Skip to the main content.
Under Attack? Login
Under Attack? Login
Managed Extended Detection & Response
Layered cybersecurity controls for effective risk management and rapid response.

24/7/365 Monitoring & Alerting
Compromise Assessments
Threat Hunting
Vulnerability Management

Book MXDR Demo

Government Programs
Integrated technology, solutions, and services that support rapid innovation within the DoD ecosystem.

CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR/RMF Pro)
ATO/RMF Support

Book GP Demo

Professional Services
Expertise in security strategy, incident response readiness, policy development, and risk assessments.

Risk Assessments
vCISO
Penetration Testing

Book ProServ Demo

Digital Forensics & Incident Response
Are You Under Attack?

If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.

CONTACT US

Resources

Subscribe-to-NetSec-News-v4Subscribe to NetSec News

Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.

SIGN UP

Company

Ingalls Information Security

At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.

Meet The Leadership Team

1 min read

Articles of interest from the week of July 17, 2023

Picture of John Frasier John Frasier Jul 20, 2023 9:49:30 AM

Network Security News Weekly

If You Don’t Already Have a Generative AI Security Policy, There’s No Time To Lose

Businesses are finding more and more compelling reasons to use generative AI, which is making the development of security-focused generative AI policies more critical than ever. (CSO)

NSN Email Template v4_Expert-Take
 

"There is so much opportunity for efficiency, creativity, and growth with the power of AI being accessible to anyone now. While there are many benefits of allowing employees to harness these opportunities, like with any new technology, it’s critically important for organizations to establish comprehensive security measures to manage the associated risks. As AI systems become more prevalent, accessible, and powerful, the risks associated with the potential misuse or malicious applications increase significantly. We’ve already seen reports of sensitive information being disclosed, and the privacy and confidentiality of data will continue to be a concern with the rising use of AI tools. To safeguard against potential threats, businesses and policymakers must prioritize the development and implementation of robust security policies for generative AI.”

Scotlyn Clark, Senior Cybersecurity Consultant at Ingalls Information Security
 

 

Microsoft Bug Allowed Hackers to Breach Over Two Dozen Organizations via Forged Azure AD Tokens

Microsoft on Friday said a validation error in its source code allowed for Azure Active Directory (Azure AD) tokens to be forged by a malicious actor known as Storm-0558 using a Microsoft account (MSA) consumer signing key to breach two dozen organizations. (The Hacker News)

 

Phishing Attacks Employing QR Codes Are Capturing User Credentials

Using a new twist to bypass detection from security solutions, cyber-attacks now employ QR codes that your users will not recognize as suspicious. (KnowBe4)

 

Microsoft 'Logging Tax' Hinders Incident Response, Experts Warn

A recent email compromise by Chinese APT group Storm-0558 highlights a lack of access to security logging by many Microsoft 365 license holders, prompting calls from researchers to abolish it. (DarkReading)

 

White House Launches Cybersecurity Implementation Plan

U.S. President Biden’s administration this week released the first iteration of the National Cybersecurity Strategy Implementation Plan, which was announced in March 2023. The plan aims to boost public and private cybersecurity resilience, take the fight to threat actors, beef up the defense of infrastructure and draw a clear national roadmap of cybersecurity responsibilities. (TechRepublic)

 
Sign Up For Network Security News