Skip to the main content.
Under Attack? Login
Under Attack? Login
Managed Extended Detection & Response
Layered cybersecurity controls for effective risk management and rapid response.

24/7/365 Monitoring & Alerting
Compromise Assessments
Threat Hunting
Vulnerability Management

Book MXDR Demo

Government Programs
Integrated technology, solutions, and services that support rapid innovation within the DoD ecosystem.

CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR/RMF Pro)
ATO/RMF Support

Book GP Demo

Professional Services
Expertise in security strategy, incident response readiness, policy development, and risk assessments.

Risk Assessments
vCISO
Penetration Testing

Book ProServ Demo

Digital Forensics & Incident Response
Are You Under Attack?

If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.

CONTACT US

Resources

Subscribe-to-NetSec-News-v4Subscribe to NetSec News

Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.

SIGN UP

Company

Ingalls Information Security

At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.

Meet The Leadership Team

1 min read

Articles of interest from the week of December 13, 2021

Picture of John Frasier John Frasier Dec 13, 2021 9:26:00 AM

Network Security News Weekly

Second Log4j Vulnerability (CVE-2021-45046) Discovered — New Patch Released

The Apache Software Foundation (ASF) has pushed out a new fix for the Log4j logging utility after the previous patch for the recently disclosed Log4Shell exploit was deemed as "incomplete in certain non-default configurations. (By Ravie Lakshmanan, The Hacker News)


Attackers Target Log4J to Drop Ransomware, Web Shells, Backdoors

Threat actors, including at least one nation-state actor, are attempting to exploit the newly disclosed Log4j flaw to deploy ransomware, remote access Trojans, and Web shells on vulnerable systems. All the while, organizations continue to download versions of the logging tool containing the vulnerability. (By Jai Vijayan, Dark Reading


Microsoft Issues Windows Update to Patch 0-Day Used to Spread Emotet Malware

Microsoft has rolled out Patch Tuesday updates to address multiple security vulnerabilities in Windows and other software, including one actively exploited flaw that's being abused to deliver Emotet, TrickBot, or Bazaloader malware payloads. (By Ravie Lakshmanan, The Hacker News)


Why Cloud Storage Isn't Immune to Ransomware

Ransomware is the flavor of the month for cybercriminals. The FBI reports that ransomware attacks rose 20% and losses almost tripled in 2020. And our increased use of the cloud may have played a part in that spike. A survey of CISOs conducted by IDC earlier this year found that 98% of their companies suffered at least one cloud data breach in the previous 18 months as opposed to 79% last year, and numbers got worse the more exposure they had to the cloud. (By Shai Morag, Dark Reading


New Microsoft Exchange Credential-Stealing Malware Could Be Worse Than Phishing

Kaspersky has discovered a malicious add-on for Microsoft's Internet Information Service (IIS) webserver software that it said is designed to harvest credentials from Outlook Web Access (OWA), the webmail client for Exchange and Office 365. (By Brandon Vigliarolo, TechRepublic
Sign Up For Network Security News