NSA News & Highlights

Results:
Tag: cybersecurity advisory

Sept. 18, 2024

NSA and Allies Issue Advisory about PRC-Linked Actors and Botnet Operations

FORT MEADE, Md. - The National Security Agency (NSA) joins the Federal Bureau of Investigation (FBI), the United States Cyber Command’s Cyber National Mission Force (CNMF), and international allies in releasing new information about People’s Republic of China (PRC)-linked cyber actors who have compromised internet-connected devices worldwide to create a botnet and conduct malicious activity.

July 25, 2024

NSA Joins FBI and Others to Warn of North Korea Cyber Espionage Campaign

FORT MEADE, Md. – The National Security Agency (NSA) joins the Federal Bureau of Investigation (FBI) and others in releasing the joint Cybersecurity Advisory (CSA), “North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs.” The CSA includes detection methods and mitigation measures to help counter the malicious activity.

July 8, 2024

NSA Joins in Releasing Case Studies Showing PRC Tradecraft in Action

FORT MEADE, Md. – The National Security Agency (NSA) is joining the Australian Signals Directorate (ASD) and other agencies to publish a Cybersecurity Advisory (CSA) detailing the tradecraft used by a cyber actor group associated with the People’s Republic of China (PRC) Ministry of State Security (MSS). “PRC MSS Tradecraft in Action” helps cybersecurity practitioners prevent, identify, and remediate intrusions against their own networks by sharing significant case studies of the adversary’s tactics and techniques.

May 2, 2024

NSA Highlights Mitigations against North Korean Actor Email Policy Exploitation

FORT MEADE, Md. – The National Security Agency (NSA) joins the Federal Bureau of Investigation (FBI) and the U.S. Department of State in releasing the Cybersecurity Advisory (CSA), “North Korean Actors Exploit Weak DMARC Security Policies to Mask Spearphishing Efforts,” to protect against Democratic People’s Republic of Korea (DPRK, aka North Korea) techniques that allow emails to appear to be from legitimate journalists, academics, or other experts in East Asian affairs.

Feb. 27, 2024

Russian Cyber Actors Use Compromised Routers to Facilitate Cyber Operations

FORT MEADE, Md. – The National Security Agency (NSA) has joined the Federal Bureau of Investigation (FBI) and other co-sealers to publish a Cybersecurity Advisory (CSA), “Russian Cyber Actors Use Compromised Routers to Facilitate Cyber Operations,” outlining observed tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), and mitigation recommendations for EdgeRouter users and other network defenders.

Jan. 25, 2023

NSA, CISA, and MS-ISAC Release Guidance for Securing Remote Monitoring and Management Software

The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Multi-State Information Sharing and Analysis Center (MS-ISAC) released the “Protecting Against Malicious Use of Remote Monitoring and Management Software” Cybersecurity Advisory (CSA) today to help network defenders protect against the malicious use of legitimate remote monitoring and management (RMM) software.

Oct. 6, 2022

NSA, CISA, FBI Reveal Top CVEs Exploited by Chinese State-Sponsored Actors

In a Cybersecurity Advisory released today, the National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) exposed the “Top Common Vulnerabilities and Exposures (CVEs) Actively Exploited by People’s Republic of China State-Sponsored Cyber Actors” since 2020.

Oct. 4, 2022

NSA, CISA, FBI Warn of Custom Exfiltration Tools Being Used Against Defense Industrial Base Organization

FORT MEADE, Md. — The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the FBI released a Cybersecurity Advisory today that details the tactics, techniques and procedures (TTPs) that likely multiple advanced persistent threat (APT) groups recently used to steal sensitive information from a Defense Industrial Base organization.

Sept. 22, 2022

NSA, CISA: How Cyber Actors Compromise OT/ICS and How to Defend Against It

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) published a Cybersecurity Advisory today that highlights the steps malicious actors have commonly followed to compromise operational technology (OT)/industrial control system (ICS) assets and provides recommendations on how to defend against them.

Sept. 7, 2022

NSA Releases Future Quantum-Resistant (QR) Algorithm Requirements for National Security Systems

The National Security Agency (NSA) released the “Announcing Commercial National Security Algorithm Suite 2.0” (CNSA 2.0) Cybersecurity Advisory (CSA) today to notify National Security Systems (NSS) owners, operators and vendors of the future quantum-resistant (QR) algorithms requirements for NSS — networks that contain classified information or are otherwise critical to military and intelligence activities.