Sept. 22, 2021
CISA, FBI, and NSA Release Conti Ransomware Advisory to Help Organizations Reduce Risk of Attack
WASHINGTON — The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and National Security Agency (NSA) published a cybersecurity advisory today regarding increased Conti ransomware cyberattacks. The advisory includes technical details on the threat and mitigation steps that public and private sector organizations can take to reduce their risk to this ransomware.
July 19, 2021
NSA, CISA, and FBI detail Chinese State-Sponsored Actions, Mitigations
FORT MEADE, Md. — The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) released a Cybersecurity Advisory, Chinese State-Sponsored Cyber Operations: Observed TTPs. This advisory describes over 50 tactics, techniques, and procedures (TTPs) Chinese state-sponsored cyber actors used when targeting U.S. and allied networks, and details mitigations.
July 1, 2021
NSA, Partners Release Cybersecurity Advisory on Brute Force Global Cyber Campaign
FORT MEADE, Md. — The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI) and the UK’s National Cyber Security Centre (NCSC) released a Cybersecurity Advisory today exposing malicious cyber activities by Russian military intelligence against U.S. and global organizations, starting from mid-2019 and likely ongoing. This advisory is being released as part of NSA's routine and continuing cybersecurity mission to warn network defenders of nation state threats.
May 7, 2021
NSA CISA, FBI, and the UK NCSC further expose Russian Intelligence Cyber Tactics
Fort Meade, Md. — The National Security Agency (NSA), the United Kingdom’s National Cyber Security Centre (NCSC), the U.S. Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) jointly released an unclassified cybersecurity advisory, “Further TTPs associated with SVR cyber actors” today.
April 15, 2021
Russian Foreign Intelligence Service Exploiting Five Publicly Known Vulnerabilities to Compromise U.S. and Allied Networks
FORT MEADE, Md. — The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) jointly released a Cybersecurity Advisory, “Russian SVR Targets U.S. and Allied Networks,” today to expose ongoing Russian Foreign Intelligence Service (SVR) exploitation of five publicly known vulnerabilities.
Feb. 25, 2021
NSA Issues Guidance on Zero Trust Security Model
FORT MEADE, Md. — The National Security Agency published a cybersecurity product, “Embracing a Zero Trust Security Model,” on Thursday.
Jan. 14, 2021
NSA Recommends How Enterprises Can Securely Adopt Encrypted DNS
FORT MEADE, Md. — The National Security Agency released a cybersecurity product, “Adopting Encrypted DNS in Enterprise Environments,” Thursday explaining the benefits and risks of adopting the encrypted domain name system (DNS) protocol, DNS over HTTPs (DoH), in enterprise environments. The release provides solutions for secure implementation based on enterprise network needs.
Jan. 5, 2021
NSA releases “Eliminating Obsolete Transport Layer Security (TLS) Protocol Configurations” Cybersecurity Information
FORT MEADE, Md. — The National Security Agency released a cybersecurity product detailing how to detect and fix out-of-date encryption protocol implementations. Networks and systems that use deprecated forms of Transport Layer Security (TLS) or Secure Sockets Layer (SSL) for traffic sessions are at risk of sensitive data exposure and decryption.
Dec. 17, 2020
NSA Cybersecurity Advisory: Malicious Actors Abuse Authentication Mechanisms to Access Cloud Resources
Ft. MEADE, Md. — In response to ongoing cybersecurity events, the National Security Agency (NSA) released a Cybersecurity Advisory Thursday “Detecting Abuse of Authentication Mechanisms.” This advisory provides guidance to National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) network administrators to detect and mitigate against malicious cyber actors who are manipulating trust in federated authentication environments to access protected data in the cloud.
Dec. 7, 2020
Russian State-Sponsored Malicious Cyber Actors Exploit Known Vulnerability in Virtual Workspaces
Ft. MEADE, Md. — The National Security Agency (NSA) released a Cybersecurity Advisory today detailing how Russian state-sponsored actors have been exploiting a vulnerability in VMware® products to access protected data on affected systems.