March 15, 2022

NSA, CISA release Kubernetes Hardening Guidance

FORT MEADE, Md. — The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) released a Cybersecurity Technical Report, “Kubernetes Hardening Guidance,” today. This report details threats to Kubernetes environments and provides configuration guidance to minimize risk.

March 8, 2022

Cybersecurity Speaker Series: Ghidra — Beyond the Code

The National Security Agency (NSA) Cybersecurity Collaboration Center released the fourth video in its Cybersecurity Speaker Series today, focusing on Ghidra, NSA’s open source reverse engineering tool. The Speaker Series highlights subject matter experts at NSA sharing insights, lessons, and contributions of their work in cybersecurity.

March 1, 2022

NSA Details Network Infrastructure Best Practices

The National Security Agency (NSA) released the “Network Infrastructure Security Guidance” Cybersecurity Technical Report today. The report captures best practices based on the depth and breadth of experience in supporting customers and responding to threats. 

Feb. 17, 2022

NSA Publishes Best Practices for Selecting Cisco Password Types

The National Security Agency published guidance today to help administrators secure network infrastructure devices and their credentials. The “Cisco Password Types: Best Practices” Cybersecurity Information Sheet analyzes Cisco’s wide variety of password encryption and hashing schemes to secure passwords stored in configuration files. NSA provides recommendations based on each password type and best practices to help administrators secure sensitive credentials.

Feb. 16, 2022

NSA, FBI, CISA Release Advisory on Protecting Cleared Defense Contractor Networks Against Years-Long Activity by Russian State-Sponsored Actors

The Federal Bureau of Investigation (FBI), Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) published a joint Cybersecurity Advisory today regarding Russian state-sponsored cyber actors ongoing efforts over the last several years to target U.S. cleared defense contractors. The advisory, “Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology,” details the industries and information Russian actors have targeted, common adversary tactics, detection and incident response actions, and mitigation recommendations. NSA and its partners assess that continued targeting is likely and recommend organizations apply the mitigations shared in the joint Cybersecurity Advisory.

Feb. 9, 2022

CISA, FBI, NSA and International Partners Issue Advisory on Ransomware Trends from 2021

WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA), along with the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC-UK) issued a joint Cybersecurity Advisory outlining the growing international threat posed by ransomware over the past year.

Feb. 3, 2022

NSA Releases 2021 Cybersecurity Year in Review

FORT MEADE, Md. — The National Security Agency released the 2021 NSA Cybersecurity Year in Review today to highlight how its cybersecurity mission continues to prevent and eradicate threats to the nation's most critical systems.

Jan. 20, 2022

NSA Recommends Adobe Acrobat Reader Security Configurations

The National Security Agency (NSA) released “Recommendations for Configuring Adobe® Acrobat® Reader® DC in a Windows® Environment” today. The technical report addresses the longstanding issue of cyber actors using malicious PDFs when targeting victim networks. Specifically, it details recommended Adobe Reader configuration settings for systems administrators to help minimize the risk of executable content and other malicious activity in a Windows environment.

Jan. 19, 2022

President Biden Signs Cybersecurity National Security Memorandum

The White House announced today that President Joe Biden has signed National Security Memorandum 8, “Improving the Cybersecurity of National Security, Department of Defense and Intelligence Community Systems.” This Memorandum implements the cybersecurity requirements of EO 14028 for National Security Systems (NSS) - networks across the U.S. Government that contain classified information or are otherwise critical to military and intelligence activities. The Memorandum provides the Director of the NSA, General Paul M. Nakasone, in his role as the National Manager for NSS, with enhanced insight and authorities to better safeguard these systems.

Jan. 18, 2022

NSA Announces Winners of annual Best Scientific Cybersecurity Research Paper Competition

Today, the National Security Agency announced the winning paper in the 9th annual “Best Cybersecurity Research Paper Competition”. Established in 2013, the competition encourages the development of scientific foundations in cybersecurity and supports cybersecurity improvements within devices, computers, and systems through rigorous research, solid scientific methodology, documentation and publishing.