Articles of interest from the week of September 11, 2023
Chrome Zero-Day Exploited in the Wild, Patch Now! (CVE-2023-4863) Google has rolled out a security update for a critical Chrome zero-day...
24/7/365 Monitoring & Alerting
Compromise Assessments
Threat Hunting
Vulnerability Management
CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR®/RMF Pro)
ATO/RMF Support
If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.
Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.
At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.
2 min read
John Frasier : Mar 18, 2024 12:00:00 AM
Roku has disclosed a data breach impacting over 15,000 customers after hacked accounts were used to make fraudulent purchases of hardware and streaming subscriptions. (BleepingComputer)
“The reuse of username and password pairs continues to pose a significant security risk, as it provides threat actors with an easily exploitable advantage. It is likely that Roku account holders affected by breaches may also find other accounts compromised, owing to the likelihood these credentials were obtained from a prior breach and or leak. Unfortunately, credential-stuffing attacks are prevalent and are successful enough to remain so. Set aside time to review your accounts, at the minimum to ensure you still have sole control over them. You may be surprised how many still share logins and or do not have MFA enabled.” – Jessica Owens, Senior SOC Analyst at Ingalls Information Security |
The Cybersecurity and Infrastructure Security Agency (CISA) has taken two systems offline in response to a compromise by Ivanti, a security software company. The decision was made to mitigate potential risks posed by the breach. Ivanti confirmed the incident and stated that the compromise was limited to a single software package. CISA's action underscores the severity with which government agencies respond to cybersecurity threats, particularly in safeguarding critical infrastructure. (The Record)
A high-severity Kubernetes vulnerability tracked as CVE-2023-5528 can be exploited to execute arbitrary code on Windows endpoints. (SecurityWeek)
CVE-2024-48788, like many other recent Fortinet flaws, will likely be an attractive target, especially for nation-state-backed actors. (Dark Reading)
Stanford University says the personal information of 27,000 individuals was stolen in a ransomware attack impacting its Department of Public Safety (SUDPS) network. (BleepingComputer)
Microsoft says the Russian government-backed hacking team that broke into its corporate network and spied on senior executives also stole source code and may still be poking around its internal computer systems. (SecurityWeek)
Microsoft announced today that it would end support for Windows 10 21H2 in June when the Enterprise and Education editions reach the end of service. (BleepingComputer)
The China-linked threat actor known as Evasive Panda orchestrated both watering hole and supply chain attacks targeting Tibetan users at least since September 2023. The end goal of the attacks is to deliver malicious downloaders for Windows and macOS that deploy a known backdoor called MgBot and a previously undocumented Windows implant known as Nightdoor. (The Hacker News)
With the help of Interpol's cybercrime unit, Brazilian authorities recently made headway in combatting the infamous Grandoreiro banking Trojan operation with the arrest of five suspects allegedly associated with the group. (Dark Reading)
Chrome Zero-Day Exploited in the Wild, Patch Now! (CVE-2023-4863) Google has rolled out a security update for a critical Chrome zero-day...
Cybercriminals Exploit CrowdStrike Update Mishap to Distribute Remcos RAT Malware Cybersecurity firm CrowdStrike, which is facing the heat for...
A Third MOVEit Vulnerability Fixed, Cl0p Lists Victim Organizations (CVE-2023-35708) Yet another MOVEit Transfer vulnerability, CVE-2023-35708, was...