Articles of interest from the week of December 2, 2024
Phishing Emails Increasingly Use SVG Attachments To Evade Detection Phishing attacks are becoming increasingly deceptive as cybercriminals exploit...
24/7/365 Monitoring & Alerting
Compromise Assessments
Threat Hunting
Vulnerability Management
CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR®/RMF Pro)
ATO/RMF Support
If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.
Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.
At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.
2 min read
John Frasier : Aug 8, 2024 10:51:50 AM
An unknown threat actor has been linked to a massive scam campaign that exploited an email routing misconfiguration in email security vendor Proofpoint's defenses to send millions of messages spoofing various popular companies like Best Buy, IBM, Nike, and Walt Disney, as well as others. (The Hacker News)
“A critical vulnerability was recently uncovered in Proofpoint's email routing settings that was leveraged in a phishing campaign called "EchoSpoofing." This vulnerability enabled attackers to send millions of spoofed emails that seemed to originate from reputable brands like Disney, IBM, and Coca-Cola, utilizing Proofpoint's email relays and Virtual Private Servers. Thankfully, Proofpoint addressed the flaw in March 2024. – Tadeh Anbarchian, SOC Analyst II at Ingalls Information Security |
CrowdStrike is being sued by its shareholders after a faulty software update by the cybersecurity firm crashed more than eight million computers and caused chaos around the world. (BBC)
The Hunters International ransomware group is targeting IT workers with a new C# remote access trojan (RAT) called SharpRhino to breach corporate networks. (BleepingComputer)
DigiCert, a major certificate authority, to revoke thousands of SSL/TLS certificates because of a Domain Control Verification error. This could affect a lot of websites. (Cyber Security News)
A now-patched security flaw in the Microsoft Defender SmartScreen has been exploited as part of a new campaign designed to deliver information stealers such as ACR Stealer, Lumma, and Meduza. A security services platform said it detected the stealer campaign targeting Spain, Thailand, and the U.S. using booby-trapped files that exploit CVE-2024-21412 (CVSS score: 8.1). (The Hacker News)
Several European countries are betting on open-source software. In the United States, eh, not so much. In the latest news from across the Atlantic, Switzerland has taken a major step forward with its "Federal Law on the Use of Electronic Means for the Fulfillment of Government Tasks" (EMBAG). This groundbreaking legislation mandates releasing open-source software (OSS) of the Federal government. (ZDNet)
A recently discovered vulnerability in Microsoft’s Windows Hello for Business (WHfB) authentication system allowed attackers to bypass the supposedly phishing-resistant login method, raising concerns about the security of this widely adopted passwordless solution. (Cyber Security News)
Meta Platforms on Wednesday said it took steps to remove around 63,000 Instagram accounts in Nigeria that were found to target people with financial sextortion scams. (The Hacker News)
GitLab has released new Community Edition (CE) and Enterprise Edition (EE) versions to address multiple vulnerabilities. Among these, a high-severity cross-site scripting (XSS) vulnerability has garnered particular attention due to its potential to allow attackers to execute arbitrary code, (Cyber Security News)
Following three separate data breaches between 2021 and 2023 which exposed the proprietary information (PI) of TracFone Wireless customers, the Federal Communications Commission (FCC) announced that the Verizon-owned company has agreed to pay a $16 million civil penalty to settle the government investigation, and it has made an agreement to improve its application programming interface (API) security. (Malwarebytes Labs)
Phishing Emails Increasingly Use SVG Attachments To Evade Detection Phishing attacks are becoming increasingly deceptive as cybercriminals exploit...
IRS Issues Warning on New Email Phishing Scam A new email phishing scam involving false claims about electronically filed tax returns was reported...
Black Basta Ransomware Poses as IT Support on Microsoft Teams to Breach Networks The BlackBasta ransomware operation has moved its social engineering...