NSA News & Highlights

Results:
Tag: advisory

Securing Wireless Devices in Public Settings

July 29, 2021

NSA Issues Guidance on Securing Wireless Devices in Public Settings

FORT MEADE, Md. — NSA released the Cybersecurity Information Sheet, “Securing Wireless Devices in Public Settings” today to help National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) teleworkers identify potential threats and minimize risks to their wireless devices and data.

Adopting Encrypted DNS in Enterprise Environments

Jan. 14, 2021

NSA Recommends How Enterprises Can Securely Adopt Encrypted DNS

FORT MEADE, Md. — The National Security Agency released a cybersecurity product, “Adopting Encrypted DNS in Enterprise Environments,” Thursday explaining the benefits and risks of adopting the encrypted domain name system (DNS) protocol, DNS over HTTPs (DoH), in enterprise environments. The release provides solutions for secure implementation based on enterprise network needs.

NSA Cybersecurity Advisory: Eliminating Obsolete TLS Protocol Configurations

Jan. 5, 2021

NSA releases “Eliminating Obsolete Transport Layer Security (TLS) Protocol Configurations” Cybersecurity Information

FORT MEADE, Md. — The National Security Agency released a cybersecurity product detailing how to detect and fix out-of-date encryption protocol implementations. Networks and systems that use deprecated forms of Transport Layer Security (TLS) or Secure Sockets Layer (SSL) for traffic sessions are at risk of sensitive data exposure and decryption.

Detecting Abuse of Authentication Mechanisms Infographic

Dec. 17, 2020

NSA Cybersecurity Advisory: Malicious Actors Abuse Authentication Mechanisms to Access Cloud Resources

Ft. MEADE, Md. — In response to ongoing cybersecurity events, the National Security Agency (NSA) released a Cybersecurity Advisory Thursday “Detecting Abuse of Authentication Mechanisms.” This advisory provides guidance to National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) network administrators to detect and mitigate against malicious cyber actors who are manipulating trust in federated authentication environments to access protected data in the cloud.

Russian State-Sponsored Actors Exploiting Vulnerability in VMware® Workspace Infographic

Dec. 7, 2020

Russian State-Sponsored Malicious Cyber Actors Exploit Known Vulnerability in Virtual Workspaces

Ft. MEADE, Md. — The National Security Agency (NSA) released a Cybersecurity Advisory today detailing how Russian state-sponsored actors have been exploiting a vulnerability in VMware® products to access protected data on affected systems.

NSA advisory about Chinese state-sponsored malicious cyber actors exploiting or targeting 25 publicly-known CVEs.

Oct. 20, 2020

NSA Warns Chinese State-Sponsored Malicious Cyber Actors Exploiting 25 CVEs

FORT MEADE, Md. — NSA released a new cybersecurity advisory detailing 25 vulnerabilities that Chinese state-sponsored malicious cyber actors are currently exploiting or targeting to encourage stakeholders to apply mitigations.

Neal Ziring

Jan. 14, 2020

A Very Important Patch Tuesday

FORT MEADE, Md. — On 14 January 2020, Microsoft released a patch for a Windows 10 vulnerability discovered by NSA (CVE-2020-0601).

NSA cybersecurity advisory

June 4, 2019

NSA Cybersecurity Advisory: Patch Remote Desktop Services on Legacy Versions of Windows

FORT MEADE, Md. — NSA advisory urging Microsoft Windows administrators and users to ensure they are using a patched and updated system in the face of growing cybersecurity threats.