Skip to the main content.
Government Programs
Integrated technology, solutions, and services that support rapid innovation within the DoD ecosystem.

CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR®/RMF Pro)
ATO/RMF Support

Book GP Demo

Professional Services
Expertise in security strategy, incident response readiness, policy development, and risk assessments.

Risk Assessments
vCISO
Penetration Testing

Book ProServ Demo

Digital Forensics & Incident Response
Are You Under Attack?

If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.

CONTACT US

Subscribe-to-NetSec-News-v4Subscribe to NetSec News

Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.

SIGN UP

Ingalls Information Security

At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.

Meet The Leadership Team

1 min read

Articles of interest from the week of June 19, 2023

A Third MOVEit Vulnerability Fixed, Cl0p Lists Victim Organizations (CVE-2023-35708)

Yet another MOVEit Transfer vulnerability, CVE-2023-35708, was discovered this week, the third that the company has disclosed, alongside CVE-2023-34362 and CVE-2023-35036. CVE-2023-35708 is a vulnerability that could lead to escalated privileges and unauthorized access. (Help Net Security) 

NSN Email Template v4_Expert-Take
 

"Vulnerability management strategies and robust mitigation controls are crucial for businesses to implement to safeguard against flaws such as the MOVEit vulnerability. There will undoubtedly be more vulnerabilities similar to this one. These processes must allow swift action and effective communication between cybersecurity teams and the entire organization to minimize and mitigate the risks when these flaws are revealed."

Sean Scully, CTI Threat Hunter at Ingalls Information Security

 

 

Download the Highly Anticipated 2023 Verizon Data Breach Investigations Report (DBIR)

Keep your security plan up to date and help protect your organization—with access to in-depth analysis on recent cyber threats and data breaches. This year’s report includes data and insights from 5,199 confirmed breaches. (Verizon)

 

Russian National Arrested, Charged in US Over Role in LockBit Ransomware Attacks

The US Justice Department on Thursday announced charges against a third Russian national allegedly involved in deploying the LockBit ransomware.

The man, Ruslan Magomedovich Astamirov, 20, of Chechen Republic, Russia, who was arrested in Arizona, allegedly owned, controlled, and used multiple IP addresses, email addresses, and other online accounts to deploy the LockBit ransomware and communicate with victims. (SecurityWeek) 

 

ChatGPT Creates Mutating Malware That Evades Detection by EDR

A global sensation since its initial release at the end of last year, ChatGPT's popularity among consumers and IT professionals alike has stirred up cybersecurity nightmares about how it can be used to exploit system vulnerabilities. A key problem, cybersecurity experts have demonstrated, is the ability of ChatGPT and other large language models (LLMs) to generate polymorphic, or mutating, code to evade endpoint detection and response (EDR) systems. (CSO)

 

Millions of Oregon, Louisiana state IDs stolen in MOVEit breach 

Louisiana and Oregon warn that millions of driver's licenses were exposed in a data breach after a ransomware gang hacked their MOVEit Transfer security file transfer systems to steal stored data.

These attacks were conducted by the Clop ransomware operation, which began worldwide hacks of MOVEit Transfer servers on May 27th using a previously unknown, zero-day vulnerability tracked as CVE-2023-34362.

These attacks have led to widespread disclosures of data breaches worldwide, impacting companies, federal government agencies, and local state agencies. (BleepingComputer)

 

Sign Up For Network Security News
Articles of interest from the week of March 18, 2024

Articles of interest from the week of March 18, 2024

Over 15,000 Hacked Roku Accounts Sold for 50¢ Each To Buy Hardware Roku has disclosed a data breach impacting over 15,000 customers after hacked...

Read More
Articles of interest from the week of September 11, 2023

Articles of interest from the week of September 11, 2023

Chrome Zero-Day Exploited in the Wild, Patch Now! (CVE-2023-4863) Google has rolled out a security update for a critical Chrome zero-day...

Read More
Articles of interest from the week of January 1, 2024

Articles of interest from the week of January 1, 2024

Warning: Poorly Secured Linux SSH Servers Under Attack for Cryptocurrency Mining Poorly secured Linux SSH servers are being targeted by bad actors to...

Read More