Skip to the main content.
Government Programs
Integrated technology, solutions, and services that support rapid innovation within the DoD ecosystem.

CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR®/RMF Pro)
ATO/RMF Support

Book GP Demo

Professional Services
Expertise in security strategy, incident response readiness, policy development, and risk assessments.

Risk Assessments
vCISO
Penetration Testing

Book ProServ Demo

Digital Forensics & Incident Response
Are You Under Attack?

If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.

CONTACT US

Subscribe-to-NetSec-News-v4Subscribe to NetSec News

Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.

SIGN UP

Ingalls Information Security

At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.

Meet The Leadership Team

3 min read

Articles of interest from the week of September 30, 2024

Understanding Compliance Between Commercial, Government, DoD & Secret Offerings - Sept 2024 Update

Navigating the complex world of compliance across commercial, government, and Department of Defense (DoD) sectors can be challenging. This article breaks down the key differences and overlaps, providing valuable insights for organizations looking to meet the specific regulatory requirements of each. Whether you're involved in tech, public sector operations, or compliance management, understanding these nuances is crucial for success. Dive in to learn more! (Microsoft)

NSN Email Template v4_Expert-Take
 

“When choosing between Microsoft’s commercial, government, or DoD cloud offerings, organizations must understand the compliance implications of each. For those handling Controlled Unclassified Information (CUI) or working under the DoD and CMMC requirements, using the correct cloud environment is critical to avoiding non-compliance risks. This article helps users decide which Microsoft cloud offering aligns with their compliance needs by breaking down the differences between commercial, government, and DoD environments. Understanding these differences enables users to choose the most appropriate environment for maintaining compliance with DoD policies and regulations, minimizing risks of non-compliance.

Brandi Pickett, Director of Government Programs at Ingalls Information Security

 

 

SEC Charges U.K. Citizen in Hacking and Trading Scheme Involving Five U.S. Public Companies

The Securities and Exchange Commission today announced charges against U.K. citizen Robert B. Westbrook for hacking into the computer systems of five U.S. public companies to obtain material nonpublic information about their corporate earnings and using that information to make approximately $3.75 million in illicit profits by trading in advance of the companies’ public earnings announcements. (Securities and Exchange Commission (SEC))

 

CUPS Flaws Enable Linux Remote Code Execution, but There’s a Catch

Linux users, take note! Recently discovered vulnerabilities in the Common UNIX Printing System (CUPS) could allow remote code execution, posing serious risks to your system. But there's a twist—these flaws require specific conditions to be exploitable. Are you curious to know if your setup is at risk and how you can stay protected? Read on to get the full details on these newly uncovered security flaws! (BleepingComputer)

 

China’s Salt Typhoon Cyber Spies Are Deep Inside US ISPs

Another Beijing-linked cyberspy crew, this one dubbed Salt Typhoon, has reportedly been spotted on networks belonging to US internet service providers in stealthy data-stealing missions and potential preparation for future cyberattacks. (The Register)

 

Meet MathPrompt, a Way Threat Actors Can Break AI Safety Controls

AI safety controls are essential, but threat actors are finding new ways to bypass them. Enter MathPrompt, a clever method attackers use to manipulate AI systems into behaving unpredictably. This blog post uncovers how MathPrompt works and why it's a potential game-changer for cybersecurity. If you're fascinated by the cutting-edge of AI and its vulnerabilities, this is a must-read! (CSO)

 

Some Kaspersky Customers Receive Surprise Forced-Update to New Antivirus Software

Imagine waking up to find your antivirus software unexpectedly replaced. That’s exactly what happened to some Kaspersky customers, who received a surprise forced update to a new version of the software. This blog post unpacks what led to the unplanned switch, how users reacted, and what it means for the future of cybersecurity updates. If you're curious about how this could affect your security, dive in to learn more! (TechCrunch)

 

Noise Storms: Massive Amounts of Spoofed Web Traffic Linked to China

A massive surge of spoofed web traffic, dubbed "noise storms," has been linked to China, raising alarms in the cybersecurity world. This blog post explores how these storms disrupt internet services and why they matter. If you're concerned about the growing trend of web manipulation and its global implications, this is a must-read to stay informed on the latest developments! (SecurityWeek)

 

Hacking Kia: Remotely Controlling Cars With Just a License Plate

Ever wondered what happens when a car manufacturer's security is put to the test? This blog post dives deep into an eye-opening experience hacking Kia’s systems, revealing critical vulnerabilities and the journey to getting them fixed. If you're curious about the intersection of automotive technology and cybersecurity, this behind-the-scenes look is a must-read! (Sam Curry)

 

CrowdStrike Overhauls Testing and Rollout Procedures to Avoid System Crashes

After a recent wave of Blue Screen of Death (BSOD) crashes, CrowdStrike has taken action, revamping its testing and rollout procedures to prevent future incidents. This blog post details the steps the company is taking to enhance reliability while maintaining top-notch security. If you're interested in how industry leaders handle critical updates and system stability, this is an essential read! (SecurityWeek)

Sign Up For Network Security News
Articles of interest from the week of May 22, 2023

Articles of interest from the week of May 22, 2023

Inactive Accounts Pose Significant Account Takeover Security Risks Inactive and non-maintained accounts pose significant security risks to users and...

Read More
Articles of interest from the week of January 1, 2024

Articles of interest from the week of January 1, 2024

Warning: Poorly Secured Linux SSH Servers Under Attack for Cryptocurrency Mining Poorly secured Linux SSH servers are being targeted by bad actors to...

Read More
Articles of interest from the week of December 2, 2024

Articles of interest from the week of December 2, 2024

Phishing Emails Increasingly Use SVG Attachments To Evade Detection Phishing attacks are becoming increasingly deceptive as cybercriminals exploit...

Read More