NSA News & Highlights

Results:
Tag: microsoft

CSI: BlackLotus Mitigation Guide Graphic

June 22, 2023

NSA Releases Guide to Mitigate BlackLotus Threat

To guide system administrators and network defenders on how to mitigate this threat, the National Security Agency (NSA) is publicly releasing the “BlackLotus Mitigation Guide” Cybersecurity Information Sheet (CSI). The guide provides an overview of recommended actions to detect and prevent malicious activities associated with BlackLotus.

Cybersecurity Advisory: People's Republic of China State-Sponsored Cyber Actor Living Off the Land

May 24, 2023

NSA and Partners Identify China State-Sponsored Cyber Actor Using Built-in Network Tools When Targeting U.S. Critical Infrastructure Sectors

The National Security Agency (NSA) and partners have identified indicators of compromise (IOCs) associated with a People’s Republic of China (PRC) state-sponsored cyber actor using living off the land techniques to target networks across U.S. critical infrastructure.

CSA: Impacket, Custom Exfiltration Tools Used to Steal Sensitive Information from Defense Industrial Base Organization

Oct. 4, 2022

NSA, CISA, FBI Warn of Custom Exfiltration Tools Being Used Against Defense Industrial Base Organization

FORT MEADE, Md. — The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the FBI released a Cybersecurity Advisory today that details the tactics, techniques and procedures (TTPs) that likely multiple advanced persistent threat (APT) groups recently used to steal sensitive information from a Defense Industrial Base organization.

CSA: Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disc Encryption for Ransom Operations.

Sept. 14, 2022

Iranian Cyber Actors Exploit Known Vulnerabilities to Extort U.S. Critical Infrastructure Organizations, Other Victims

In a Cybersecurity Advisory released today, the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), NSA, U.S. Cyber Command, the Department of Treasury and international partners reveal how Iranian cyber actors continue to exploit known vulnerabilities on unprotected networks to extort and ransom victims, including U.S. critical infrastructure organizations.

NSA cybersecurity advisory

June 4, 2019

NSA Cybersecurity Advisory: Patch Remote Desktop Services on Legacy Versions of Windows

FORT MEADE, Md. — NSA advisory urging Microsoft Windows administrators and users to ensure they are using a patched and updated system in the face of growing cybersecurity threats.