NSA News & Highlights

NSA SPOTLIGHT

April 15, 2025

Georgia Tech Wins NSA's Codebreaker Challenge for Fourth Consecutive Year

FORT MEADE, Md. – For the fourth consecutive year, the Georgia Institute of Technology (Georgia Tech) took first place in the National Security Agency’s annual Codebreaker Challenge (CBC).

NSA and partners Issue Guidance on Fast Flux as a National Security Threat

Joint Publications Focus on Mitigation Strategies for Edge Devices

NSA and Others Publish Guidance for Secure OT Product Selection

Tag: Cyber

Dec. 4, 2024

U.S. Military Academy honored at White House for winning NSA’s 2024 Cyber Exercise

Feelings of pride, accomplishment, and excitement came over West Point cadets in the Indian Treaty Room of the Eisenhower Executive Office Building on Nov. 15, 2024 as The Honorable Harry Coker Jr., National Cyber Director, stepped to the podium.

Managing Risk from Software Defined Networking Controllers

Dec. 12, 2023

NSA Issues Recommendations to Protect Software Defined Networking Controllers

The National Security Agency (NSA) has released the Cybersecurity Information Sheet (CSI), “Managing Risk from Software Defined Networking Controllers.” The report provides recommendations to help National Security Systems (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) network administrators mitigate the risks associated with software driven network management solutions, such as Software Defined Networking Controllers (SDNC).

Phishing Guidance: Stopping the Attack Cycle at Phase One. Cybersecurity Information Sheet.

Oct. 18, 2023

How to Protect Against Evolving Phishing Attacks

The National Security Agency (NSA) and U.S. partners have released a new report describing the latest techniques in phishing attacks and the defenses organizations can deploy against them.

CSI: Quantum-Readiness: Migration to Post-Quantum Cryptography

Aug. 21, 2023

Post-Quantum Cryptography: CISA, NIST, and NSA Recommend How to Prepare Now

The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and National Institute of Standards and Technology (NIST) warned that cyber actors could target our nation’s most sensitive information now and leverage future quantum computing technology to break traditional non-quantum-resistant cryptographic algorithms. This could be particularly devastating to sensitive information with long-term secrecy requirements.

CSA: 2022 Top Routinely Exploited Vulnerabilities

Aug. 3, 2023

CISA, NSA, FBI and International Partners Issue Advisory on the Top Routinely Exploited Vulnerabilities in 2022

The “2022 Top Routinely Exploited Vulnerabilities” CSA provides details on the top Common Vulnerabilities and Exposures (CVEs) routinely exploited by malicious cyber actors who continue targeting unpatched systems and applications – all known vulnerabilities from 2017 to 2022 that have not been mitigated.

Aug. 2, 2023

NSA Releases Guide to Harden Cisco Next Generation Firewalls

The National Security Agency (NSA) has released a new Cybersecurity Technical Report (CTR) “Cisco Firepower Hardening Guide,” to assist network and system administrators with configuring these next generation firewalls (NGFWs).

Preventing Web Application Access Control Abuse

July 27, 2023

New Cybersecurity Advisory Warns About Web Application Vulnerabilities

The National Security Agency (NSA) has partnered with U.S. and international cyber agencies to release the Cybersecurity Advisory (CSA), “Preventing Web Application Access Control Abuse,” warning that vulnerabilities in web applications, including application programming interfaces (APIs), can allow malicious actors to manipulate and access sensitive data.

CSI: Defending Continuous Integration/Continuous Delivery (CI/CD) Environments

June 28, 2023

NSA and CISA Best Practices to Secure Cloud Continuous Integration/Continuous Delivery Environments

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) are publicly releasing a Cybersecurity Information Sheet (CSI) - “Defending Continuous Integration/Continuous Delivery (CI/CD) Environments” to provide recommendations for integrating security best practices into typical software development and operations (DevOps) CI/CD environments. The agencies encourage organizations to use the best practices to harden their CI/CD cloud deployments.

CSI: Harden Baseboard Management Controllers

June 14, 2023

NSA and CISA Release Guide To Protect Baseboard Management Controllers

Organizations need to take action to secure servers with Baseboard management controllers (BMCs). To assist network defenders in this, NSA and the Cybersecurity and Infrastructure Security Agency (CISA) jointly released the Cybersecurity Information Sheet, “Harden Baseboard Management Controllers.” The guidance includes recommendations and mitigations for network defenders to secure their systems.

North Korea Using Social Engineering to Enable Hacking of Think Tanks, Academic, and Media

June 1, 2023

U.S., ROK Agencies Alert: DPRK Cyber Actors Impersonating Targets to Collect Intelligence

The National Security Agency (NSA) is partnering with several organizations to highlight the Democratic People’s Republic of Korea’s (DPRK) use of social engineering and malware to target think tanks, academia, and news media sectors.

NSA News & Highlights

NSA SPOTLIGHT

Georgia Tech Wins NSA's Codebreaker Challenge for Fourth Consecutive Year

NSA.GOV

CULTURE

HELPFUL LINKS

RESOURCES

RELATED LINKS