Nov. 12, 2024

CISA, NSA, and Partners Issue Annual Report on Top Exploited Vulnerabilities

FORT MEADE, Md. - Malicious cyber actors are increasingly exploiting zero day vulnerabilities to compromise enterprise networks, according to an annual Cybersecurity Advisory (CSA) about the top routinely exploited vulnerabilities co-authored by the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and domestic and foreign partners.
 

Oct. 16, 2024

Iranian Cyber Actors Access Critical Infrastructure Networks

FORT MEADE, Md. – The National Security Agency (NSA) is joining the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) in releasing a Cybersecurity Advisory (CSA), “Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations,” to warn network defenders of malicious activity that can enable persistent access in sensitive systems.

Oct. 10, 2024

NSA Issues Updated Guidance on Russian SVR Cyber Operations

FORT MEADE, Md. - The National Security Agency (NSA) joins the Federal Bureau of Investigation (FBI), the United States Cyber Command’s Cyber National Mission Force (CNMF), and the United Kingdom National Cyber Security Centre (NCSC) to warn network defenders about ongoing Russian Federation Foreign Intelligence Service (SVR) cyber threats and to recommend rapid countermeasures for security patching and mitigating systems.

Sept. 18, 2024

NSA and Allies Issue Advisory about PRC-Linked Actors and Botnet Operations

FORT MEADE, Md. - The National Security Agency (NSA) joins the Federal Bureau of Investigation (FBI), the United States Cyber Command’s Cyber National Mission Force (CNMF), and international allies in releasing new information about People’s Republic of China (PRC)-linked cyber actors who have compromised internet-connected devices worldwide to create a botnet and conduct malicious activity.

July 25, 2024

NSA Joins FBI and Others to Warn of North Korea Cyber Espionage Campaign

FORT MEADE, Md. – The National Security Agency (NSA) joins the Federal Bureau of Investigation (FBI) and others in releasing the joint Cybersecurity Advisory (CSA), “North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs.” The CSA includes detection methods and mitigation measures to help counter the malicious activity.

July 8, 2024

NSA Joins in Releasing Case Studies Showing PRC Tradecraft in Action

FORT MEADE, Md. – The National Security Agency (NSA) is joining the Australian Signals Directorate (ASD) and other agencies to publish a Cybersecurity Advisory (CSA) detailing the tradecraft used by a cyber actor group associated with the People’s Republic of China (PRC) Ministry of State Security (MSS). “PRC MSS Tradecraft in Action” helps cybersecurity practitioners prevent, identify, and remediate intrusions against their own networks by sharing significant case studies of the adversary’s tactics and techniques.

May 2, 2024

NSA Highlights Mitigations against North Korean Actor Email Policy Exploitation

FORT MEADE, Md. – The National Security Agency (NSA) joins the Federal Bureau of Investigation (FBI) and the U.S. Department of State in releasing the Cybersecurity Advisory (CSA), “North Korean Actors Exploit Weak DMARC Security Policies to Mask Spearphishing Efforts,” to protect against Democratic People’s Republic of Korea (DPRK, aka North Korea) techniques that allow emails to appear to be from legitimate journalists, academics, or other experts in East Asian affairs.

Feb. 27, 2024

Russian Cyber Actors Use Compromised Routers to Facilitate Cyber Operations

FORT MEADE, Md. – The National Security Agency (NSA) has joined the Federal Bureau of Investigation (FBI) and other co-sealers to publish a Cybersecurity Advisory (CSA), “Russian Cyber Actors Use Compromised Routers to Facilitate Cyber Operations,” outlining observed tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), and mitigation recommendations for EdgeRouter users and other network defenders.

Jan. 25, 2023

NSA, CISA, and MS-ISAC Release Guidance for Securing Remote Monitoring and Management Software

The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Multi-State Information Sharing and Analysis Center (MS-ISAC) released the “Protecting Against Malicious Use of Remote Monitoring and Management Software” Cybersecurity Advisory (CSA) today to help network defenders protect against the malicious use of legitimate remote monitoring and management (RMM) software.

Oct. 6, 2022

NSA, CISA, FBI Reveal Top CVEs Exploited by Chinese State-Sponsored Actors

In a Cybersecurity Advisory released today, the National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) exposed the “Top Common Vulnerabilities and Exposures (CVEs) Actively Exploited by People’s Republic of China State-Sponsored Cyber Actors” since 2020.