Official websites use .gov
Secure .gov websites use HTTPS
Sept. 28, 2023
NSA Releases Guidance on Acceptance Testing for Supply Chain Risk Management
The National Security Agency (NSA) has released the Cybersecurity Information Sheet (CSI) “Procurement and Acceptance Testing Guide for Servers, Laptops, and Desktop Computers” encouraging U.S. Government departments and agencies operating National Security Systems (NSS) to implement a robust supply chain risk management strategy.
Sept. 12, 2023
NSA, U.S. Federal Agencies Advise on Deepfake Threats
The National Security Agency (NSA) and U.S. federal agency partners have issued new advice on a synthetic media threat known as deepfakes. This emerging threat could present a cybersecurity challenge for National Security Systems (NSS), the Department of Defense (DoD), and DIB organizations.
Aug. 21, 2023
Post-Quantum Cryptography: CISA, NIST, and NSA Recommend How to Prepare Now
The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and National Institute of Standards and Technology (NIST) warned that cyber actors could target our nation’s most sensitive information now and leverage future quantum computing technology to break traditional non-quantum-resistant cryptographic algorithms. This could be particularly devastating to sensitive information with long-term secrecy requirements.
Aug. 3, 2023
CISA, NSA, FBI and International Partners Issue Advisory on the Top Routinely Exploited Vulnerabilities in 2022
The “2022 Top Routinely Exploited Vulnerabilities” CSA provides details on the top Common Vulnerabilities and Exposures (CVEs) routinely exploited by malicious cyber actors who continue targeting unpatched systems and applications – all known vulnerabilities from 2017 to 2022 that have not been mitigated.
July 27, 2023
New Cybersecurity Advisory Warns About Web Application Vulnerabilities
The National Security Agency (NSA) has partnered with U.S. and international cyber agencies to release the Cybersecurity Advisory (CSA), “Preventing Web Application Access Control Abuse,” warning that vulnerabilities in web applications, including application programming interfaces (APIs), can allow malicious actors to manipulate and access sensitive data.
June 14, 2023
NSA and CISA Release Guide To Protect Baseboard Management Controllers
Organizations need to take action to secure servers with Baseboard management controllers (BMCs). To assist network defenders in this, NSA and the Cybersecurity and Infrastructure Security Agency (CISA) jointly released the Cybersecurity Information Sheet, “Harden Baseboard Management Controllers.” The guidance includes recommendations and mitigations for network defenders to secure their systems.
May 23, 2023
#StopRansomware Guide Released by NSA and Partners
To guide network defenders in protecting against the rapidly evolving ransomware tactics of malicious cyber actors, the National Security Agency (NSA) and several partners are publicly releasing the “#StopRansomware Guide” Cybersecurity Information Sheet (CSI) today.
April 19, 2023
NSA Part of Coalition Highlighting Cybersecurity Best Practices for Smart Cities
The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) are partnering with international partners’ cybersecurity agencies to publish cybersecurity best practices for smart cities, which integrate public services into a connected environment to increase efficiencies and improve the quality of life in various communities.
April 30, 2021
Unique Competitive Advantages Drive Secretary of Defense Lloyd Austin's Visit to NSAW
FT. MEADE, Md. — Secretary of Defense Lloyd J. Austin III got a firsthand look into the offensive and defensive cyberspace operations in an eventful afternoon at NSA-Washington’s East Campus on Tuesday. It was the retired four-star Army general’s first official visit to U.S. Cyber Command (USCYBERCOM) and NSA as Secretary of Defense.
Feb. 26, 2021
The most prestigious trophy
FT. MEADE, Md. — One June 2, 1948, Sir Edward Travis, director of the U.K.’s Government Communications Headquarters (GCHQ), sent a letter to “Joe,” Captain Joseph Wenger, of the U.S. Naval Cryptologic Activity, Washington. Both organizations were successors to the wartime units that had cooperated in exploiting the communications of the Axis Powers in World War II.