Log4Shell - Log4j Vulnerability (CVE-2021-44228)

Apache Log4j2 <=2.14.1 JNDI features used in the configuration, log messages, and parameters do not protect against attacker-controlled LDAP and other JNDI-related endpoints. An attacker who can control log messages or log message parameters can

15 Dec 2021
Read More

The Phishing Adventures of Huck Phinn, Casting Wide Nets

Chapter 6

In the previous chapter, all seemed well with Huckleberry “Huck” Phinn and the St. Petersburg Wildlife Foundation. Huck and the gang at St. Petersburg partnered up with Mark Ingalls, a trusty companion, to help them with their

09 Dec 2021
Read More

The Top 5 2021 Holiday Scams to be Aware of

These tips will show your users what to watch out for in emails as well as on mobile devices. We recommend printing these out, they are great at-desk reminders.

03 Dec 2021
Read More

Critical Advisory Notice for SquirrelWaffle and Qakbot

In September 2021, multiple security research teams observed and reported email reply-chain attacks that distributed new SquirrelWaffle Loader and Qakbot-embedded malicious document files. Cisco Talos1 reported that these "distribution campaigns

03 Dec 2021
Read More

Ingalls Security Operations Center is now 24/7/365!

Our 100% US-based Security Operations Center (SOC) now offers live analysis and support by our team of analysts every day of the year, 24 hours a day.‘Round the clock, MDR provides extended coverage with continuous analysis, response and escalation

12 Nov 2021
Read More

Apache HTTP Server Vulnerabilities (CVE-2021-41773 & CVE-2021-42013)

These vulnerabilities are currently being exploited in the wild. As of October 21st, there are nearly 48,000 web-exposed servers with these vulnerabilities.

22 Oct 2021
Read More