsoft Exchange

A forensic report of the Colonial Pipeline noted that the "most likely culprit" within the company’s IT infrastructure was the vulnerable Microsoft Exchange services, as noted by New York Times reporter Nicole Perlroth, though there were several other issues that researchers characterized as an overall "lack of cybersecurity sophistication." (By Subir Kathuria, Neowin) Ingalls: After the Microsoft patches are implemented, it is a good idea to have a cybersecurity expert look for indicators of compromise on your Exchange servers to see if they were compromised. Cybersecurity teams have found that prior to the patch being applied if a server was compromised, there was likely a backdoor uploaded to the server. The patch is not going to prevent the backdoor from being accessed. The backdoor is completely separate from the vulnerability. Our incident responders have the expertise and forensic knowledge to remediate your environment and restore your organization to normal operations with an improved security posture! Please contact us today if you would like to speak to one of our cybersecurity experts about how we can help secure your company's information in a personalized and efficient way with our cybersecurity services. For more information please check out the cybersecurity advisory we issued on March 3rd that contains our recommended actions with links to additional resources.


Opportunistic vs. Targeted Ransomware Attacks

The critical infrastructure systems we rely on to deliver water, electricity, fuel, and other essential services are under siege. Increasingly, ransomware is becoming cyber criminals’ attack method of choice, for they understand that even short periods of downtime can cause far-reaching disruption and damage. This puts extreme pressure on victim organizations to pay up in order to decrypt data and restore operations quickly. While industrial systems may be top-of-mind today, the threat of ransomware knows no boundaries, and no individual or industry is safe from its reach — especially in the age of cloud, mobile, and highly distributed workforces. (By Vadim Sedletsky, CyberarkIngalls: Unfortunately, ransomware remains a serious threat to all industries and accounts for nearly a quarter of all malware-based attacks. Ransomware has become so widespread and commonplace that a normal attack garners neither the shock of security professionals nor the attention of the media. Are You Prepared To Defend Against Ransomware?


Pipeline Update: Biden Executive Order, DarkSide Detailed, and Gas Bags

CISA and the FBI said that DarkSide affiliates leveraging DarkSide have recently been targeting organizations in industries including manufacturing, legal, insurance, healthcare, and energy. Prevention is the best cure for this ransomware plague, the agencies said. They urged potential targets to use best practices in the resources mentioned in this article to strengthen their cybersecurity posture. (By Lisa Vaas, Threatpost) Ingalls: Remember, whether you’re facing a data exposure incident, a business email compromise, or a dreaded ransomware attack, there are steps that you can take to help your organization respond and, hopefully, recover from this incident. For more information please read our blog post, How To Respond When You’ve Been Breached.

Sign Up For Network Security News
Articles of interest from the week of July 31, 2023

Articles of interest from the week of July 31, 2023

Average Cost of a Data Breach Reaches $4.45 Million in 2023 IBM released its annual Cost of a Data Breach Report, showing the global average cost of...

Read More

Articles of interest from the week of June 10, 2019

FBI Warning: The Lock Icon Doesn’t Mean That Website Is Safe Having HTTPS and a TLS certificate doesn’t mean the site isn’t a platform for scammers...

Read More

1 min read

Articles of interest from the week of October 26, 2020

FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals On Monday, Oct. 26, KrebsOnSecurity began following up on a tip...

Read More