Skip to the main content.
Government Programs
Integrated technology, solutions, and services that support rapid innovation within the DoD ecosystem.

CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR/RMF Pro)
ATO/RMF Support

Book GP Demo

Professional Services
Expertise in security strategy, incident response readiness, policy development, and risk assessments.

Risk Assessments
Penetration Testing

Book ProServ Demo

Digital Forensics & Incident Response
Are You Under Attack?

If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.


Subscribe-to-NetSec-News-v4Subscribe to NetSec News

Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.


Ingalls Information Security

At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.

Meet The Leadership Team

2 min read

Articles of interest from the week of January 1, 2024

Warning: Poorly Secured Linux SSH Servers Under Attack for Cryptocurrency Mining

Poorly secured Linux SSH servers are being targeted by bad actors to install port scanners and dictionary attack tools with the goal of targeting other vulnerable servers and co-opting them into a network to carry out cryptocurrency mining and distributed denial-of-service (DDoS) attacks.

"Threat actors can also choose to install only scanners and sell the breached IP and account credentials on the dark web," the source said on Tuesday. (The Hacker News)

NSN Email Template v4_Expert-Take

“These incidents illustrate how basic attacks can exploit weak authentication methods resulting in malware or ransomware being deployed on servers and systems. Servers with port 22 exposed should not be vulnerable to a brute-force dictionary attack due to weak password security, especially in today’s threat landscape. Additionally, enabling and enforcing Multi-Factor Authentication (MFA) on endpoints and servers is crucial to offer an additional layer of defense against such attacks. The enforcement of fundamental security measures is essential to thwart these types of low-complexity attacks from succeeding.

Sean Scully, CTI Threat Hunter at Ingalls Information Security



Comcast Faces Lawsuits over Breach of 36M Accounts

Comcast already faces at least two class action lawsuits over a massive data breach that exposed nearly 36 million U.S. Xfinity accounts after cyber attackers broke into its systems in mid-October, 2023, by exploiting a vulnerability in Citrix software. (MSSP Alert)


New Terrapin Flaw Could Let Attackers Downgrade SSH Protocol Security

Security researchers have discovered a vulnerability in the Secure Shell (SSH) cryptographic network protocol that could allow an attacker to downgrade the connection's security by breaking the integrity of the secure channel. (The Hacker News)

CISA Releases Microsoft 365 Secure Configuration Baselines and SCuBAGear Tool

CISA has published the finalized Microsoft 365 Secure Configuration Baselines, designed to bolster the security and resilience of organizations’ Microsoft 365 (M365) cloud services. This guidance release is accompanied by the updated SCuBAGear tool that assesses organizations’ M365 cloud services per CISA’s recommended baselines. (CISA)

First American Takes IT Systems Offline After Cyberattack

First American Financial Corporation, the second-largest title insurance company in the United States, has proactively taken offline certain systems to mitigate the impact of a cyberattack.

The company has recently encountered a cybersecurity incident, as mentioned in a statement released on a dedicated website addressing the cyberattack. Consequently, its official website was temporarily taken offline before the publication of this article. (BleepingComputer)

Cybersecurity Maturity Model Certification (CMMC) Program Proposed Rule Published

The Department of Defense publishes for a 60-day comment period a proposed rule for the Cybersecurity Maturity Model Certification (CMMC) program at

CMMC is designed to ensure that defense contractors and subcontractors are compliant with existing information protection requirements for federal contract information (FCI) and controlled unclassified information (CUI) and are protecting that sensitive unclassified information at a level commensurate with the risk from cybersecurity threats, including advanced persistent threats. (Department of Defense)


Urgent: New Chrome Zero-Day Vulnerability Exploited in the Wild - Update ASAP

Google has rolled out security updates for the Chrome web browser to address a high-severity zero-day flaw that it said has been exploited in the wild.

The vulnerability assigned the CVE identifier CVE-2023-7024, has been described as a heap-based buffer overflow bug in the WebRTC framework that could be exploited to result in program crashes or arbitrary code execution. (The Hacker News)

Sign Up For Network Security News
Articles of interest from the week of May 22, 2023

Articles of interest from the week of May 22, 2023

Inactive Accounts Pose Significant Account Takeover Security Risks Inactive and non-maintained accounts pose significant security risks to users and...

Read More
Articles of interest from the week of February 19, 2024

Articles of interest from the week of February 19, 2024

Critical Exchange Server Flaw (CVE-2024-21410) Under Active Exploitation Microsoft recently acknowledged that a newly disclosed critical security...

Read More
Articles of interest from the week of June 19, 2023

Articles of interest from the week of June 19, 2023

A Third MOVEit Vulnerability Fixed, Cl0p Lists Victim Organizations (CVE-2023-35708) Yet another MOVEit Transfer vulnerability, CVE-2023-35708, was...

Read More