Skip to the main content.
Under Attack? Login
Under Attack? Login
Managed Extended Detection & Response
Layered cybersecurity controls for effective risk management and rapid response.

24/7/365 Monitoring & Alerting
Compromise Assessments
Threat Hunting
Vulnerability Management

Book MXDR Demo

Government Programs
Integrated technology, solutions, and services that support rapid innovation within the DoD ecosystem.

CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR/RMF Pro)
ATO/RMF Support

Book GP Demo

Professional Services
Expertise in security strategy, incident response readiness, policy development, and risk assessments.

Risk Assessments
vCISO
Penetration Testing

Book ProServ Demo

Digital Forensics & Incident Response
Are You Under Attack?

If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.

CONTACT US

Resources

Subscribe-to-NetSec-News-v4Subscribe to NetSec News

Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.

SIGN UP

Company

Ingalls Information Security

At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.

Meet The Leadership Team

1 min read

Articles of interest from the week of June 5, 2023

Picture of John Frasier John Frasier Jun 8, 2023 10:00:00 AM

Network Security News Weekly

Zero-Day Alert: Google Issues Patch for New Chrome Vulnerability - Update Now!

Google on Monday released security updates to patch a high-severity flaw in its Chrome web browser that it said is being actively exploited in the wild.

Tracked as CVE-2023-3079, the vulnerability has been described as a type confusion bug in the V8 JavaScript engine. "Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page," according to the NIST's National Vulnerability Database (NVD). (The Hacker News) 

NSN Email Template v4_Expert-Take
 

"This is a serious vulnerability that affects a widely used Web browser. It allows bad actors to essentially run whatever they want to on a victim's computer, so if you use Chrome, make sure it gets patched ASAP."

Jason Ingalls, Founder & CEO at Ingalls Information Security
 

 

Microsoft Outlook Down After Reported Hack

Microsoft Outlook was down for thousands of American users Monday after pro-Russian hacktivist group Anonymous Sudan claims to have started a new campaign dedicated to targeting US companies and infrastructure. (Cybernews)

 

CISA Orders Govt Agencies To Patch MOVEit Bug Used for Data Theft

CISA has added an actively exploited security bug in the Progress MOVEit Transfer managed file transfer (MFT) solution to its list of known exploited vulnerabilities, ordering U.S. federal agencies to patch their systems by June 23.

The critical flaw (tracked as CVE-2023-34362) is an SQL injection vulnerability that enables unauthenticated, remote attackers to gain access to MOVEit Transfer's database and execute arbitrary code. (BleepingComputer) 

 

0mega Ransomware Gang Changes Tactics

A number of ransomware gangs have stopped using malware to encrypt targets’ files and have switched to a data theft/extortion approach to get paid; 0mega – a low-profile and seemingly not very active threat actor – seems to be among them. (Help Net Security)

 

Over 60,000 Android Apps Infected With Adware-Pushing Malware

While currently used to push adware, the campaign can redirect users to other types of malware, such as banking trojans to steal credentials and financial information or ransomware. (CSO)

 
Sign Up For Network Security News