Oct. 7, 2021

Avoid Dangers of Wildcard TLS Certificates, the ALPACA Technique

NSA released the Cybersecurity Information Sheet, “Avoid Dangers of Wildcard TLS Certificates and the ALPACA Technique” today, warning network administrators about the risks of using poorly scoped wildcard Transport Layer Security (TLS) certificates. NSA recommends several actions web administrators should take to keep their servers secure. This guidance also outlines the risks of falling victim to a web application exploitation method called Application Layer Protocols Allowing Cross-Protocol Attacks (ALPACA), which malicious cyber actors can use to access sensitive information.

Oct. 6, 2021

NSA Releases Cybersecurity Awareness Month Wallpapers for 2021

FORT MEADE, Md. — Each year, National Security Agency (NSA) partners with the National Cyber Security Alliance (NCSA) and the Department of Homeland Security (DHS) for Cybersecurity Awareness Month. In honor of this year’s celebration, NSA offers wallpaper backgrounds for electronic devices that provide a reminder to #BeCyberSmart.

Oct. 1, 2021

Cybersecurity is a Team Sport – Be a Champion this Cybersecurity Awareness Month

FORT MEADE, Md. — NSA is proud to join the global effort to promote strong cybersecurity practices during the 18th annual Cybersecurity Awareness Month.

Oct. 1, 2021

Cybersecurity Speaker Series: Embracing a Zero Trust Mindset

FORT MEADE, Md. — NSA released the second episode in the Cybersecurity Collaboration Center Speaker Series, exploring the concept of Zero Trust, and outlining first steps organizations can take. The Cybersecurity Speaker Series highlights experts at NSA, sharing their insights, lessons learned, and contributions of their work in cybersecurity.

Sept. 28, 2021

NSA, CISA Release Guidance on Selecting and Hardening Remote Access VPNs

FORT MEADE, Md. — The National Security Agency and the Cybersecurity and Infrastructure Security Agency (CISA) released a joint Cybersecurity Information Sheet today detailing factors to consider when choosing a virtual private network (VPN) and top configurations for deploying it securely. “Selecting and Hardening Remote Access VPN Solutions” also will help leaders in the Department of Defense, National Security Systems and the Defense Industrial Base better understand the risks associated with VPNs.

Sept. 22, 2021

CISA, FBI, and NSA Release Conti Ransomware Advisory to Help Organizations Reduce Risk of Attack

The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and National Security Agency (NSA) published a cybersecurity advisory today regarding increased Conti ransomware cyberattacks. The advisory includes technical details on the threat and mitigation steps that public and private sector organizations can take to reduce their risk to this ransomware.

Sept. 11, 2021

NSA Remembers 9/11: Twenty Years On

FORT MEADE, Md. — Twenty years ago today, our nation suffered an attack unlike anything since Pearl Harbor. We pause today to reflect on this somber event, in remembrance of those we have lost and in solidarity with those affected in a multitude of ways. We have been changed, all of us, both as a nation and as members of the intelligence community.

Sept. 1, 2021

NSA welcomes Gilbert Herrera as the Director of Research

FORT MEADE, Md. — On 16 August 2021, Gilbert V. (Gil) Herrera was appointed as the Director of Research at the National Security Agency (NSA). NSA’s Research Directorate conducts world-class scientific research to develop new and innovative techniques and technologies to enable the SIGINT and Cybersecurity missions of NSA/CSS as well as joint-authority missions of the Intelligence Community and Department of Defense.

July 29, 2021

Defeating malicious cyber actors requires partnerships

ANNAPOLIS, Md. — Participating on a panel alongside other high-level officials from the federal, state and private sector, National Security Agency Deputy Director George Barnes discussed NSA’s role within the nation’s shared response to future malicious cyber activities during Thursday’s Annapolis Cybersecurity Summit.

July 29, 2021

NSA Issues Guidance on Securing Wireless Devices in Public Settings

FORT MEADE, Md. — NSA released the Cybersecurity Information Sheet, “Securing Wireless Devices in Public Settings” today to help National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) teleworkers identify potential threats and minimize risks to their wireless devices and data.