Articles of interest from the week of May 8, 2023
New Cactus Ransomware Encrypts Itself To Evade Antivirus A new ransomware operation called Cactus has been exploiting vulnerabilities in VPN...
24/7/365 Monitoring & Alerting
Compromise Assessments
Threat Hunting
Vulnerability Management
CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR®/RMF Pro)
ATO/RMF Support
If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.
Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.
At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.
2 min read
John Frasier : Feb 27, 2023 12:00:00 AM
The massive popularity of OpenAI’s chatbot ChatGPT has not gone unnoticed by cybercriminals: they are exploiting the public’s eagerness to experiment with it to trick users into downloading Windows and Android malware and visiting phishing pages. (Help Net Security)
“Like any “Next Big Thing,” ChatGPT can count among its ardent admirers a number of con-artists and criminals who are unabashedly attempting to make money by association with it. – Jason Ingalls, Founder & CEO at Ingalls Information Security |
GoDaddy’s source code was stolen and systems were infected with malware by an unknown threat actor in a breach of the web hosting company linked to a multiyear campaign.
The company, responding to customer complaints about intermittent site redirects starting in early December 2022, discovered unauthorized access to its cPanel shared hosting servers. (Cybersecurity Dive)
Pepsi Bottling Ventures, the largest bottlers of Pepsi beverages in the US, has reported a data breach affecting the personal information of employees, including financial account information, state and federal government-issued ID numbers, driver’s license numbers, ID cards, social security numbers, and digital signatures. (CSO)
The PlugX remote access trojan has been observed masquerading as an open-source Windows debugger tool called x64dbg in an attempt to circumvent security protections and gain control of a target system.
"This file is a legitimate open-source debugger tool for Windows that is generally used to examine kernel-mode and user-mode code, crash dumps, or CPU registers," Trend Micro researchers said in a report published last week. (The Hacker News)
The US Cybersecurity and Infrastructure Security Agency has issued an advisory urging organizations to increase cybersecurity vigilance today, the anniversary of Russia’s invasion of Ukraine, in the wake of a cyberattack against several Ukrainian government websites.
"The United States and European nations may experience disruptive and defacement attacks against websites in an attempt to sow chaos and societal discord," the CISA advisory said. (CSO)
CISA released Decider, a free tool to help the cybersecurity community map threat actor behavior to the MITRE ATT&CK framework. Created in partnership with the Homeland Security Systems Engineering and Development Institute™ (HSSEDI) and MITRE, Decider helps make mapping quick and accurate through guided questions, a powerful search and filter function, and a cart functionality that lets users export results to commonly used formats. (CISA)
New Cactus Ransomware Encrypts Itself To Evade Antivirus A new ransomware operation called Cactus has been exploiting vulnerabilities in VPN...
A Third MOVEit Vulnerability Fixed, Cl0p Lists Victim Organizations (CVE-2023-35708) Yet another MOVEit Transfer vulnerability, CVE-2023-35708, was...
FBI Warns of ‘Zoom-Bombing,’ Where Hackers Hijack Video Conferences After Two Schools Affected The FBI has warned the public of the potential for...