July 25, 2024

NSA Joins FBI and Others to Warn of North Korea Cyber Espionage Campaign

FORT MEADE, Md. – The National Security Agency (NSA) joins the Federal Bureau of Investigation (FBI) and others in releasing the joint Cybersecurity Advisory (CSA), “North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs.” The CSA includes detection methods and mitigation measures to help counter the malicious activity.

July 10, 2024

NSA’s Final Zero Trust Pillar Report Outlines How to Achieve Faster Threat Response Time

FORT MEADE, Md. – The National Security Agency (NSA) is releasing the Cybersecurity Information Sheet (CSI) “Advancing Zero Trust Maturity Throughout the Automation and Orchestration Pillar” to help organizations better detect cyber threats and respond to common threats faster.

May 2, 2024

NSA Highlights Mitigations against North Korean Actor Email Policy Exploitation

FORT MEADE, Md. – The National Security Agency (NSA) joins the Federal Bureau of Investigation (FBI) and the U.S. Department of State in releasing the Cybersecurity Advisory (CSA), “North Korean Actors Exploit Weak DMARC Security Policies to Mask Spearphishing Efforts,” to protect against Democratic People’s Republic of Korea (DPRK, aka North Korea) techniques that allow emails to appear to be from legitimate journalists, academics, or other experts in East Asian affairs.

May 1, 2024

Urgent Warning from Multiple Cybersecurity Organizations on Current Threat to OT Systems

FORT MEADE, Md. – Pro-Russia hacktivists are conducting malicious cyber activity against operational technology (OT) devices and critical infrastructure organizations are encouraged to implement mitigations, according to a Fact Sheet released today by the National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), Environmental Protection Agency (EPA), Department of Energy (DOE), United States Department of Agriculture (USDA), Multi-State Information Sharing and Analysis Center IMS-ISAC), the U.K. National Cyber Security Centre, and the Canadian Centre for Cyber Security.

Aug. 2, 2023

NSA Releases Guide to Harden Cisco Next Generation Firewalls

The National Security Agency (NSA) has released a new Cybersecurity Technical Report (CTR) “Cisco Firepower Hardening Guide,” to assist network and system administrators with configuring these next generation firewalls (NGFWs).

Feb. 22, 2023

NSA Releases Best Practices For Securing Your Home Network

FORT MEADE, Md. — The National Security Agency (NSA) released the “Best Practices for Securing Your Home Network” Cybersecurity Information Sheet (CSI) today to help teleworkers protect their home networks from malicious cyber actors.

Jan. 25, 2023

NSA, CISA, and MS-ISAC Release Guidance for Securing Remote Monitoring and Management Software

The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Multi-State Information Sharing and Analysis Center (MS-ISAC) released the “Protecting Against Malicious Use of Remote Monitoring and Management Software” Cybersecurity Advisory (CSA) today to help network defenders protect against the malicious use of legitimate remote monitoring and management (RMM) software.

Nov. 10, 2022

NSA Releases Guidance on How to Protect Against Software Memory Safety Issues

The National Security Agency (NSA) published guidance today to help software developers and operators prevent and mitigate software memory safety issues, which account for a large portion of exploitable vulnerabilities.

Sept. 1, 2022

NSA, CISA, ODNI Release Software Supply Chain Guidance for Developers

The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and the Office of the Director of National Intelligence (ODNI) released Securing the Software Supply Chain for Developers today.

May 11, 2022

NSA, Partners Issue Guidance to Secure Managed Service Providers, Their Customers

In anticipation of increased malicious cyber targeting of managed service providers (MSPs), NSA joined cybersecurity authorities from the U.S., Australia, Canada, New Zealand, and the United Kingdom to release the “Protecting Against Cyber Threats to Managed Service Providers and their Customers” Cybersecurity Advisory.