Feb. 17, 2022

NSA Publishes Best Practices for Selecting Cisco Password Types

The National Security Agency published guidance today to help administrators secure network infrastructure devices and their credentials. The “Cisco Password Types: Best Practices” Cybersecurity Information Sheet analyzes Cisco’s wide variety of password encryption and hashing schemes to secure passwords stored in configuration files. NSA provides recommendations based on each password type and best practices to help administrators secure sensitive credentials.

Feb. 16, 2022

NSA, FBI, CISA Release Advisory on Protecting Cleared Defense Contractor Networks Against Years-Long Activity by Russian State-Sponsored Actors

The Federal Bureau of Investigation (FBI), Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) published a joint Cybersecurity Advisory today regarding Russian state-sponsored cyber actors ongoing efforts over the last several years to target U.S. cleared defense contractors. The advisory, “Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology,” details the industries and information Russian actors have targeted, common adversary tactics, detection and incident response actions, and mitigation recommendations. NSA and its partners assess that continued targeting is likely and recommend organizations apply the mitigations shared in the joint Cybersecurity Advisory.

Feb. 9, 2022

CISA, FBI, NSA and International Partners Issue Advisory on Ransomware Trends from 2021

WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA), along with the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC-UK) issued a joint Cybersecurity Advisory outlining the growing international threat posed by ransomware over the past year.

Feb. 3, 2022

NSA Releases 2021 Cybersecurity Year in Review

FORT MEADE, Md. — The National Security Agency released the 2021 NSA Cybersecurity Year in Review today to highlight how its cybersecurity mission continues to prevent and eradicate threats to the nation's most critical systems.

Jan. 20, 2022

NSA Recommends Adobe Acrobat Reader Security Configurations

The National Security Agency (NSA) released “Recommendations for Configuring Adobe® Acrobat® Reader® DC in a Windows® Environment” today. The technical report addresses the longstanding issue of cyber actors using malicious PDFs when targeting victim networks. Specifically, it details recommended Adobe Reader configuration settings for systems administrators to help minimize the risk of executable content and other malicious activity in a Windows environment.

Jan. 19, 2022

President Biden Signs Cybersecurity National Security Memorandum

The White House announced today that President Joe Biden has signed National Security Memorandum 8, “Improving the Cybersecurity of National Security, Department of Defense and Intelligence Community Systems.” This Memorandum implements the cybersecurity requirements of EO 14028 for National Security Systems (NSS) - networks across the U.S. Government that contain classified information or are otherwise critical to military and intelligence activities. The Memorandum provides the Director of the NSA, General Paul M. Nakasone, in his role as the National Manager for NSS, with enhanced insight and authorities to better safeguard these systems.

Jan. 18, 2022

NSA Announces Winners of annual Best Scientific Cybersecurity Research Paper Competition

Today, the National Security Agency announced the winning paper in the 9th annual “Best Cybersecurity Research Paper Competition”. Established in 2013, the competition encourages the development of scientific foundations in cybersecurity and supports cybersecurity improvements within devices, computers, and systems through rigorous research, solid scientific methodology, documentation and publishing.

Dec. 22, 2021

NSA’s Cybersecurity Collaboration Center Celebrates its First Year

One year ago, the National Security Agency (NSA) stood up the Cybersecurity Collaboration Center in an open business park outside NSA’s fence line, breaking down barriers between the Agency and the outside world.

Dec. 22, 2021

CISA, FBI, NSA, and International Partners Issue Advisory to Mitigate Apache Log4J Vulnerabilities

WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), National Security Agency (NSA), Australian Cyber Security Centre (ACSC), U.K. National Cyber Security Centre (NCSC) and Computer Emergency Response Team New Zealand (CERT-NZ) issued a joint cybersecurity advisory with technical details, mitigations, and resources to address known vulnerabilities in the Apache Log4j software library. This advisory provides critical guidance that any organization using products with Log4j should immediately implement.

Dec. 16, 2021

ESF Members, NSA and CISA publish the fourth installment of 5G cybersecurity guidance

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) published the fourth installment on securing integrity of 5G cloud infrastructures, Ensure Integrity of Cloud Infrastructure. As 5G networks and devices continue to increase in popularity, the importance of platform security to harden your systems against malicious cyber activity and persistence is apparent.