NSA News & Highlights

Results:
Tag: network

March 7, 2024

NSA Releases Top Ten Cloud Security Mitigation Strategies

The National Security Agency (NSA) is releasing “Top Ten Cloud Security Mitigation Strategies” to inform cloud customers about important security practices as they shift their data to cloud environments. The report is a compilation of ten Cybersecurity Information Sheets (CSIs), each on a different strategy. The Cybersecurity and Infrastructure Security Agency (CISA) joins NSA as a partner on six of the ten strategies.

Dec. 13, 2023

Russian Cyber Actors are Exploiting a Known Vulnerability with Worldwide Impact

The National Security Agency (NSA), Federal Bureau of Investigation (FBI), and co-authoring agencies warn that Russian Foreign Intelligence Service (SVR) cyber actors are exploiting a publicly known vulnerability to compromise victims globally, including in the United States and in allied countries. To raise awareness and help organizations identify, protect, and mitigate this malicious activity, the authoring agencies have jointly released the Cybersecurity Advisory (CSA), “Russian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE Globally.”

Dec. 12, 2023

NSA Issues Recommendations to Protect Software Defined Networking Controllers

The National Security Agency (NSA) has released the Cybersecurity Information Sheet (CSI), “Managing Risk from Software Defined Networking Controllers.” The report provides recommendations to help National Security Systems (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) network administrators mitigate the risks associated with software driven network management solutions, such as Software Defined Networking Controllers (SDNC).

Aug. 3, 2023

CISA, NSA, FBI and International Partners Issue Advisory on the Top Routinely Exploited Vulnerabilities in 2022

The “2022 Top Routinely Exploited Vulnerabilities” CSA provides details on the top Common Vulnerabilities and Exposures (CVEs) routinely exploited by malicious cyber actors who continue targeting unpatched systems and applications – all known vulnerabilities from 2017 to 2022 that have not been mitigated.

Aug. 2, 2023

NSA Releases Guide to Harden Cisco Next Generation Firewalls

The National Security Agency (NSA) has released a new Cybersecurity Technical Report (CTR) “Cisco Firepower Hardening Guide,” to assist network and system administrators with configuring these next generation firewalls (NGFWs).

June 14, 2023

NSA and CISA Release Guide To Protect Baseboard Management Controllers

Organizations need to take action to secure servers with Baseboard management controllers (BMCs). To assist network defenders in this, NSA and the Cybersecurity and Infrastructure Security Agency (CISA) jointly released the Cybersecurity Information Sheet, “Harden Baseboard Management Controllers.” The guidance includes recommendations and mitigations for network defenders to secure their systems.

May 9, 2023

U.S. Agencies and Allies Partner to Identify Russian Snake Malware Infrastructure Worldwide

The National Security Agency (NSA) and several partner agencies have identified infrastructure for Snake malware—a sophisticated Russian cyberespionage tool—in over 50 countries worldwide.

April 18, 2023

NCSC-UK, NSA, and Partners Advise about APT28 Exploitation of Cisco Routers

The National Security Agency (NSA) has partnered with the UK’s National Cyber Security Centre (NCSC), the Federal Bureau of Investigation (FBI), and the Cybersecurity and Infrastructure Security Agency (CISA) to publish a joint Cybersecurity Advisory (CSA) report on the tactics, techniques, and procedures (TTPs) associated with APT28’s exploitation of Cisco routers.

Feb. 22, 2023

NSA Releases Best Practices For Securing Your Home Network

FORT MEADE, Md. — The National Security Agency (NSA) released the “Best Practices for Securing Your Home Network” Cybersecurity Information Sheet (CSI) today to help teleworkers protect their home networks from malicious cyber actors.

Feb. 9, 2023

U.S., South Korean Agencies Partner to #StopRansomware Threat from DPRK

FORT MEADE, Md. — The National Security Agency (NSA) partnered with U.S. and South Korean government agencies to release a joint Cybersecurity Advisory today about the Democratic People's Republic of Korea (DPRK) ransomware threat.