Official websites use .gov
Secure .gov websites use HTTPS
June 28, 2023
NSA and CISA Best Practices to Secure Cloud Continuous Integration/Continuous Delivery Environments
The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) are publicly releasing a Cybersecurity Information Sheet (CSI) - “Defending Continuous Integration/Continuous Delivery (CI/CD) Environments” to provide recommendations for integrating security best practices into typical software development and operations (DevOps) CI/CD environments. The agencies encourage organizations to use the best practices to harden their CI/CD cloud deployments.
June 27, 2023
Math and Music at NSA
At first glance, it might seem unlikely that someone whose higher education was focused on music theory and composition would have a successful technical career at NSA, but there is a strong connection between music theory, performance, and composition and math comprehension that has been studied by academics for decades.
June 22, 2023
NSA Releases Guide to Mitigate BlackLotus Threat
To guide system administrators and network defenders on how to mitigate this threat, the National Security Agency (NSA) is publicly releasing the “BlackLotus Mitigation Guide” Cybersecurity Information Sheet (CSI). The guide provides an overview of recommended actions to detect and prevent malicious activities associated with BlackLotus.
June 14, 2023
NSA and CISA Release Guide To Protect Baseboard Management Controllers
Organizations need to take action to secure servers with Baseboard management controllers (BMCs). To assist network defenders in this, NSA and the Cybersecurity and Infrastructure Security Agency (CISA) jointly released the Cybersecurity Information Sheet, “Harden Baseboard Management Controllers.” The guidance includes recommendations and mitigations for network defenders to secure their systems.
June 6, 2023
NSA and Co-Authors Recommend Best Practices to Secure Remote Access Software
Legitimate remote access software is being used by cyber actors to access victims’ systems, blend in with regular network activities, and evade detection.
June 1, 2023
U.S., ROK Agencies Alert: DPRK Cyber Actors Impersonating Targets to Collect Intelligence
The National Security Agency (NSA) is partnering with several organizations to highlight the Democratic People’s Republic of Korea’s (DPRK) use of social engineering and malware to target think tanks, academia, and news media sectors.
May 24, 2023
NSA and Partners Identify China State-Sponsored Cyber Actor Using Built-in Network Tools When Targeting U.S. Critical Infrastructure Sectors
The National Security Agency (NSA) and partners have identified indicators of compromise (IOCs) associated with a People’s Republic of China (PRC) state-sponsored cyber actor using living off the land techniques to target networks across U.S. critical infrastructure.
May 23, 2023
#StopRansomware Guide Released by NSA and Partners
To guide network defenders in protecting against the rapidly evolving ransomware tactics of malicious cyber actors, the National Security Agency (NSA) and several partners are publicly releasing the “#StopRansomware Guide” Cybersecurity Information Sheet (CSI) today.
May 12, 2023
Captain James D. Stallings to be Honored on National Cryptologic Memorial Wall
Captain James D. Stallings, U.S. Army, will be publicly recognized at the National Security Agency’s Cryptologic Memorial Wall at a ceremony on May 25, 2023. General Paul Nakasone, Commander, U.S. Cyber Command and Director, National Security Agency/Chief, Central Security Service, will host the family of Captain Stallings at the ceremony.
May 9, 2023
U.S. Agencies and Allies Partner to Identify Russian Snake Malware Infrastructure Worldwide
The National Security Agency (NSA) and several partner agencies have identified infrastructure for Snake malware—a sophisticated Russian cyberespionage tool—in over 50 countries worldwide.