1 min read
Articles of interest from the week of October 26, 2020
FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals On Monday, Oct. 26, KrebsOnSecurity began following up on a tip...
24/7/365 Monitoring & Alerting
Compromise Assessments
Threat Hunting
Vulnerability Management
CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR®/RMF Pro)
ATO/RMF Support
If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.
Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.
At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.
1 min read
John Frasier : Nov 28, 2022 12:00:00 AM
The Biden administration has banned approvals of new telecommunications equipment from China's Huawei Technologies and ZTE because they pose "an unacceptable risk" to U.S. national security. The U.S. Federal Communications Commission said on Friday it had adopted the final rules, which also bar the sale or import of equipment made by Chinese surveillance equipment maker Dahua Technology Co, video surveillance firm Hangzhou Hikvision Digital Technology Co Ltd and telecoms firm Hytera Communications Corp Ltd. (Reuters)
Google has released an emergency security update for the desktop version of the Chrome web browser, addressing the eighth zero-day vulnerability exploited in attacks this year. The high-severity flaw is tracked as CVE-2022-4135 and is a heap buffer overflow in GPU, discovered by Clement Lecigne of Google's Threat Analysis Group on November 22, 2022. (BleepingComputer)
The notorious Emotet malware has returned with renewed vigor as part of a high-volume malspam campaign designed to drop payloads like IcedID and Bumblebee. "Hundreds of thousands of emails per day" have been sent since early November 2022, enterprise security company Proofpoint said last week, adding, "the new activity suggests Emotet is returning to its full functionality acting as a delivery network for major malware families." (The Hacker News)
A proposed SEC rule will require companies to disclose their cybersecurity governance capabilities, including the board’s oversight of cyber risk, a description of management’s role in assessing and managing cyber risks, the relevant expertise of such management, and management’s role in implementing the company’s cybersecurity policies, procedures, and strategies. Meeting the new regulatory requirements can be better achieved by aligning how operational leaders discuss cybersecurity with their boards. Operational managers must start presenting their plans in a way that align with the way boards best contribute — the language of risk, resiliency, and reputation. (Harvard Business Review)
A developing threat activity cluster has been found using Google Ads in one of its campaigns to distribute various post-compromise payloads, including the recently discovered Royal ransomware. Microsoft, which spotted the updated malware delivery method in late October 2022, is tracking the group under the name DEV-0569. (The Hacker News)
1 min read
FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals On Monday, Oct. 26, KrebsOnSecurity began following up on a tip...
ConnectWise Control Security Issues Are Tip Of Iceberg For MSPs Using RMM Tools The ConnectWise Control security vulnerabilities disclosed this week...
Why Cybercrime Spikes Around Major Events And Unrest Health pandemics, weather catastrophes, civil unrest, war — these are all unfortunate realities...