Skip to the main content.
Under Attack? Login
Under Attack? Login
Managed Extended Detection & Response
Layered cybersecurity controls for effective risk management and rapid response.

24/7/365 Monitoring & Alerting
Compromise Assessments
Threat Hunting
Vulnerability Management

Book MXDR Demo

Government Programs
Integrated technology, solutions, and services that support rapid innovation within the DoD ecosystem.

CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR/RMF Pro)
ATO/RMF Support

Book GP Demo

Professional Services
Expertise in security strategy, incident response readiness, policy development, and risk assessments.

Risk Assessments
vCISO
Penetration Testing

Book ProServ Demo

Digital Forensics & Incident Response
Are You Under Attack?

If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.

CONTACT US

Resources

Subscribe-to-NetSec-News-v4Subscribe to NetSec News

Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.

SIGN UP

Company

Ingalls Information Security

At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.

Meet The Leadership Team

1 min read

Articles of interest from the week of July 3, 2023

Picture of John Frasier John Frasier Jul 6, 2023 9:28:15 AM

Network Security News Weekly

Zero-Day Alert: Apple Releases Patches for Actively Exploited Flaws in iOS, macOS, and Safari

Apple recently released a slew of updates for iOS, iPadOS, macOS, watchOS, and Safari browser to address a set of flaws it said were actively exploited in the wild. This includes a pair of zero-days that have been weaponized in a mobile surveillance campaign called Operation Triangulation which has been active since 2019. The exact threat actor behind the activity is not known. (The Hacker News)

NSN Email Template v4_Expert-Take
 

"A rise in Apple and Mobile vulnerabilities has been observed as of late, with spyware such as Pegasus serving as a prime example. Zero-click vulnerabilities pose a significant risk due to their ability to execute without user interaction. After discovering the vulnerability and crafting the exploit, a threat actor’s sole requirement is gaining possession of the victim’s phone number or email address that is associated with the vulnerable application. This makes it even more critical that we are mindful of security patches for mobile devices as soon as they are available.”

Craig Flynn, SOC Analyst Lead at Ingalls Information Security
 

 

Fileless Attacks Increase 1,400%

Aggregated honeypot data, over a six-month period, showed that more than 50% of the attacks focused on defense evasion. (Help Net Security)

 

High-Severity Flaws Fixed in Firefox 115 Update

Mozilla Foundation has released Firefox 115 to its stable channel. The update addresses several high-level vulnerabilities. One of them, CVE-2023-37201, involved a use-after-free issue in WebRTC certificate generation. “An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS,” Mozilla wrote. Another CVE-2023-37202 is a use-after-free vulnerability resulting from a compartment mismatch in SpiderMonkey (the JavaScript engine used by Firefox). (Infosecurity Magazine)

 

Why Cyberpsychology Is Such an Important Part of Effective Cybersecurity

Insight into how the human mind works can help combat the evils of social engineering, boosting the fight against phishing and other mind-manipulation techniques. (CSO)

 

75% of Consumers Prepared To Ditch Brands Hit by Ransomware

As 40% of consumers harbor skepticism regarding organizations’ data protection capabilities, 75% would shift to alternate companies following a ransomware attack, according to Object First.

Furthermore, consumers request increased data protection from vendors, with 55% favoring companies with comprehensive data protection measures such as reliable backup and recovery, password protection, and identity and access management strategies. (Help Net Security)

 
Sign Up For Network Security News