Articles of interest from the week of October 14, 2024
Chinese Researchers Break RSA Encryption With a Quantum Computer The research team, led by Wang Chao from Shanghai University, found that D-Wave’s...
24/7/365 Monitoring & Alerting
Compromise Assessments
Threat Hunting
Vulnerability Management
CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR®/RMF Pro)
ATO/RMF Support
If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.
Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.
At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.
2 min read
John Frasier : Jan 1, 2024 12:00:00 AM
Poorly secured Linux SSH servers are being targeted by bad actors to install port scanners and dictionary attack tools with the goal of targeting other vulnerable servers and co-opting them into a network to carry out cryptocurrency mining and distributed denial-of-service (DDoS) attacks.
"Threat actors can also choose to install only scanners and sell the breached IP and account credentials on the dark web," the source said on Tuesday. (The Hacker News)
“These incidents illustrate how basic attacks can exploit weak authentication methods resulting in malware or ransomware being deployed on servers and systems. Servers with port 22 exposed should not be vulnerable to a brute-force dictionary attack due to weak password security, especially in today’s threat landscape. Additionally, enabling and enforcing Multi-Factor Authentication (MFA) on endpoints and servers is crucial to offer an additional layer of defense against such attacks. The enforcement of fundamental security measures is essential to thwart these types of low-complexity attacks from succeeding.” – Sean Scully, CTI Threat Hunter at Ingalls Information Security |
Comcast already faces at least two class action lawsuits over a massive data breach that exposed nearly 36 million U.S. Xfinity accounts after cyber attackers broke into its systems in mid-October, 2023, by exploiting a vulnerability in Citrix software. (MSSP Alert)
Security researchers have discovered a vulnerability in the Secure Shell (SSH) cryptographic network protocol that could allow an attacker to downgrade the connection's security by breaking the integrity of the secure channel. (The Hacker News)
CISA has published the finalized Microsoft 365 Secure Configuration Baselines, designed to bolster the security and resilience of organizations’ Microsoft 365 (M365) cloud services. This guidance release is accompanied by the updated SCuBAGear tool that assesses organizations’ M365 cloud services per CISA’s recommended baselines. (CISA)
First American Financial Corporation, the second-largest title insurance company in the United States, has proactively taken offline certain systems to mitigate the impact of a cyberattack.
The company has recently encountered a cybersecurity incident, as mentioned in a statement released on a dedicated website addressing the cyberattack. Consequently, its official website was temporarily taken offline before the publication of this article. (BleepingComputer)
The Department of Defense publishes for a 60-day comment period a proposed rule for the Cybersecurity Maturity Model Certification (CMMC) program at https://www.regulations.gov/docket/DOD-2023-OS-0063.
CMMC is designed to ensure that defense contractors and subcontractors are compliant with existing information protection requirements for federal contract information (FCI) and controlled unclassified information (CUI) and are protecting that sensitive unclassified information at a level commensurate with the risk from cybersecurity threats, including advanced persistent threats. (Department of Defense)
Google has rolled out security updates for the Chrome web browser to address a high-severity zero-day flaw that it said has been exploited in the wild.
The vulnerability assigned the CVE identifier CVE-2023-7024, has been described as a heap-based buffer overflow bug in the WebRTC framework that could be exploited to result in program crashes or arbitrary code execution. (The Hacker News)
Chinese Researchers Break RSA Encryption With a Quantum Computer The research team, led by Wang Chao from Shanghai University, found that D-Wave’s...
Phishing Emails Increasingly Use SVG Attachments To Evade Detection Phishing attacks are becoming increasingly deceptive as cybercriminals exploit...
Oh, the Humanity! How to Make Humans Part of Cybersecurity Design What if the missing piece in cybersecurity isn’t a new tool, but people? A new...