Skip to the main content.
Government Programs
Integrated technology, solutions, and services that support rapid innovation within the DoD ecosystem.

CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR®/RMF Pro)
ATO/RMF Support

Book GP Demo

Professional Services
Expertise in security strategy, incident response readiness, policy development, and risk assessments.

Risk Assessments
vCISO
Penetration Testing

Book ProServ Demo

Digital Forensics & Incident Response
Are You Under Attack?

If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.

CONTACT US

Subscribe-to-NetSec-News-v4Subscribe to NetSec News

Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.

SIGN UP

Ingalls Information Security

At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.

Meet The Leadership Team

2 min read

Articles of interest from the week of April 24, 2023

Exploit Released for PaperCut Flaw Abused To Hijack Servers, Patch Now

Attackers are exploiting severe vulnerabilities in the widely-used PaperCut MF/NG print management software to install Atera remote management software to take over servers.

The software's developer claims it's used by more than 100 million users from over 70,000 companies worldwide.

The two security flaws (tracked as CVE-2023-27350 and CVE-2023-27351) allow remote attackers to bypass authentication and execute arbitrary code on compromised PaperCut servers with SYSTEM privileges in low-complexity attacks that don't require user interaction. (BleepingComputer)

NSN Email Template v4_Expert-Take
 

“When implementing scripting capabilities into an application or service, especially one that has the option to be web-exposed, security needs to be a higher priority. It is always important to consider what bad actors may do or how they may abuse a service or application. Innately, we develop and build things with good intentions, however, in order to protect the good people from the bad, it is sometimes crucial to shape our perspective as if we were the bad guys. This perspective shift could help us be more proactive in preventing these types of vulnerabilities, instead of always having to react to them.

Sean Scully, CTI Threat Hunter at Ingalls Information Security

 


The Huge 3CX Breach Was Actually 2 Linked Supply Chain Attacks

The mass compromise of the VoIP firm's customers is the first confirmed incident where one software supply chain attack enabled another, researchers say. (WIRED)


Ransomware Gangs Abuse Process Explorer Driver To Kill Security Software

Threat actors use a new hacking tool dubbed AuKill to disable Endpoint Detection & Response (EDR) Software on targets' systems before deploying backdoors and ransomware in Bring Your Own Vulnerable Driver (BYOVD) attacks.

In such attacks, malicious actors drop legitimate drivers signed with a valid certificate and capable of running with kernel privileges on the victims' devices to disable security solutions and take over the system. (BleepingComputer)


Wargaming an Effective Data Breach Playbook

A well-tuned data breach playbook can provide security teams with a clear roadmap for working through the breach response process. Foreseeing every possible twist and turn of a breach may be impossible, but through extensive wargaming, teams can simulate diverse situations to give them a proactive edge. (Help Net Security)


LockBit Ransomware Targets Apple Silicon Macs for the First Time

Security researchers discovered a new version of the LockBit ransomware which targets Apple's Mac computers for the first time.

As 9To5Mac reports, until now the LockBit ransomware has focused on infecting Windows and Linux machines, but a new build named "locker_Apple_M1_64" suggests macOS infections are imminent. According to MalwareHunterTeam, which discovered the new build, there are versions of the ransomware for PowerPC Macs, too. (PC Magazine)

Sign Up For Network Security News
Articles of interest from the week of March 27, 2023

Articles of interest from the week of March 27, 2023

Hackers Steal Over $1.6 Million in Crypto from General Bytes Bitcoin ATMs Using Zero-Day Flaw Bitcoin ATM maker General Bytes disclosed that...

Read More
Articles of interest from the week of September 11, 2023

Articles of interest from the week of September 11, 2023

Chrome Zero-Day Exploited in the Wild, Patch Now! (CVE-2023-4863) Google has rolled out a security update for a critical Chrome zero-day...

Read More
Articles of interest from the week of February 27, 2023

Articles of interest from the week of February 27, 2023

Users Looking for ChatGPT Apps Get Malware Instead The massive popularity of OpenAI’s chatbot ChatGPT has not gone unnoticed by cybercriminals: they...

Read More