Skip to the main content.
Government Programs
Integrated technology, solutions, and services that support rapid innovation within the DoD ecosystem.

CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR®/RMF Pro)
ATO/RMF Support

Book GP Demo

Professional Services
Expertise in security strategy, incident response readiness, policy development, and risk assessments.

Risk Assessments
vCISO
Penetration Testing

Book ProServ Demo

Digital Forensics & Incident Response
Are You Under Attack?

If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.

CONTACT US

Subscribe-to-NetSec-News-v4Subscribe to NetSec News

Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.

SIGN UP

Ingalls Information Security

At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.

Meet The Leadership Team

2 min read

Articles of interest from the week of February 5, 2024

AnyDesk Hacked: Popular Remote Desktop Software Mandates Password Reset

AnyDesk confirmed last week that it suffered a recent cyberattack that allowed hackers to gain access to the company's production systems. It has been reported that source code and private code signing keys were stolen during the attack. (The Hacker News)

NSN Email Template v4_Expert-Take
 

“AnyDesk is a very popular and legitimate RMM tool that is commonly used by threat actors to establish persistence and perform nefarious activity. It should be concerning that credentials were obtained maliciously in that it poses a significant risk for entities that utilize AnyDesk on a daily basis. Using pre-existing AnyDesk instances creates less noise on a victim’s network and allows threat actors to covertly perform activities that may go unnoticed. In these situations, it is critical to follow the published recommendations such as performing updates/upgrades and forcing a password reset, as well as enforcing MFA for all users..

Roman Weathermon, Tier 3 Cybersecurity Analyst at Ingalls Information Security

 

 

Mother of All Breaches Reveals 26 Billion Records: What We Know So Far

The supermassive leak contains data from numerous previous breaches, comprising an astounding 12 terabytes of information, spanning over a mind-boggling 26 billion records. The leak, which contains LinkedIn, Twitter, Weibo, Tencent, and other platforms’ user data, is almost certainly the largest ever discovered. (Cybernews)

 

Financial Worker Attends Company Meeting With AI Deepfakes of Senior ‘Colleagues’ and Is Duped Into Transferring the Scammers $26 Million

A finance employee at an unnamed major multinational corporation has been fooled into transferring $200 million Hong Kong dollars (around $25.6 million) to scammers using deepfake technology to impersonate his colleagues. The AI-created simulacra of the man's fellow workers included a deepfake of the company's Chief Financial Officer (CFO), and Hong Kong police say the scam took place via a video conference call (as reported by CNN). (PC Gamer)


URGENT: Upgrade GitLab - Critical Workspace Creation Flaw Allows File Overwrite

GitLab once again released fixes to address a critical security flaw in its Community Edition (CE) and Enterprise Edition (EE) that could be exploited to write arbitrary files while creating a workspace. Tracked as CVE-2024-0402, the vulnerability has a CVSS score of 9.9 out of a maximum of 10. (The Hacker News)


TeamViewer Exploited to Obtain Remote Access, Deploy Ransomware

The cybersecurity researchers at Huntress have issued a warning about a recent surge in cyber attacks, highlighting a new strategy employed by cybercriminals who are exploiting TeamViewer to deploy LockBit ransomware. (Hackread)


Hackers Use New 3AM Ransomware To Save Failed LockBit Attack

A new ransomware strain called 3AM has been uncovered after a threat actor used it in an attack that failed to deploy LockBit ransomware on a target network. Researchers say in a report that the new malware “has only been used in a limited fashion” and it was a ransomware affiliate’s fallback when defense mechanisms blocked LockBit. (BleepingComputer)

 

Cisco Patches Critical Vulnerability in Unified Communications Products

Cisco Unified Communications customers are urged to patch this high-severity vulnerability or mitigate its risk. Cisco fixed a critical flaw this week that affects multiple Unified Communications and Contact Center Solutions products and could be exploited remotely by unauthenticated attackers to execute arbitrary code on impacted devices. Medium severity vulnerabilities have also been patched in Cisco Small Business Series Switches and Cisco Unity Connection. (CSO)

 

CISA Warns of Active Exploitation Apple iOS and macOS Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw impacting iOS, iPadOS, macOS, tvOS, and watchOS to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. (The Hacker News)

 

NSA Is Buying Americans’ Internet Browsing Records Without a Warrant

The U.S. National Security Agency is buying vast amounts of commercially available web browsing data on Americans without a warrant, according to the agency’s outgoing director. (TechCrunch)

Sign Up For Network Security News
Articles of interest from the week of April 1, 2024

Articles of interest from the week of April 1, 2024

AT&T Notifies Users of Data Breach and Resets Millions of Passcodes The telecommunications giant said Saturday that a dataset found on the “dark web”...

Read More
Articles of interest from the week of May 13, 2024

Articles of interest from the week of May 13, 2024

FIN7 Hacker Group Leverages Malicious Google Ads to Deliver NetSupport RAT The financially motivated threat actor known as FIN7 has been observed...

Read More
Articles of interest from the week of October 28, 2024

Articles of interest from the week of October 28, 2024

Black Basta Ransomware Poses as IT Support on Microsoft Teams to Breach Networks The BlackBasta ransomware operation has moved its social engineering...

Read More