Skip to the main content.
Government Programs
Integrated technology, solutions, and services that support rapid innovation within the DoD ecosystem.

CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR®/RMF Pro)
ATO/RMF Support

Book GP Demo

Professional Services
Expertise in security strategy, incident response readiness, policy development, and risk assessments.

Risk Assessments
vCISO
Penetration Testing

Book ProServ Demo

Digital Forensics & Incident Response
Are You Under Attack?

If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.

CONTACT US

Subscribe-to-NetSec-News-v4Subscribe to NetSec News

Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.

SIGN UP

Ingalls Information Security

At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.

Meet The Leadership Team

2 min read

Articles of interest from the week of April 24, 2023

Exploit Released for PaperCut Flaw Abused To Hijack Servers, Patch Now

Attackers are exploiting severe vulnerabilities in the widely-used PaperCut MF/NG print management software to install Atera remote management software to take over servers.

The software's developer claims it's used by more than 100 million users from over 70,000 companies worldwide.

The two security flaws (tracked as CVE-2023-27350 and CVE-2023-27351) allow remote attackers to bypass authentication and execute arbitrary code on compromised PaperCut servers with SYSTEM privileges in low-complexity attacks that don't require user interaction. (BleepingComputer)

NSN Email Template v4_Expert-Take
 

“When implementing scripting capabilities into an application or service, especially one that has the option to be web-exposed, security needs to be a higher priority. It is always important to consider what bad actors may do or how they may abuse a service or application. Innately, we develop and build things with good intentions, however, in order to protect the good people from the bad, it is sometimes crucial to shape our perspective as if we were the bad guys. This perspective shift could help us be more proactive in preventing these types of vulnerabilities, instead of always having to react to them.

Sean Scully, CTI Threat Hunter at Ingalls Information Security

 


The Huge 3CX Breach Was Actually 2 Linked Supply Chain Attacks

The mass compromise of the VoIP firm's customers is the first confirmed incident where one software supply chain attack enabled another, researchers say. (WIRED)


Ransomware Gangs Abuse Process Explorer Driver To Kill Security Software

Threat actors use a new hacking tool dubbed AuKill to disable Endpoint Detection & Response (EDR) Software on targets' systems before deploying backdoors and ransomware in Bring Your Own Vulnerable Driver (BYOVD) attacks.

In such attacks, malicious actors drop legitimate drivers signed with a valid certificate and capable of running with kernel privileges on the victims' devices to disable security solutions and take over the system. (BleepingComputer)


Wargaming an Effective Data Breach Playbook

A well-tuned data breach playbook can provide security teams with a clear roadmap for working through the breach response process. Foreseeing every possible twist and turn of a breach may be impossible, but through extensive wargaming, teams can simulate diverse situations to give them a proactive edge. (Help Net Security)


LockBit Ransomware Targets Apple Silicon Macs for the First Time

Security researchers discovered a new version of the LockBit ransomware which targets Apple's Mac computers for the first time.

As 9To5Mac reports, until now the LockBit ransomware has focused on infecting Windows and Linux machines, but a new build named "locker_Apple_M1_64" suggests macOS infections are imminent. According to MalwareHunterTeam, which discovered the new build, there are versions of the ransomware for PowerPC Macs, too. (PC Magazine)

Sign Up For Network Security News

Articles of interest from the week of July 20, 2020

Hacking Attacks on Hospitals for Patient Data Increase During Coronavirus Pandemic More than 80% of medical practices have been the victims of...

Read More
Articles of interest from the week of April 26, 2021

1 min read

Articles of interest from the week of April 26, 2021

Only 8% of Businesses That Paid a Ransom Got All of Their Data Back The average total cost of recovery from a ransomware attack has more than doubled...

Read More

Articles of interest from the week of May 13, 2019

Microsoft Patches ‘Wormable’ Flaw in Windows XP, 7 and Windows 2003 Microsoft yesterday took the unusual step of releasing security updates for...

Read More