Articles of interest from the week of October 9, 2023
U.S. Cybersecurity Agency Warns of Actively Exploited Adobe Acrobat Reader Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency...
24/7/365 Monitoring & Alerting
Compromise Assessments
Threat Hunting
Vulnerability Management
CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR®/RMF Pro)
ATO/RMF Support
If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.
Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.
At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.
1 min read
John Frasier : Sep 11, 2023 12:00:00 AM
Google has rolled out a security update for a critical Chrome zero-day vulnerability (CVE-2023-4863) exploited in the wild. CVE-2023-4863 is a critical heap buffer overflow vulnerability in WebP, a raster graphics file format that replaces JPEG, PNG, and GIF file formats. Buffer overflows can lead to crashes, infinite loops, and can be used to execute arbitrary code. (Help Net Security)
![]() |
"Critical vulnerabilities require immediate attention in order to prevent harmful actions to your device or network. In the case of CVE-2023-4863, attackers can cause system disruptions and/or execute malicious code on vulnerable devices. Google has stated that this exploit has already been proven in the “wild”. Therefore, ensuring that the update is applied as soon as it is provided is highly recommended.” – Roman Weathermon, Tier 3 Cybersecurity Analyst at Ingalls Information Security |
Cisco is warning of a CVE-2023-20269 zero-day vulnerability in its Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) that is actively exploited by ransomware operations to gain initial access to corporate networks. (BleepingComputer)
A catastrophic breach of the United Kingdom electoral register affects tens of millions of residents following a cyberattack at the U.K. Electoral Commission. With data on more than 40 million voters accessed by unnamed hackers, the cyberattack is already one of the U.K.’s largest-ever hacks. (TechCrunch)
IBM's 2023 installment of their annual "Cost of a Breach" report has thrown up some interesting trends. Of course, breaches being costly is no longer news at this stage! What's interesting is the difference in how organizations respond to threats and which technologies are helping reduce the costs associated with every IT team's nightmare scenario. (The Hacker News)
Five critical bugs, zero-days exploited in the wild, Exchange Server, and more headline Microsoft's September 2023 Patch Tuesday release. Here's what to patch now. (Dark Reading)
U.S. Cybersecurity Agency Warns of Actively Exploited Adobe Acrobat Reader Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency...
Zero-Day Alert: Apple Releases Patches for Actively Exploited Flaws in iOS, macOS, and Safari Apple recently released a slew of updates for iOS,...
TikTok Fined 345 Million Euros Over Handling of Children’s Data in Europe TikTok has been fined 345 million euros ($370 million) for breaching...