Articles of interest from the week of May 16, 2022
VMware Issues Critical Fixes, CISA Orders Federal Agencies To Act Immediately (CVE-2022-22972) The U.S. Cybersecurity and Infrastructure Agency...
24/7/365 Monitoring & Alerting
Compromise Assessments
Threat Hunting
Vulnerability Management
CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR®/RMF Pro)
ATO/RMF Support
If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.
Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.
At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.
A new ransomware operation called Cactus has been exploiting vulnerabilities in VPN appliances for initial access to networks of “large commercial entities.”
The Cactus ransomware operation has been active since at least March and is looking for big payouts from its victims. (BleepingComputer)
“Threat actors’ tools and tactics are constantly advancing and evolving. To effectively combat these new threats, a layered defense approach that collectively monitors for and detects anomalous behavior then leverages human-in-the-loop root-cause analysis becomes imperative. By combining automated monitoring via an advanced tool stack with highly trained human expertise, we are able to provide a cybersecurity overwatch service that detects and mitigates potential threats, safeguarding organizations’ valuable data and resources.” – Kris Brochhausen, SOC Deputy Director at Ingalls Information Security |
Threat actors are advertising a new information stealer for the Apple macOS operating system called Atomic macOS Stealer (or AMOS) on Telegram for $1,000 per month, joining the likes of MacStealer.
"The Atomic macOS Stealer can steal various types of information from the victim's machine, including Keychain passwords, complete system information, files from the desktop and documents folder, and even the macOS password," Cyble researchers said in a technical report. (The Hacker News)
The release of GPT-4 back in March has changed enterprise security forever. While hackers have the ability to jailbreak these tools and generate malicious code, security teams vendors have also begun experimenting with generative AI’s detection capabilities. However, one security researcher has quietly developed an innovative new use case for ChatGPT: deception. (VentureBeat)
For May 2023 Patch Tuesday, Microsoft has delivered fixes for 38 CVE-numbered vulnerabilities, including a patch for a Windows bug (CVE-2023-29336) and a Secure Boot bypass flaw (CVE-2023-24932) exploited by attackers in the wild. (Help Net Security)
The U.S. Federal Bureau of Investigation (FBI) this week seized 13 domain names connected to “booter” services that let paying customers launch crippling distributed denial-of-service (DDoS) attacks. Ten of the domains are reincarnations of DDoS-for-hire services the FBI seized in December 2022, when it charged six U.S. men with computer crimes for allegedly operating booters. (Krebs on Security)
Sysco, the global food distribution giant, disclosed a data breach, the compromised data includes customer and employee data. (Security Affairs)
VMware Issues Critical Fixes, CISA Orders Federal Agencies To Act Immediately (CVE-2022-22972) The U.S. Cybersecurity and Infrastructure Agency...
Chrome Zero-Day Exploited in the Wild, Patch Now! (CVE-2023-4863) Google has rolled out a security update for a critical Chrome zero-day...
Board Members Aren’t Taking Cybersecurity As Seriously as They Should A recent study reveals systemic challenges with security integration into...