March 1, 2022

NSA Details Network Infrastructure Best Practices

The National Security Agency (NSA) released the “Network Infrastructure Security Guidance” Cybersecurity Technical Report today. The report captures best practices based on the depth and breadth of experience in supporting customers and responding to threats. 

Feb. 17, 2022

NSA Publishes Best Practices for Selecting Cisco Password Types

The National Security Agency published guidance today to help administrators secure network infrastructure devices and their credentials. The “Cisco Password Types: Best Practices” Cybersecurity Information Sheet analyzes Cisco’s wide variety of password encryption and hashing schemes to secure passwords stored in configuration files. NSA provides recommendations based on each password type and best practices to help administrators secure sensitive credentials.

Feb. 16, 2022

NSA, FBI, CISA Release Advisory on Protecting Cleared Defense Contractor Networks Against Years-Long Activity by Russian State-Sponsored Actors

The Federal Bureau of Investigation (FBI), Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) published a joint Cybersecurity Advisory today regarding Russian state-sponsored cyber actors ongoing efforts over the last several years to target U.S. cleared defense contractors. The advisory, “Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology,” details the industries and information Russian actors have targeted, common adversary tactics, detection and incident response actions, and mitigation recommendations. NSA and its partners assess that continued targeting is likely and recommend organizations apply the mitigations shared in the joint Cybersecurity Advisory.

Feb. 9, 2022

CISA, FBI, NSA and International Partners Issue Advisory on Ransomware Trends from 2021

WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA), along with the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC-UK) issued a joint Cybersecurity Advisory outlining the growing international threat posed by ransomware over the past year.

Feb. 3, 2022

NSA Releases 2021 Cybersecurity Year in Review

FORT MEADE, Md. — The National Security Agency released the 2021 NSA Cybersecurity Year in Review today to highlight how its cybersecurity mission continues to prevent and eradicate threats to the nation's most critical systems.

Jan. 20, 2022

NSA Recommends Adobe Acrobat Reader Security Configurations

The National Security Agency (NSA) released “Recommendations for Configuring Adobe® Acrobat® Reader® DC in a Windows® Environment” today. The technical report addresses the longstanding issue of cyber actors using malicious PDFs when targeting victim networks. Specifically, it details recommended Adobe Reader configuration settings for systems administrators to help minimize the risk of executable content and other malicious activity in a Windows environment.

July 29, 2021

NSA Issues Guidance on Securing Wireless Devices in Public Settings

FORT MEADE, Md. — NSA released the Cybersecurity Information Sheet, “Securing Wireless Devices in Public Settings” today to help National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) teleworkers identify potential threats and minimize risks to their wireless devices and data.

July 19, 2021

NSA, CISA, and FBI detail Chinese State-Sponsored Actions, Mitigations

FORT MEADE, Md. — The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) released a Cybersecurity Advisory, Chinese State-Sponsored Cyber Operations: Observed TTPs. This advisory describes over 50 tactics, techniques, and procedures (TTPs) Chinese state-sponsored cyber actors used when targeting U.S. and allied networks, and details mitigations.

July 1, 2021

NSA, Partners Release Cybersecurity Advisory on Brute Force Global Cyber Campaign

FORT MEADE, Md. — The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI) and the UK’s National Cyber Security Centre (NCSC) released a Cybersecurity Advisory today exposing malicious cyber activities by Russian military intelligence against U.S. and global organizations, starting from mid-2019 and likely ongoing. This advisory is being released as part of NSA's routine and continuing cybersecurity mission to warn network defenders of nation state threats.

June 17, 2021

NSA Releases Guidance on Securing Unified Communications and Voice and Video over IP Systems

FORT MEADE, Md. — NSA released a Cybersecurity Technical Report today that provides best practices and mitigations for securing Unified Communications (UC) and Voice and Video over IP (VVoIP) call-processing systems. The comprehensive report, “Deploying Secure Unified Communications/Voice and Video over IP Systems,” also describes potential risks to UC/VVoIP systems that aren’t properly secured.