Articles of interest from the week of February 24, 2020
Why Ransomware Attacks on Municipalities Spiked in 2019 Ransomware spread to a number of city, state and local governments across the U.S. in 2019....
24/7/365 Monitoring & Alerting
Compromise Assessments
Threat Hunting
Vulnerability Management
CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR®/RMF Pro)
ATO/RMF Support
If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.
Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.
At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.
3 min read
John Frasier : Sep 20, 2021 12:00:00 AM
Microsoft has opened the lid on a large-scale phishing-as-a-service (PHaaS) operation that's involved in selling phishing kits and email templates as well as providing hosting and automated services at a low cost, thus enabling cyber actors to purchase phishing campaigns and deploy them with minimal efforts. "With over 100 available phishing templates that mimic known brands and services, the BulletProofLink operation is responsible for many of the phishing campaigns that impact enterprises today," Microsoft 365 Defender Threat Intelligence Team said in a Tuesday report. (By Ravie Lakshmanan, The Hacker News) Ingalls: Business Email Compromise (BEC) constitutes 37% of ALL losses last year. Since "spoofing" is likely a subgroup of BEC, the total loss number is close to $2.1 billion! Email-based threats, like BEC attacks, are becoming a bigger problem for businesses. Ingalls has the ability to investigate Cloud-based BEC breaches as well as deploy tools into any on-premises environments to check for lateral movement by attackers who have access to Single Sign-On (SSO) credentials such as those managed by Microsoft Active Directory and Azure Active Directory. We are able to assist in remediation of any BEC breaches by analyzing email accounts, determining what actions attackers took (such as creation of forward and delete rules for inboxes, etc.), and purging email accounts of spear-phishing emails as well as unauthorized changes.
Ransomware attacks have hit "stratospheric" levels, according to a report released Wednesday by a cybersecurity firm. In the second quarter of 2021, ransomware accounted for 69% of all attacks involving malware, a 30% jump from the same quarter in 2020. The most popular targets for ransomware were governmental, medical, and industrial companies along with scientific and educational institutions. (By Lance Whitney, TechRepublic) Ingalls: One of the most telling statistics from the Verizon Data Breach Investigations Report (DBIR) is that Ransomware remains a serious threat to all industries and accounts for nearly a quarter of all malware-based attacks. Ransomware has become so widespread and commonplace that a normal attack garners neither the shock of security professionals nor the attention of the media. Are You Prepared To Defend Against Ransomware?
Security researchers disclosed today a new vulnerability in Apple's macOS Finder, which makes it possible for attackers to run commands on Macs running any macOS version up to the latest release, Big Sur. Zero-days are publicly disclosed flaws that haven't been patched by the vendor which, in some cases, are also actively exploited by attackers or have publicly available proof-of-concept exploits. (By Sergiu Gatlan, Bleeping Computer) Ingalls: Our MDR (Managed Detection and Response) services offer layered cybersecurity controls for effective risk management and rapid response. It was designed to be a method of proactive prevention against security threats to your environment, especially zero-day threats, making it one of the industry's leading cybersecurity tools. MDR is critical when it comes to staying ahead of all kinds of threats, detecting and stopping them before they become breaches.
In the first half of 2021, cybercriminals launched approximately 5.4 million Distributed Denial of Services (DDoS) attacks, increasing 11% over 1H 2020 figures. Additionally, data projections point to 2021 as another record-setting year on track to surpass 11 million global DDoS attacks. This long tail of attacker innovation is expected to last, fueling a growing cybersecurity crisis that will continue to impact public and private organizations. (By Help Net Security) Ingalls: We understand the DDoS threat. Since 2010, we’ve been in war rooms and boardrooms, investigating computer networks targeted and attacked by criminals and nation-state-sponsored hackers. This experience gives us a powerful edge in preventing and responding to cyberattacks. Ingalls helps businesses large and small manage security risks and defend against cyberattacks. If you’d like to learn more, please contact us.
The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and National Security Agency (NSA) published a cybersecurity advisory today regarding increased Conti ransomware cyberattacks. The advisory includes technical details on the threat and mitigation steps that public and private sector organizations can take to reduce their risk to this ransomware. (By National Security Agency (NSA)) Ingalls: There is a critical need for businesses to take a proactive approach to cybersecurity in order to be positioned for early detection and fast response. One question businesses often ask is, should we pay the ransom? In one respect, paying a ransom can be seen as a cost-benefit decision. Broadly speaking, it’s better to not pay and so if you can, you should avoid doing so, but often this is not a viable option. So what are some of the considerations, when thinking through the Ransomware payment question?
Why Ransomware Attacks on Municipalities Spiked in 2019 Ransomware spread to a number of city, state and local governments across the U.S. in 2019....
Sudo Bug Opens Root Access on Linux Systems The bug allows users to bypass privilege restrictions to execute commands as root. (By Tara Seals, ...
10 Steps for Ransomware Protection Here are things you can do right now to shore up your defenses and help your recovery when you get hit. (By Derek...