NSA News & Highlights

CSI: Harden Baseboard Management Controllers

June 14, 2023

NSA and CISA Release Guide To Protect Baseboard Management Controllers

Organizations need to take action to secure servers with Baseboard management controllers (BMCs). To assist network defenders in this, NSA and the Cybersecurity and Infrastructure Security Agency (CISA) jointly released the Cybersecurity Information Sheet, “Harden Baseboard Management Controllers.” The guidance includes recommendations and mitigations for network defenders to secure their systems.

Guide to Securing Remote Access Software. Cybersecurity Information Sheet.

June 6, 2023

NSA and Co-Authors Recommend Best Practices to Secure Remote Access Software

Legitimate remote access software is being used by cyber actors to access victims’ systems, blend in with regular network activities, and evade detection.

North Korea Using Social Engineering to Enable Hacking of Think Tanks, Academic, and Media

June 1, 2023

U.S., ROK Agencies Alert: DPRK Cyber Actors Impersonating Targets to Collect Intelligence

The National Security Agency (NSA) is partnering with several organizations to highlight the Democratic People’s Republic of Korea’s (DPRK) use of social engineering and malware to target think tanks, academia, and news media sectors.

Lei Haku (left) and Lei Wili (right) sit side-by-side on a table during a lei making workshop.

May 30, 2023

NSA Celebrates Second Annual Lei Day

This May marks the second year in a row that the National Security Agency (NSA) will incorporate the celebration of Lei Day into Asian American and Pacific Islander (AAPI) Heritage Month.

Cybersecurity Advisory: People's Republic of China State-Sponsored Cyber Actor Living Off the Land

May 24, 2023

NSA and Partners Identify China State-Sponsored Cyber Actor Using Built-in Network Tools When Targeting U.S. Critical Infrastructure Sectors

The National Security Agency (NSA) and partners have identified indicators of compromise (IOCs) associated with a People’s Republic of China (PRC) state-sponsored cyber actor using living off the land techniques to target networks across U.S. critical infrastructure.

#StopRansomware Guide. Cybersecurity Information Sheet

May 23, 2023

#StopRansomware Guide Released by NSA and Partners

To guide network defenders in protecting against the rapidly evolving ransomware tactics of malicious cyber actors, the National Security Agency (NSA) and several partners are publicly releasing the “#StopRansomware Guide” Cybersecurity Information Sheet (CSI) today.

A formally dressed Black man and woman

May 15, 2023

NSA Employees Honored with Black Engineer of the Year Awards

For their outstanding demonstration of leadership and technical expertise in science, technology, engineering, and math (STEM), two National Security Agency (NSA) employees received 2023 Black Engineer of the Year (BEYA) awards.

May 12, 2023

Captain James D. Stallings to be Honored on National Cryptologic Memorial Wall

Captain James D. Stallings, U.S. Army, will be publicly recognized at the National Security Agency’s Cryptologic Memorial Wall at a ceremony on May 25, 2023. General Paul Nakasone, Commander, U.S. Cyber Command and Director, National Security Agency/Chief, Central Security Service, will host the family of Captain Stallings at the ceremony.

Hunting Russian Intelligence “Snake” Malware. Cybersecurity Advisory

May 9, 2023

U.S. Agencies and Allies Partner to Identify Russian Snake Malware Infrastructure Worldwide

The National Security Agency (NSA) and several partner agencies have identified infrastructure for Snake malware—a sophisticated Russian cyberespionage tool—in over 50 countries worldwide.

GEN Nakasone speaks to NCX 2023 participants

April 28, 2023

U.S. Air Force Academy Wins NSA Cyber Competition

After months of preparation and a fierce competition, the U.S. Air Force Academy defended its title as the champions of the Agency’s annual NSA Cyber Exercise (NCX).