Skip to the main content.
Under Attack? Login
Under Attack? Login
Managed Extended Detection & Response
Layered cybersecurity controls for effective risk management and rapid response.

24/7/365 Monitoring & Alerting
Compromise Assessments
Threat Hunting
Vulnerability Management

Book MXDR Demo

Government Programs
Integrated technology, solutions, and services that support rapid innovation within the DoD ecosystem.

CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR/RMF Pro)
ATO/RMF Support

Book GP Demo

Professional Services
Expertise in security strategy, incident response readiness, policy development, and risk assessments.

Risk Assessments
vCISO
Penetration Testing

Book ProServ Demo

Digital Forensics & Incident Response
Are You Under Attack?

If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.

CONTACT US

Resources

Subscribe-to-NetSec-News-v4Subscribe to NetSec News

Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.

SIGN UP

Company

Ingalls Information Security

At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.

Meet The Leadership Team

2 min read

Articles of interest from the week of February 27, 2023

Picture of John Frasier John Frasier Mar 2, 2023 7:39:36 AM

Network Security News Weekly

Users Looking for ChatGPT Apps Get Malware Instead

The massive popularity of OpenAI’s chatbot ChatGPT has not gone unnoticed by cybercriminals: they are exploiting the public’s eagerness to experiment with it to trick users into downloading Windows and Android malware and visiting phishing pages. (Help Net Security)

NSN Email Template v4_Expert-Take
 

“Like any “Next Big Thing,” ChatGPT can count among its ardent admirers a number of con-artists and criminals who are unabashedly attempting to make money by association with it.

The best defense against these types of attacks is to not let oneself get swept up in the moment and make impulse purchases, but to thoughtfully evaluate the technology and “try before you buy” anything that claims to be related to generative AI.

ChatGPT is free to use right now, and I encourage anyone who is interested to experiment with it, so you know what it truly is and not what people may be trying to make you believe.”

Jason Ingalls, Founder & CEO at Ingalls Information Security
 


GoDaddy Source Code Stolen as Part of a Multiyear Campaign

GoDaddy’s source code was stolen and systems were infected with malware by an unknown threat actor in a breach of the web hosting company linked to a multiyear campaign.

The company, responding to customer complaints about intermittent site redirects starting in early December 2022, discovered unauthorized access to its cPanel shared hosting servers. (Cybersecurity Dive)


Pepsi Bottling Ventures Suffers Data Breach

Pepsi Bottling Ventures, the largest bottlers of Pepsi beverages in the US, has reported a data breach affecting the personal information of employees, including financial account information, state and federal government-issued ID numbers, driver’s license numbers, ID cards, social security numbers, and digital signatures. (CSO)


PlugX Trojan Disguised as Legitimate Windows Debugger Tool in Latest Attacks

The PlugX remote access trojan has been observed masquerading as an open-source Windows debugger tool called x64dbg in an attempt to circumvent security protections and gain control of a target system.

"This file is a legitimate open-source debugger tool for Windows that is generally used to examine kernel-mode and user-mode code, crash dumps, or CPU registers," Trend Micro researchers said in a report published last week. (The Hacker News)


US Warns of Cyberattacks by Russia on Anniversary of Ukraine War

The US Cybersecurity and Infrastructure Security Agency has issued an advisory urging organizations to increase cybersecurity vigilance today, the anniversary of Russia’s invasion of Ukraine, in the wake of a cyberattack against several Ukrainian government websites.


"The United States and European nations may experience disruptive and defacement attacks against websites in an attempt to sow chaos and societal discord," the CISA advisory said. (CSO)


CISA Releases Decider Tool to Help with MITRE ATT&CK Mapping

CISA released Decider, a free tool to help the cybersecurity community map threat actor behavior to the MITRE ATT&CK framework. Created in partnership with the Homeland Security Systems Engineering and Development Institute™ (HSSEDI) and MITRE, Decider helps make mapping quick and accurate through guided questions, a powerful search and filter function, and a cart functionality that lets users export results to commonly used formats. (CISA)
Sign Up For Network Security News