NSA News & Highlights

NSA SPOTLIGHT

July 20, 2024

No Such Puzzle: Red, white, and blue clues

In honor of Independence Day, we give you sentences that contain parts which hint at three two-word phrases. One phrase starts with the word "red," one phrase starts with the word "white," and one phrase starts with the word "blue." We provide the number of letters of each second word. Find the three two-word phrases in each sentence.

NSA’s Final Zero Trust Pillar Report Outlines How to Achieve Faster Threat Response Time

NSA Joins in Releasing Case Studies Showing PRC Tradecraft in Action

“Remember Why You’re Here”: Mother of 9/11 Victim Visits Morrison Center Memorial

Tag: csa

Feb. 27, 2024

Russian Cyber Actors Use Compromised Routers to Facilitate Cyber Operations

FORT MEADE, Md. – The National Security Agency (NSA) has joined the Federal Bureau of Investigation (FBI) and other co-sealers to publish a Cybersecurity Advisory (CSA), “Russian Cyber Actors Use Compromised Routers to Facilitate Cyber Operations,” outlining observed tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), and mitigation recommendations for EdgeRouter users and other network defenders.

Russian FSB cyber actor Star Blizzard continues worldwide spear-phishing campaigns

Dec. 7, 2023

NSA, UK National Cyber Security Centre, and Partners Release Update About Russian ‘Star Blizzard’ Spear-phishing Campaign

he National Security Agency (NSA) has joined the UK National Cyber Security Centre (NCSC-UK) and other partners in releasing the Cybersecurity Advisory (CSA), “Russian FSB Cyber Actor Star Blizzard Continues Worldwide Spear-Phishing Campaigns,” to raise awareness of the specific spear-phishing techniques used by Star Blizzard to target individuals and organizations, including the U.S. government and Defense Industrial Base, and to provide guidelines to protect against the continued threat.

Hunting Russian Intelligence “Snake” Malware. Cybersecurity Advisory

May 9, 2023

U.S. Agencies and Allies Partner to Identify Russian Snake Malware Infrastructure Worldwide

The National Security Agency (NSA) and several partner agencies have identified infrastructure for Snake malware—a sophisticated Russian cyberespionage tool—in over 50 countries worldwide.

CSA: Top Common Vulnerabilities and Exposures (CVEs) Actively Exploited by People’s Republic of China State-Sponsored Cyber Actors (October 2022)

Oct. 6, 2022

NSA, CISA, FBI Reveal Top CVEs Exploited by Chinese State-Sponsored Actors

In a Cybersecurity Advisory released today, the National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) exposed the “Top Common Vulnerabilities and Exposures (CVEs) Actively Exploited by People’s Republic of China State-Sponsored Cyber Actors” since 2020.

CSA: Control System Defense: Know the Opponent

Sept. 22, 2022

NSA, CISA: How Cyber Actors Compromise OT/ICS and How to Defend Against It

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) published a Cybersecurity Advisory today that highlights the steps malicious actors have commonly followed to compromise operational technology (OT)/industrial control system (ICS) assets and provides recommendations on how to defend against them.

PRC State-Sponsored Cyber Actors Exploit Network Providers and Devices

June 7, 2022

NSA, CISA, and FBI Expose PRC State-Sponsored Exploitation of Network Providers, Devices

The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI) released a Cybersecurity Advisory (CSA) today, “People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices.” The advisory highlights how People’s Republic of China (PRC) actors have targeted and compromised major telecommunications companies and network service providers primarily by exploiting publicly known vulnerabilities. Networks affected have ranged from small office/home office (SOHO) routers to medium and large enterprise networks.

CSA: Weak Security Controls and Practices Routinely Exploited for Initial Access

May 17, 2022

NSA, Allies Issue Cybersecurity Advisory on Weaknesses that Allow Initial Access

The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA) and the FBI, along with allied nations, published a Cybersecurity Advisory today to raise awareness about the poor security configurations, weak controls and other poor network hygiene practices malicious cyber actors use to gain initial access to a victim’s system.

CSA: Protecting Against Cyber Threats to Managed Service Providers and their Customers

May 11, 2022

NSA, Partners Issue Guidance to Secure Managed Service Providers, Their Customers

In anticipation of increased malicious cyber targeting of managed service providers (MSPs), NSA joined cybersecurity authorities from the U.S., Australia, Canada, New Zealand, and the United Kingdom to release the “Protecting Against Cyber Threats to Managed Service Providers and their Customers” Cybersecurity Advisory.

June 4, 2019

NSA Cybersecurity Advisory: Patch Remote Desktop Services on Legacy Versions of Windows

FORT MEADE, Md. — NSA advisory urging Microsoft Windows administrators and users to ensure they are using a patched and updated system in the face of growing cybersecurity threats.

NSA News & Highlights

NSA SPOTLIGHT

No Such Puzzle: Red, white, and blue clues

NSA.GOV

CULTURE

HELPFUL LINKS

RESOURCES

RELATED LINKS