Skip to the main content.
Government Programs
Integrated technology, solutions, and services that support rapid innovation within the DoD ecosystem.

CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR/RMF Pro)
ATO/RMF Support

Book GP Demo

Professional Services
Expertise in security strategy, incident response readiness, policy development, and risk assessments.

Risk Assessments
Penetration Testing

Book ProServ Demo

Digital Forensics & Incident Response
Are You Under Attack?

If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.


Subscribe-to-NetSec-News-v4Subscribe to NetSec News

Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.


Ingalls Information Security

At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.

Meet The Leadership Team

2 min read

Articles of interest from the week of February 19, 2024

Critical Exchange Server Flaw (CVE-2024-21410) Under Active Exploitation

Microsoft recently acknowledged that a newly disclosed critical security flaw in Exchange Server has been actively exploited in the wild, a day after it released fixes for the vulnerability as part of its Patch Tuesday updates. (The Hacker News)

NSN Email Template v4_Expert-Take

“Advanced Persistent Threat (APT) groups continue in their efforts to target vulnerabilities inherent in the on-premises Microsoft Exchange ecosystem. Although on-premises servers afford greater flexibility and control, transitioning to Office 365 offers numerous advantages. Office 365 provides secure authentication across all services, comprehensive threat intelligence, reduced dependency on manual intervention, seamlessly scalable cloud security infrastructure, and a continuous stream of innovative features. Despite these benefits, many large organizations with well-established IT teams may still favor the control offered by on-premises Exchange Servers. For such organizations, implementing a robust and proactive patch management policy is imperative to mitigate the risks posed by Microsoft Exchange Zero-Day Exploits..

Kenny Buller, Senior SOC Analyst/Tier III at Ingalls Information Security



WordPress Bricks Theme Under Active Attack: Critical Flaw Impacts 25,000+ Sites

A critical security flaw in the Bricks theme for WordPress is being actively exploited by threat actors to run arbitrary PHP code on susceptible installations. The flaw, tracked as CVE-2024-25600 (CVSS score: 9.8), enables unauthenticated attackers to achieve remote code execution. It impacts all versions of the Bricks up to and including 1.9.6. (The Hacker News)


Ubuntu ‘command-not-found’ Tool Can Be Abused To Spread Malware

A logic flaw between Ubuntu's 'command-not-found' package suggestion system and the snap package repository could enable attackers to promote malicious Linux packages to unsuspecting users. The problem arises from the utility's ability to suggest snap packages for installation when they are missing without a validation mechanism to ensure that packages are authentic and safe. (BleepingComputer)

AMD and Intel Patch Over 100 Vulnerabilities

Chipmakers AMD and Intel on Tuesday announced patches for a total of over 100 vulnerabilities, including 21 high-severity bugs leading to privilege escalation, code execution, or denial-of-service (DoS). (SecurityWeek)

ConnectWise ScreenConnect 23.9.8 Security Fix

Vulnerabilities were reported on February 13, 2024, through the ConnectWise vulnerability disclosure channel via the ConnectWise Trust Center. There is no evidence that these vulnerabilities have been exploited in the wild, but immediate action must be taken by on-premise partners to address these identified security risks. (ConnectWise)

Ivanti VPN Flaw Exploited to Inject Novel Backdoor; Hundreds Pwned

Threat actors continue to hammer the five security vulnerabilities that have been recently disclosed in Ivanti VPN appliances. This week, researchers said attackers are injecting a never-before-seen backdoor for persistent remote access within target networks — so far compromising 670+ IT infrastructures in a mass-exploitation campaign. (Dark Reading)


Juniper Support Portal Exposed Customer Device Info

The support website for networking equipment vendor Juniper Networks was recently exposing potentially sensitive information tied to customer products, including which devices customers bought, as well as each product’s warranty status, service contracts, and serial numbers. Juniper said it has since fixed the problem, and that the inadvertent data exposure stemmed from a recent upgrade to its support portal. (KrebsOnSecurity)


FBI, Police Partners Take Down Most Prolific Ransomware Gang to Date

International law enforcement agencies have arrested two members of the notorious ransomware gang LockBit and seized the group's web infrastructure as part of a wide-reaching takedown operation, officials said Monday. (Axios)


Chicago Children’s Hospital Confirms Cyberattack, Continues To Provide Care

Lurie Children’s Hospital confirmed recently its network had been accessed by a “known criminal threat actor,” more than a week after the Chicago-based provider was forced to take its computer systems offline. (Cybersecurity Dive)

Sign Up For Network Security News