Articles of interest from the week of October 28, 2024
Black Basta Ransomware Poses as IT Support on Microsoft Teams to Breach Networks The BlackBasta ransomware operation has moved its social engineering...
24/7/365 Monitoring & Alerting
Compromise Assessments
Threat Hunting
Vulnerability Management
CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR®/RMF Pro)
ATO/RMF Support
If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.
Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.
At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.
1 min read
John Frasier : Nov 27, 2023 12:00:00 AM
An unknown threat actor has been observed publishing typosquat packages to the Python Package Index (PyPI) repository for nearly six months with an aim to deliver malware capable of gaining persistence, stealing sensitive data, and accessing cryptocurrency wallets for financial gain. (The Hacker News)
A recently identified dropper-as-a-service (DaaS) uses a novel technique to bypass Android’s security restrictions for payload delivery, online fraud detection firm reports. (SecurityWeek)
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint Cybersecurity Advisory (CSA), Rhysida Ransomware, to disseminate known Rhysida ransomware indicators of compromise (IOCs), detection methods, and tactics, techniques, and procedures (TTPs) identified through investigations as recently as September 2023. (CISA)
Moving to clamp down on the growing scourge of SIM-swapping and port-out fraud, the Federal Communications Commission (FCC) has unveiled new rules mandating telcos to give consumers greater control of their mobile phone accounts. (SecurityWeek)
Google has rolled out security updates to fix seven security issues in its Chrome browser, including a zero-day that has come under active exploitation in the wild.
Tracked as CVE-2023-6345, the high-severity vulnerability has been described as an integer overflow bug in Skia, an open source 2D graphics library. (The Hacker News)
Black Basta Ransomware Poses as IT Support on Microsoft Teams to Breach Networks The BlackBasta ransomware operation has moved its social engineering...
IRS, Security Summit Partners Warn of Surge in “New Client” Scams Aimed at Tax Pros As 2024 Filing Season Approaches The Internal Revenue Service and...
Phishing Emails Increasingly Use SVG Attachments To Evade Detection Phishing attacks are becoming increasingly deceptive as cybercriminals exploit...