Skip to the main content.
Government Programs
Integrated technology, solutions, and services that support rapid innovation within the DoD ecosystem.

CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR®/RMF Pro)
ATO/RMF Support

Book GP Demo

Professional Services
Expertise in security strategy, incident response readiness, policy development, and risk assessments.

Risk Assessments
vCISO
Penetration Testing

Book ProServ Demo

Digital Forensics & Incident Response
Are You Under Attack?

If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.

CONTACT US

Subscribe-to-NetSec-News-v4Subscribe to NetSec News

Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.

SIGN UP

Ingalls Information Security

At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.

Meet The Leadership Team

2 min read

Articles of interest from the week of May 27, 2024

New ShrinkLocker Ransomware Uses BitLocker to Encrypt Your Files

A new ransomware strain called ShrinkLocker creates a new boot partition to encrypt corporate systems using Windows BitLocker.

ShrinkLocker, named so because it creates the boot volume by shrinking available non-boot partitions, has been used to target a government entity and companies in the vaccine and manufacturing sectors. (BleepingComputer)

NSN Email Template v4_Expert-Take
 

“ShrinkLocker brings new tricks, but if ransomware is the digital AK-47, then this is just a new barrel on an old rifle. Key takeaway? Securely store your BitLocker recovery keys. Also, preventing the deployment methods of ShrinkLocker is crucial to avoid the disaster this tool can unleash on your network.

Jason Ingalls, Founder at Ingalls Information Security

 

 

Google Patches Fourth Chrome Zero-Day in Two Weeks

Google recently rolled out a fresh Chrome update to address another exploited vulnerability in the popular web browser, the fourth zero-day to be patched in two weeks.

Tracked as CVE-2024-5274, the high-severity flaw is described as a type confusion in the V8 JavaScript and WebAssembly engine. (SecurityWeek) 

 

Critical Veeam Backup Enterprise Manager Flaw Allows Authentication Bypass

Users of Veeam Backup Enterprise Manager are being urged to update to the latest version following the discovery of a critical security flaw that could permit an adversary to bypass authentication protections.

Tracked as CVE-2024-29849 (CVSS score: 9.8), the vulnerability could allow an unauthenticated attacker to log in to the Veeam Backup Enterprise Manager web interface as any user. (The Hacker News) 

 

Android Banking Trojan Antidot Disguised as Google Play Update

A banking Trojan impacting Google Android devices, dubbed "Antidot" by the Cyble research team, has emerged, disguising itself as a Google Play update. (Dark Reading)

 

Why Your Wi-Fi Router Doubles as an Apple AirTag

Apple and the satellite-based broadband service Starlink each recently took steps to address new research into the potential security and privacy implications of how their services geo-locate devices. Researchers from the University of Maryland say they relied on publicly available data from Apple to track the location of billions of devices globally — including non-Apple devices like Starlink systems — and found they could use this data to monitor the destruction of Gaza, as well as the movements and in many cases identities of Russian and Ukrainian troops. (Krebs on Security)

 

Ransomware Gang Targets Windows Admins via PuTTy, WinSCP Malvertising

A ransomware operation targets Windows system administrators using Google ads to promote fake download sites for Putty and WinSCP.

WinSCP and Putty are popular Windows utilities, with WinSCP being an SFTP client and FTP client and Putty an SSH client. (BleepingComputer)

 

Critical Bug Allows DoS, RCE, Data Leaks in All Major Cloud Platforms

Researchers have discovered a severe memory corruption vulnerability inside of a cloud logging utility used across major cloud platforms.

The service, Fluent Bit, is an open-source tool for collecting, processing, and forwarding logs and other types of application data. It's one of the more popular pieces of software out there, with more than 3 billion downloads as of 2022, and a new 10 million or so deployments with each passing day. It's used by major organizations such as VMware, Cisco, Adobe, Walmart, and LinkedIn, and nearly every major cloud service provider, including AWS, Microsoft, and Google Cloud.
(Dark Reading)

 

US AI Experts Targeted in Cyberespionage Campaign Using SugarGh0st RAT

Threat actors use phishing techniques to obtain non-public information about generative artificial intelligence. 

Security researchers have warned about a new cyberespionage campaign that targets artificial intelligence experts working in private industry, government, and academia. The attackers, likely of Chinese origin, are using a remote access trojan (RAT) called SugarGh0st. (CSO)

 

CISA Warns of Hackers Exploiting Chrome, EoL D-Link Bugs

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added three security vulnerabilities to its 'Known Exploited Vulnerabilities' catalog, one impacting Google Chrome and two affecting some D-Link routers. (BleepingComputer)

Sign Up For Network Security News
Articles of interest from the week of October 28, 2024

Articles of interest from the week of October 28, 2024

Black Basta Ransomware Poses as IT Support on Microsoft Teams to Breach Networks The BlackBasta ransomware operation has moved its social engineering...

Read More
Articles of interest from the week of May 22, 2023

Articles of interest from the week of May 22, 2023

Inactive Accounts Pose Significant Account Takeover Security Risks Inactive and non-maintained accounts pose significant security risks to users and...

Read More
Articles of interest from the week of March 18, 2024

Articles of interest from the week of March 18, 2024

Over 15,000 Hacked Roku Accounts Sold for 50¢ Each To Buy Hardware Roku has disclosed a data breach impacting over 15,000 customers after hacked...

Read More