Skip to the main content.
Under Attack? Login
Under Attack? Login
Managed Extended Detection & Response
Layered cybersecurity controls for effective risk management and rapid response.

24/7/365 Monitoring & Alerting
Compromise Assessments
Threat Hunting
Vulnerability Management

Book MXDR Demo

Government Programs
Integrated technology, solutions, and services that support rapid innovation within the DoD ecosystem.

CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR/RMF Pro)
ATO/RMF Support

Book GP Demo

Professional Services
Expertise in security strategy, incident response readiness, policy development, and risk assessments.

Risk Assessments
vCISO
Penetration Testing

Book ProServ Demo

Digital Forensics & Incident Response
Are You Under Attack?

If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.

CONTACT US

Resources

Subscribe-to-NetSec-News-v4Subscribe to NetSec News

Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.

SIGN UP

Company

Ingalls Information Security

At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.

Meet The Leadership Team

1 min read

Articles of interest from the week of December 11, 2023

Picture of John Frasier John Frasier Dec 14, 2023 10:30:00 AM

Network Security News Weekly

23andMe: Data Breach Was a Credential-Stuffing Attack

DNA testing company 23andMe has released further details surrounding an October data breach, where user profile information had been accessed and downloaded at the hands of a threat actor. (Dark Reading)

NSN Email Template v4_Expert-Take
 

“This is a reminder to read the fine print. The 23andMe terms of service (ToS) limits their liability on the very scientific data that is the blueprint to your identity.

Connie Hernandez, Contract Manager at Ingalls Information Security
 

 

New Bluetooth Flaw Let Hackers Take Over Android, Linux, macOS, and iOS Devices

A critical Bluetooth security flaw could be exploited by threat actors to take control of Android, Linux, macOS, and iOS devices. Tracked as CVE-2023-45866, the issue relates to a case of authentication bypass that enables attackers to connect to susceptible devices and inject keystrokes to achieve code execution as the victim. (The Hacker News)

 

AutoSpill Attack Steals Credentials From Android Password Managers

Security researchers developed a new attack, which they named AutoSpill, to steal account credentials on Android during the autofill operation. In a presentation at the Black Hat Europe security conference, researchers from the International Institute of Information Technology (IIIT) at Hyderabad said that their tests showed that most password managers for Android are vulnerable to AutoSpill, even if there is no JavaScript injection. (BleepingComputer)

 

Cyberattack on Irish Utility Cuts Off Water Supply for Two Days

The cyberattack was reported by a local newspaper, Western People, and technical details are murky. The attack targeted a private group water scheme in the Erris area, and reportedly impacted 180 people in Binghamstown and Drum, leaving them without water on Thursday and Friday. (SecurityWeek)

 

Microsoft Warns of Malvertising Scheme Spreading CACTUS Ransomware

Microsoft has warned of a new wave of CACTUS ransomware attacks that leverage malvertising lures to deploy DanaBot as an initial access vector. (The Hacker News)
Sign Up For Network Security News