Articles of interest from the week of October 12, 2020
Emotet Spoofs DNC in New Attack Campaign A new Emotet attack campaign impersonates the Democratic National Committee (DNC) to convince victims to...
24/7/365 Monitoring & Alerting
Compromise Assessments
Threat Hunting
Vulnerability Management
CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR®/RMF Pro)
ATO/RMF Support
If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.
Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.
At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.
1 min read
John Frasier : Dec 12, 2022 12:00:00 AM
LastPass has determined that an unauthorized party, using information obtained in the August 2022 incident, was able to gain access to certain elements of their customers’ information. They state that their customers’ passwords remain safely encrypted due to LastPass’s Zero Knowledge architecture. (LastPass)
Congress is poised to vote in coming days on an $858 billion annual defense policy bill that contains significant spending increases for U.S. Cyber Command and other efforts to bolster national cybersecurity defenses. (CyberScoop)
InfraGard, a program run by the U.S. Federal Bureau of Investigation (FBI) to build cyber and physical threat information-sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. Meanwhile, the hackers responsible are communicating directly with members through the InfraGard portal online — using a new account under the assumed identity of a financial industry CEO that was vetted by the FBI itself. (Krebs on Security)
Apple has rolled out a number of security features that will now offer end-to-end encryption to protect data, including backups, contacts, notes, photos, and wallet passes. The company also announced hardware Security Keys for Apple ID. (Computerworld)
Indiana sued Chinese-owned short-video sharing app TikTok on Wednesday over allegations that it is deceiving users about China's access to their data and exposing children to mature content. The office of Indiana Attorney General Todd Rokita, said the popular app, owned by ByteDance, violates the state's consumer protection laws by not disclosing the Chinese government's potential to access sensitive consumer information. (Reuters)
The term ‘Magnet of Threats’ is used to describe targets so desirable that multiple threat actors regularly cohabitate on the same victim machine in the course of their collection. In the process of responding to a series of tangled intrusions at one of these Magnets of Threats, SentinelLabs researchers encountered an entirely new threat actor: ‘Metador’.
Metador’s intrusions were located primarily in telcos, ISPs, and universities in the Middle East and Africa, but that is likely only a small portion of the operations of what is clearly a long-running threat actor of unknown origin. (SentinelOne)
Emotet Spoofs DNC in New Attack Campaign A new Emotet attack campaign impersonates the Democratic National Committee (DNC) to convince victims to...
Number of US Breach Victims Jumps 564% in Q1 2021 The number of publicly reported breach victims in the US has soared by 564% from the end of 2020 to...
1 min read
The Biggest Hacks, Data Breaches of 2020 Cybersecurity may be far from many of our minds this year, and in light of a pandemic and catastrophic...