Official websites use .gov
Secure .gov websites use HTTPS
May 2, 2024
NSA Highlights Mitigations against North Korean Actor Email Policy Exploitation
FORT MEADE, Md. – The National Security Agency (NSA) joins the Federal Bureau of Investigation (FBI) and the U.S. Department of State in releasing the Cybersecurity Advisory (CSA), “North Korean Actors Exploit Weak DMARC Security Policies to Mask Spearphishing Efforts,” to protect against Democratic People’s Republic of Korea (DPRK, aka North Korea) techniques that allow emails to appear to be from legitimate journalists, academics, or other experts in East Asian affairs.
Feb. 27, 2024
Russian Cyber Actors Use Compromised Routers to Facilitate Cyber Operations
FORT MEADE, Md. – The National Security Agency (NSA) has joined the Federal Bureau of Investigation (FBI) and other co-sealers to publish a Cybersecurity Advisory (CSA), “Russian Cyber Actors Use Compromised Routers to Facilitate Cyber Operations,” outlining observed tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), and mitigation recommendations for EdgeRouter users and other network defenders.
Jan. 25, 2023
NSA, CISA, and MS-ISAC Release Guidance for Securing Remote Monitoring and Management Software
The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Multi-State Information Sharing and Analysis Center (MS-ISAC) released the “Protecting Against Malicious Use of Remote Monitoring and Management Software” Cybersecurity Advisory (CSA) today to help network defenders protect against the malicious use of legitimate remote monitoring and management (RMM) software.
Oct. 6, 2022
NSA, CISA, FBI Reveal Top CVEs Exploited by Chinese State-Sponsored Actors
In a Cybersecurity Advisory released today, the National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) exposed the “Top Common Vulnerabilities and Exposures (CVEs) Actively Exploited by People’s Republic of China State-Sponsored Cyber Actors” since 2020.
Oct. 4, 2022
NSA, CISA, FBI Warn of Custom Exfiltration Tools Being Used Against Defense Industrial Base Organization
FORT MEADE, Md. — The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the FBI released a Cybersecurity Advisory today that details the tactics, techniques and procedures (TTPs) that likely multiple advanced persistent threat (APT) groups recently used to steal sensitive information from a Defense Industrial Base organization.
Sept. 22, 2022
NSA, CISA: How Cyber Actors Compromise OT/ICS and How to Defend Against It
The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) published a Cybersecurity Advisory today that highlights the steps malicious actors have commonly followed to compromise operational technology (OT)/industrial control system (ICS) assets and provides recommendations on how to defend against them.
Sept. 7, 2022
NSA Releases Future Quantum-Resistant (QR) Algorithm Requirements for National Security Systems
The National Security Agency (NSA) released the “Announcing Commercial National Security Algorithm Suite 2.0” (CNSA 2.0) Cybersecurity Advisory (CSA) today to notify National Security Systems (NSS) owners, operators and vendors of the future quantum-resistant (QR) algorithms requirements for NSS — networks that contain classified information or are otherwise critical to military and intelligence activities.
May 17, 2022
NSA, Allies Issue Cybersecurity Advisory on Weaknesses that Allow Initial Access
The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA) and the FBI, along with allied nations, published a Cybersecurity Advisory today to raise awareness about the poor security configurations, weak controls and other poor network hygiene practices malicious cyber actors use to gain initial access to a victim’s system.
May 11, 2022
NSA, Partners Issue Guidance to Secure Managed Service Providers, Their Customers
In anticipation of increased malicious cyber targeting of managed service providers (MSPs), NSA joined cybersecurity authorities from the U.S., Australia, Canada, New Zealand, and the United Kingdom to release the “Protecting Against Cyber Threats to Managed Service Providers and their Customers” Cybersecurity Advisory.
May 10, 2022
NSA Issues Recommendations to Protect VSAT Communications
The National Security Agency (NSA) updated its Cybersecurity Advisory (CSA)today for securing very small aperture terminal (VSAT) networks, “Protecting VSAT Communications.” The advisory aims to help organizations understand how communications may be at risk of compromise and how they can act to reduce risk.