Showing results by author "National Security Agency" in All Categories

The National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint cybersecurity advisory (CSA) to highlight the most common cybersecurity misconfigurations in large organizations, and detail the tactics, techniques, and procedures (TTPs) actors use to exploit these misconfigurations. Through NSA and CISA Red and Blue team assessments, as well as through the activities of NSA and CISA Hunt and Incident Response teams, the agencies identified the following 10 most common network misconfigurations.

The Enduring Security Framework1 established a working panel comprised of government and industry experts and conducted an in-depth review of the fifth-generation technology for broadband cellular networks standalone network slicing network architecture. This panel assessed the security, risks, benefits, design, deployment, operations, and maintenance of a 5G standalone network slice over two papers: Parts 1 and 2.

The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the National Institute of Standards and Technology (NIST) created this factsheet to inform organizations—especially those that support critical infrastructure—about the impacts of quantum capabilities and to encourage the early planning for migration to post-quantum cryptographic standards by developing a quantum-readiness road map.

Guidance for securing networks continues to evolve as new vulnerabilities are exploited by adversaries, new security features are implemented, and new methods of securing devices are identified. All networks are at risk of compromise, especially if devices are not properly configured and maintained. This report presents best practices for overall network security and protection of individual network devices, and will assist administrators in preventing an adversary from exploiting their network.

No Such Podcast pulls back the curtain on the National Security Agency. NSA’s very existence used to be classified, leading to its nickname, “No Such Agency.” Now, we’ve got stories to tell, and they just might surprise you! Hear from everyone at NSA, from senior leaders down to new hires, talk about what it’s really like to work at one of the most secretive agencies in the government.

The National Security Agency (NSA) formed a Cybersecurity Directorate in 2019 with the charge to prevent and eradicate threats to the United States’ National Security Systems and critical infrastructure, with an initial focus on the Defense Industrial Base and its service providers. Drawing on the NSA’s rich information assurance legacy, the Cybersecurity Directorate refocused to meet the demands of the present and the future. It integrated key parts of the NSA’s cybersecurity mission into a more public-facing organization determined to raise the cybersecurity bar.

The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI) assess that People’s Republic of China's state-sponsored malicious cyberactivity is a major threat to the US and allied cyberspace assets.

Don't be a victim! Malicious cyber actors may leverage your home network to gain access to personal, private, and confidential information. Help protect yourself, your family, and your work by practicing cybersecurity-aware behaviors, observing some basic configuration guidelines, and implementing the following mitigations on your home network.

The Snake implant is considered the most sophisticated cyber espionage tool designed and used by Center 16 of Russia’s Federal Security Service (FSB) for long-term intelligence collection on sensitive targets. To conduct operations using this tool, the FSB created a covert peer-to-peer (P2P) network of numerous Snake-infected computers worldwide.

Modern society relies heavily on software-based automation, implicitly trusting developers to write software that operates in the expected way and cannot be compromised for malicious purposes. While developers often perform rigorous testing to prepare the logic in software for surprising conditions, exploitable software vulnerabilities are still frequently based on memory issues. Examples include overflowing a memory buffer and leveraging issues with how software allocates and de-allocates memory.

The dramatic increase in cyber compromises over the past five years, specifically of software supply chains, prompted intense scrutiny of measures to strengthen the resilience of supply chains for software used throughout government and critical infrastructure. Several policies and working groups at multiple levels within the U.S. Government focus on this need to ensure the authenticity, integrity, and trustworthiness of software products.

Since World War II, the National Security Agency (NSA) and its predecessors have protected the United States’ most sensitive information. As technological advancements have created a more interconnected world with ever-increasing threats, NSA’s mission has expanded. NSA has embraced new responsibilities and operational authorities to ensure our networks remain secure.

Unmitigated vulnerabilities in the software supply chain continue to pose a significant risk to organizations and our nation. This paper builds on the previously released Recommended Practices Guide for a software supply chain’s development, production and distribution, and management processes, to further increase the resiliency of these processes against compromise.

Since the introduction of multi-user computer systems, user authentication has primarily relied on the use of usernames and passwords. To strengthen the authentication process, Multi-Factor Authentication (MFA) requires the user to present multiple elements in different categories, or “factors,” as part of an authentication attempt. These factors are something you have, something you know, and something you are.

BlackLotus is a recently publicized malware product garnering significant attention within tech media. Similar to 2020’s BootHole (CVE-2020-10713), BlackLotus takes advantage of a boot loader flaw—specifically CVE-2022-21894 Secure Boot bypass known as “Baton Drop”—to take control of an endpoint from the earliest phase of software boot.

Enterprise-grade servers, laptops, and desktops should be procured with a robust set of security artifacts, configurations, and capabilities. The security artifacts enable several risk mitigation techniques that should be used with an automated Acceptance Test process.