Skip to the main content.
Government Programs
Integrated technology, solutions, and services that support rapid innovation within the DoD ecosystem.

CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR®/RMF Pro)
ATO/RMF Support

Book GP Demo

Professional Services
Expertise in security strategy, incident response readiness, policy development, and risk assessments.

Risk Assessments
vCISO
Penetration Testing

Book ProServ Demo

Digital Forensics & Incident Response
Are You Under Attack?

If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.

CONTACT US

Subscribe-to-NetSec-News-v4Subscribe to NetSec News

Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.

SIGN UP

Ingalls Information Security

At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.

Meet The Leadership Team

2 min read

Articles of interest from the week of March 13, 2023

Cyberattackers Double Down on Bypassing MFA

As companies increasingly require stronger versions of security for their employees and customers, attackers are getting better at bypassing multifactor authentication (MFA), resulting in a steady stream of compromises, such as this week's announcement of a data leak at cybersecurity firm LastPass and the announced breach at social media service Reddit earlier in February. (Dark Reading)

NSN Email Template v4_Expert-Take
 

“There are three basic ways that orgs get hacked: stolen credentials, malware, and vulnerabilities being exploited. Attackers must defeat MFA if they are to use stolen credentials, and so it makes sense that we see so much investment of time and effort into bypass and other strategies to do so.

Companies must remain vigilant about what MFA solutions are most resistant against bypass, and ensure they stay a step ahead of bad actors by using hardened solutions.

Jason Ingalls, Founder & CEO at Ingalls Information Security

 


Warning: AI-generated YouTube Video Tutorials Spreading Infostealer Malware

Threat actors have been increasingly observed using AI-generated YouTube Videos to spread a variety of stealer malware such as Raccoon, RedLine, and Vidar. (The Hacker News)


Medusa Ransomware Gang Picks Up Steam As It Targets Companies Worldwide

A ransomware operation known as Medusa has begun to pick up steam in 2023, targeting corporate victims worldwide with million-dollar ransom demands.

The Medusa operation started in June 2021 but had relatively low activity, with few victims. However, in 2023 the ransomware gang increased in activity and launched a 'Medusa Blog' used to leak data for victims who refused to pay a ransom.

Medusa gained media attention this week after they claimed responsibility for an attack on the Minneapolis Public Schools (MPS) district and shared a video of the stolen data. (BleepingComputer)


Amazon-Owned Ring Reportedly Suffers Ransomware Attack

Ring, a home security and smart home company owned by Amazon, has reportedly suffered a ransomware attack by the Russia-linked ALPHV group, according to a tweet by VX-Underground.

The ALPHV ransomware group, also known as BlackCat, has posted the company’s logo on its website along with a message that reads, “There’s always an option to let us leak your data.” The group has threatened to leak the stolen data if the company refuses to pay the ransom. (CSO)

 

Pig Butchering & Investment Scams: The $3B Cybercrime Threat Overtaking BEC

The massive popularity of OpenAI’s chatbot ChatGPT has not gone unnoticed by Pig butchering is a repulsively named, rising investment scam that uses a potent mix of the promise of romance and the lure of making easy cryptocurrency millions against its unsuspecting targets.

Through a careful process of "fattening up" victims with small returns on cryptocurrency deals and personal interactions, often with a romance element, all of which is meant to convince them to invest wildly. If successful, as they often are, threat actors are able to make off with the "whole hog" of their targets' assets. (Dark Reading)


Microsoft Warns of Large-Scale Use of Phishing Kits to Send Millions of Emails Daily

An open-source adversary-in-the-middle (AiTM) phishing kit has found a number of takers in the cybercrime world for its ability to orchestrate attacks at scale.

Microsoft Threat Intelligence is tracking the threat actor behind the development of the kit under its emerging moniker DEV-1101. (The Hacker News)

Sign Up For Network Security News
Articles of interest from the week of July 8, 2024

Articles of interest from the week of July 8, 2024

China ‘Actively’ Targeting US Industrial Base, Warns CYBERCOM Chief “The People's Republic of China’s efforts to steal intellectual property, gain...

Read More

Articles of interest from the week of March 29, 2021

Developing a Risk Management Approach to Cybersecurity By now most CISOs understand that focusing your cybersecurity program on regulatory...

Read More
Articles of interest from the week of August 28, 2023

Articles of interest from the week of August 28, 2023

New Cyber Incident Notification Requirements for Credit Unions Beginning on September 1, 2023, all federally insured credit unions must notify the...

Read More