Oct. 28, 2021
NSA and CISA provide cybersecurity guidance for 5G cloud infrastructures
FORT MEADE, Md. — The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have published cybersecurity guidance to securely build and configure cloud infrastructures in support of 5G. Security Guidance for 5G Cloud Infrastructures: Prevent and Detect Lateral Movement is the first of a four-part series created by the Enduring Security Framework (ESF), a cross-sector, public-private working group which provides cybersecurity guidance that addresses high priority cyber-based threats to the nation’s critical infrastructure.
Oct. 18, 2021
CISA, FBI, and NSA Release BlackMatter Ransomware Advisory to Help Organizations Reduce Risk of Attack
The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and National Security Agency (NSA) published a cybersecurity advisory today regarding BlackMatter ransomware cyber intrusions targeting multiple U.S. critical infrastructure entities, including two U.S. food and agriculture sector organizations. The advisory includes technical details, analysis, and assessment of this cyber threat, as well as several mitigation actions that can be taken to reduce the risk to this ransomware.
Oct. 14, 2021
Stop the Snowball: Protect Yourself from Phishing Scams
FORT MEADE, Md. — Technology is the commonality between everything in our daily lives. Whether you’re checking email at home or in the office, or scrolling through social media, you’re connected. That access and freedom is a staple in our country’s advancements and successes, but we can’t forget about those trying to take advantage of it.
Oct. 12, 2021
Long lost and rare Italian cipher machine found
At the outbreak of WWII in 1939, Nazi Germany’s Enigma encryption machine stood as the state-of-the art method for sending and receiving secret messages. It wasn’t until 1940 that English mathematician Alan Turing, and the team at Bletchley Park, cracked the daily changes Berlin made to its cipher system, and helped the Allied powers win the war. While the Enigma stands out as the most famous of encryption machines, Italy, set out to develop a high-end machine to rival its war partner, Germany. In 1939 Italy’s government secretly tasked a little-known photogrammetric equipment company, Ottico Meccanica Italiana (OMI), to build a device capable of rivaling its more famous cousin. Founded in 1926, OMI’s tools were used to create precision topographical maps and surveys using stereoscopic aerial photography. The technical expertise made OMI a natural fit for the job. The end result was OMI’s first cipher machine known as the Cryptograph Alpha.
Oct. 7, 2021
Avoid Dangers of Wildcard TLS Certificates, the ALPACA Technique
NSA released the Cybersecurity Information Sheet, “Avoid Dangers of Wildcard TLS Certificates and the ALPACA Technique” today, warning network administrators about the risks of using poorly scoped wildcard Transport Layer Security (TLS) certificates. NSA recommends several actions web administrators should take to keep their servers secure. This guidance also outlines the risks of falling victim to a web application exploitation method called Application Layer Protocols Allowing Cross-Protocol Attacks (ALPACA), which malicious cyber actors can use to access sensitive information.
Oct. 6, 2021
NSA Releases Cybersecurity Awareness Month Wallpapers for 2021
FORT MEADE, Md. — Each year, National Security Agency (NSA) partners with the National Cyber Security Alliance (NCSA) and the Department of Homeland Security (DHS) for Cybersecurity Awareness Month. In honor of this year’s celebration, NSA offers wallpaper backgrounds for electronic devices that provide a reminder to #BeCyberSmart.
Oct. 1, 2021
Cybersecurity is a Team Sport – Be a Champion this Cybersecurity Awareness Month
FORT MEADE, Md. — NSA is proud to join the global effort to promote strong cybersecurity practices during the 18th annual Cybersecurity Awareness Month.
Cybersecurity Speaker Series: Embracing a Zero Trust Mindset
FORT MEADE, Md. — NSA released the second episode in the Cybersecurity Collaboration Center Speaker Series, exploring the concept of Zero Trust, and outlining first steps organizations can take. The Cybersecurity Speaker Series highlights experts at NSA, sharing their insights, lessons learned, and contributions of their work in cybersecurity.
Sept. 28, 2021
NSA, CISA Release Guidance on Selecting and Hardening Remote Access VPNs
FORT MEADE, Md. — The National Security Agency and the Cybersecurity and Infrastructure Security Agency (CISA) released a joint Cybersecurity Information Sheet today detailing factors to consider when choosing a virtual private network (VPN) and top configurations for deploying it securely. “Selecting and Hardening Remote Access VPN Solutions” also will help leaders in the Department of Defense, National Security Systems and the Defense Industrial Base better understand the risks associated with VPNs.
Sept. 22, 2021
CISA, FBI, and NSA Release Conti Ransomware Advisory to Help Organizations Reduce Risk of Attack
The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and National Security Agency (NSA) published a cybersecurity advisory today regarding increased Conti ransomware cyberattacks. The advisory includes technical details on the threat and mitigation steps that public and private sector organizations can take to reduce their risk to this ransomware.