Skip to the main content.
Government Programs

Integrated technology, solutions, and services that support rapid innovation within the DoD ecosystem.

Book GP Demo

Professional Services

Expertise in security strategy, incident response readiness, policy development, and risk assessments.

Book ProServ Demo

Digital Forensics & Incident Response
Are You Under Attack?

If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.


Subscribe-to-NetSec-News-v4Subscribe to NetSec News

Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.


Ingalls Information Security

At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.

Meet The Leadership Team

2 min read

Articles of interest from the week of October 9, 2023

U.S. Cybersecurity Agency Warns of Actively Exploited Adobe Acrobat Reader Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a high-severity flaw in Adobe Acrobat Reader to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.

Tracked as CVE-2023-21608 (CVSS score: 7.8), the vulnerability has been described as a use-after-free bug that can be exploited to achieve remote code execution (RCE) with the privileges of the current user. (The Hacker News)

NSN Email Template v4_Expert-Take

Adobe Acrobat, being a widely used PDF management software solution, has faced vulnerabilities seemingly since its inception. Historically, many allow for code execution, attracting the attention of both cybersecurity researchers and malicious actors alike, as is evident by a quick search through exploit-db. Adobe has actively addressed these continual concerns with patches and updates. However, given Acrobat's extensive usage, it remains a prime target. This once again highlights the importance of regular software updates, vigilant security practices, and overall defense in depth to safeguard against the exploitation of vulnerabilities.

Jessica Owens, Tier 1 SOC Analyst at Ingalls Information Security



Dallas Says Royal Ransomware Breached Its Network Using Stolen Account

The City of Dallas, Texas, said that the Royal ransomware attack that forced it to shut down all IT systems in May started with a stolen account.

Royal gained access to the City's network using a stolen domain service account in early April and maintained access to the compromised systems between April 7 and May 4. (BleepingComputer)


Internet-Wide Zero-Day Bug Fuels Largest-Ever DDoS Event

An Internet-wide security vulnerability is at the root of a zero-day attack dubbed "HTTP/2 Rapid Reset," which resulted in a distributed denial-of-service (DDoS) flood that was orders of magnitude larger than any previous attack ever recorded. It marks a new chapter in the evolution of DDoS threats, researchers noted. (Dark Reading)


One Out of Five Organizations Must Improve Their Security Posture to be Eligible for Cyber Insurance

As insurers become more educated on what a “secure organization” looks like, they are tightening their requirements which puts the onus on organizations to be more secure. (KnowBe4)


New ZeroFont Phishing Tricks Outlook Into Showing Fake AV-Scans

Hackers are utilizing a new trick of using zero-point fonts in emails to make malicious emails appear as safely scanned by security tools in Microsoft Outlook. Although the ZeroFont phishing technique has been used in the past, this is the first time it has been documented as used in this way. (BleepingComputer)


Patch Tuesday, October 2023 Edition

On Tuesday Microsoft issued security updates for more than 100 newly discovered vulnerabilities in its Windows operating system and related software, including four flaws that are already being exploited. In addition, Apple recently released emergency updates to quash a pair of zero-day bugs in iOS. (Krebs on Security)

Sign Up For Network Security News