Sept. 17, 2020

Reduce Risk of Network Compromises

FT. MEADE, Md. — The National Security Agency has released two cybersecurity information sheets (CSIs) with best practices to help National Security System (NSS) and Department of Defense (DoD) teleworkers and their systems administrators secure their networks and handle potential compromises.

Sept. 15, 2020

NSA Releases Cybersecurity Technical Report on UEFI Secure Boot Customization

WASHINGTON — The National Security Agency has released a UEFI Secure Boot Customization Cybersecurity Technical Report that provides detailed recommendations for customizing Secure Boot to better protect against firmware exploitation – a means attackers can use to gain persistent access to victim networks.

Aug. 13, 2020

NSA and FBI Expose Russian Previously Undisclosed Malware “Drovorub” in Cybersecurity Advisory

WASHINGTON — The National Security Agency (NSA) and the Federal Bureau of Investigation (FBI) released a new Cybersecurity Advisory about previously undisclosed Russian malware.

Aug. 4, 2020

How Mobile Device Users Can Limit Their Location Data Exposure

FORT MEADE, Md. — The National Security Agency released a Limiting Location Data Exposure Cybersecurity Information Sheet (CSI) today to guide National Security System (NSS) and Department of Defense (DoD) mobile device users on how they might reduce risk associated with sharing sensitive location data. The guide summarizes how and why mobile devices expose location data and explains potential risk that comes with using them. It provides mitigations to limit the sharing of this information, but warns there is no solution to fully mitigate a mobile device from being located.

May 28, 2020

Exim Mail Transfer Agent Actively Exploited by Russian GRU Cyber Actors

FORT MEADE, Md. — Russian military cyber actors, publicly known as Sandworm Team, have been exploiting a vulnerability in Exim mail transfer agent (MTA) software since at least last August.

April 24, 2020

Working from Home? Select and Use Collaboration Services More Securely

FORT MEADE, Md. — Article about NSA's release of cybersecurity guidance about selecting and safely using collaboration services for telework. NSA released a full and a short version of the guidance. By following the practical guidelines listed in this guidance, users can mitigate some of the risks posed by malicious cyber threat actors. 

April 22, 2020

Detect & Prevent Cyber Attackers from Exploiting Web Servers via Web Shell Malware

FORT MEADE, Md. — NSA Cybersecurity Information Sheet about detecting and mitigating web shell malware.

Feb. 12, 2020

Heading to RSA: NSA Brings Innovative Ideas to Cybersecurity Industry

FORT MEADE, Md. — Article previewing NSA's participation in the RSA 2020 conference.

Jan. 29, 2020

U.S. Cyber Command, NSA Poised to Support U.S. Election Security

USCC's Brig. Gen. Hartman & NSA's Dave Imbordino participate in the University of Southern California "Election Cyersecurity Initiative" forum, Jan. 28, 2020.

Jan. 14, 2020

A Very Important Patch Tuesday

FORT MEADE, Md. — On 14 January 2020, Microsoft released a patch for a Windows 10 vulnerability discovered by NSA (CVE-2020-0601).