NSA News & Highlights

Results:
Tag: Cybersecurity Technical Report

Sept. 26, 2024

NSA Jointly Releases Guidance for Mitigating Active Directory Compromises

The National Security Agency (NSA) joins the Australian Signals Directorate’s Australian Cyber Security Centre (ASD ACSC) and others in releasing the Cybersecurity Technical Report (CTR), “Detecting and Mitigating Active Directory Compromises.” The guidance provides prevention and detection strategies for the most prevalent techniques used to target Active Directory (AD).

July 14, 2022

NSA Publishes Guidance on Characterizing Threats, Risks to DoD Microelectronics

The National Security Agency’s (NSA) Joint Federation Assurance Center Hardware Assurance Lab published a report on “DoD Microelectronics: Levels of Assurance Definitions and Applications” today to characterize the threats and risks to custom microelectronic components used in Department of Defense (DoD) systems. The Cybersecurity Technical Report includes definitions and guidance on applying three levels of hardware assurance to protect applicable DoD systems.

March 15, 2022

NSA, CISA release Kubernetes Hardening Guidance

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) released a Cybersecurity Technical Report, “Kubernetes Hardening Guidance,” today. This report details threats to Kubernetes environments and provides configuration guidance to minimize risk.

March 1, 2022

NSA Details Network Infrastructure Best Practices

The National Security Agency (NSA) released the “Network Infrastructure Security Guidance” Cybersecurity Technical Report today. The report captures best practices based on the depth and breadth of experience in supporting customers and responding to threats. 

Jan. 20, 2022

NSA Recommends Adobe Acrobat Reader Security Configurations

The National Security Agency (NSA) released “Recommendations for Configuring Adobe® Acrobat® Reader® DC in a Windows® Environment” today. The technical report addresses the longstanding issue of cyber actors using malicious PDFs when targeting victim networks. Specifically, it details recommended Adobe Reader configuration settings for systems administrators to help minimize the risk of executable content and other malicious activity in a Windows environment.

June 17, 2021

NSA Releases Guidance on Securing Unified Communications and Voice and Video over IP Systems

NSA released a Cybersecurity Technical Report today that provides best practices and mitigations for securing Unified Communications (UC) and Voice and Video over IP (VVoIP) call-processing systems. The comprehensive report, “Deploying Secure Unified Communications/Voice and Video over IP Systems,” also describes potential risks to UC/VVoIP systems that aren’t properly secured.