Articles of interest from the week of September 2, 2024
'Voldemort' Malware Curses Orgs Using Global Tax Authorities The global malware campaign (that must not be named?) is targeting organizations by...
24/7/365 Monitoring & Alerting
Compromise Assessments
Threat Hunting
Vulnerability Management
CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR/RMF Pro)
ATO/RMF Support
If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.
Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.
At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.
1 min read
John Frasier : Jun 19, 2023 12:00:00 AM
Yet another MOVEit Transfer vulnerability, CVE-2023-35708, was discovered this week, the third that the company has disclosed, alongside CVE-2023-34362 and CVE-2023-35036. CVE-2023-35708 is a vulnerability that could lead to escalated privileges and unauthorized access. (Help Net Security)
"Vulnerability management strategies and robust mitigation controls are crucial for businesses to implement to safeguard against flaws such as the MOVEit vulnerability. There will undoubtedly be more vulnerabilities similar to this one. These processes must allow swift action and effective communication between cybersecurity teams and the entire organization to minimize and mitigate the risks when these flaws are revealed." – Sean Scully, CTI Threat Hunter at Ingalls Information Security |
Keep your security plan up to date and help protect your organization—with access to in-depth analysis on recent cyber threats and data breaches. This year’s report includes data and insights from 5,199 confirmed breaches. (Verizon)
The US Justice Department on Thursday announced charges against a third Russian national allegedly involved in deploying the LockBit ransomware.
The man, Ruslan Magomedovich Astamirov, 20, of Chechen Republic, Russia, who was arrested in Arizona, allegedly owned, controlled, and used multiple IP addresses, email addresses, and other online accounts to deploy the LockBit ransomware and communicate with victims. (SecurityWeek)
A global sensation since its initial release at the end of last year, ChatGPT's popularity among consumers and IT professionals alike has stirred up cybersecurity nightmares about how it can be used to exploit system vulnerabilities. A key problem, cybersecurity experts have demonstrated, is the ability of ChatGPT and other large language models (LLMs) to generate polymorphic, or mutating, code to evade endpoint detection and response (EDR) systems. (CSO)
Louisiana and Oregon warn that millions of driver's licenses were exposed in a data breach after a ransomware gang hacked their MOVEit Transfer security file transfer systems to steal stored data.
These attacks were conducted by the Clop ransomware operation, which began worldwide hacks of MOVEit Transfer servers on May 27th using a previously unknown, zero-day vulnerability tracked as CVE-2023-34362.
These attacks have led to widespread disclosures of data breaches worldwide, impacting companies, federal government agencies, and local state agencies. (BleepingComputer)
'Voldemort' Malware Curses Orgs Using Global Tax Authorities The global malware campaign (that must not be named?) is targeting organizations by...
Zero-Day Alert: Google Issues Patch for New Chrome Vulnerability - Update Now! Google on Monday released security updates to patch a high-severity...
U.S. Cybersecurity Agency Warns of Actively Exploited Adobe Acrobat Reader Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency...