Articles of interest from the week of July 22, 2024
Cybercriminals Exploit CrowdStrike Update Mishap to Distribute Remcos RAT Malware Cybersecurity firm CrowdStrike, which is facing the heat for...
24/7/365 Monitoring & Alerting
Compromise Assessments
Threat Hunting
Vulnerability Management
CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR®/RMF Pro)
ATO/RMF Support
If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.
Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.
At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.
2 min read
John Frasier : Aug 28, 2023 12:00:00 AM
Beginning on September 1, 2023, all federally insured credit unions must notify the NCUA as soon as possible, and no later than 72 hours, after the credit union reasonably believes it has experienced a reportable cyber incident or received a notification from a third party regarding a reportable cyber incident. (National Credit Union Administration)
"More entities are enforcing these types of reporting guidelines around breaches and it is very much an advantage for the clients of these companies or services. Without these types of reporting standards, it allows organizations to pick and choose what they report in an attempt to save face but also does not force them to review the procedures they have in place to ensure that they are able to identify a potential breach before it becomes an issue. Additionally, this can potentially bolster consumer protections as well as financial accountability.” – Craig Flynn, SOC Analyst Lead at Ingalls Information Security |
The FBI urged the immediate removal of previously hacked email security appliances made by Barracuda Networks in a Wednesday flash alert, injecting fresh urgency into the push to stymie what's been called the broadest Chinese cyber spying campaign in years. (GovInfoSecurity)
Yesterday, the Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA), Identification and Disruption of QakBot Infrastructure, to help organizations detect and protect against newly identified QakBot-related activity and malware. QakBot—also known as Qbot, Quackbot, Pinkslipbot, and TA570—is responsible for thousands of malware infections globally. (CISA)
Today, NIST is officially unveiling our new Cybersecurity Framework (CSF) 2.0 Reference Tool. This resource allows users to explore the Draft CSF 2.0 Core (Functions, Categories, Subcategories, Implementation Examples) and offers human and machine-readable versions of the draft Core (in both JSON and Excel formats). Currently, the tool allows users to view and export portions of the Core using key search terms. This tool will ultimately enable users to create their own version of the CSF 2.0 Core with selected Informative References and will provide a simple and streamlined way for users to explore different aspects of the CSF Core. (National Institute of Standards and Technology)
Today, the United Kingdom’s National Cyber Security Centre (NCSC-UK), the United States’ Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI), New Zealand’s National Cyber Security Centre (NCSC-NZ), Canadian Centre for Cyber Security (CCCS), and the Australian Signals Directorate (ASD) published a joint Malware Analysis Report (MAR), on Infamous Chisel a new mobile malware targeting Android devices with capabilities to enable unauthorized access to compromised devices, scan files, monitor traffic, and periodically steal sensitive information. Infamous Chisel mobile malware has been used in a malware campaign targeting Android devices in use by the Ukrainian military. (CISA)
Cybercriminals Exploit CrowdStrike Update Mishap to Distribute Remcos RAT Malware Cybersecurity firm CrowdStrike, which is facing the heat for...
U.S. Cybersecurity Agency Warns of Actively Exploited Adobe Acrobat Reader Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency...
China ‘Actively’ Targeting US Industrial Base, Warns CYBERCOM Chief “The People's Republic of China’s efforts to steal intellectual property, gain...