NSA News & Highlights

Results:
Tag: cybersecurity

June 14, 2023

NSA and CISA Release Guide To Protect Baseboard Management Controllers

Organizations need to take action to secure servers with Baseboard management controllers (BMCs). To assist network defenders in this, NSA and the Cybersecurity and Infrastructure Security Agency (CISA) jointly released the Cybersecurity Information Sheet, “Harden Baseboard Management Controllers.” The guidance includes recommendations and mitigations for network defenders to secure their systems.

June 6, 2023

NSA and Co-Authors Recommend Best Practices to Secure Remote Access Software

Legitimate remote access software is being used by cyber actors to access victims’ systems, blend in with regular network activities, and evade detection.

June 1, 2023

U.S., ROK Agencies Alert: DPRK Cyber Actors Impersonating Targets to Collect Intelligence

The National Security Agency (NSA) is partnering with several organizations to highlight the Democratic People’s Republic of Korea’s (DPRK) use of social engineering and malware to target think tanks, academia, and news media sectors.

May 24, 2023

NSA and Partners Identify China State-Sponsored Cyber Actor Using Built-in Network Tools When Targeting U.S. Critical Infrastructure Sectors

The National Security Agency (NSA) and partners have identified indicators of compromise (IOCs) associated with a People’s Republic of China (PRC) state-sponsored cyber actor using living off the land techniques to target networks across U.S. critical infrastructure.

May 23, 2023

#StopRansomware Guide Released by NSA and Partners

To guide network defenders in protecting against the rapidly evolving ransomware tactics of malicious cyber actors, the National Security Agency (NSA) and several partners are publicly releasing the “#StopRansomware Guide” Cybersecurity Information Sheet (CSI) today.

May 9, 2023

U.S. Agencies and Allies Partner to Identify Russian Snake Malware Infrastructure Worldwide

The National Security Agency (NSA) and several partner agencies have identified infrastructure for Snake malware—a sophisticated Russian cyberespionage tool—in over 50 countries worldwide.

April 28, 2023

U.S. Air Force Academy Wins NSA Cyber Competition

After months of preparation and a fierce competition, the U.S. Air Force Academy defended its title as the champions of the Agency’s annual NSA Cyber Exercise (NCX).

April 18, 2023

NCSC-UK, NSA, and Partners Advise about APT28 Exploitation of Cisco Routers

The National Security Agency (NSA) has partnered with the UK’s National Cyber Security Centre (NCSC), the Federal Bureau of Investigation (FBI), and the Cybersecurity and Infrastructure Security Agency (CISA) to publish a joint Cybersecurity Advisory (CSA) report on the tactics, techniques, and procedures (TTPs) associated with APT28’s exploitation of Cisco routers.

April 13, 2023

NSA, U.S. and International Partners Issue Guidance on Securing Technology by Design and Default

FORT MEADE, Md. - The Cybersecurity and Infrastructure Security Agency (CISA), the National Security

March 21, 2023

ESF Partners, NSA, and CISA Release Identity and Access Management Recommended Best Practices for Administrators

As part of the Enduring Security Framework (ESF), the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) published the Recommended Best Practices Guide for Administrators to provide system administrators with actionable recommendations to better secure their systems from threats to Identity and Access Management (IAM).