national security agency - Page 1

Security leaders discuss CISA advisory of IDOR web app vulnerabilities

July 31, 2023

Security leaders talk about a new advisory released by CISA which warns of web applications about insecure direct object reference (IDOR) vulnerabilities.

Security leaders discuss NSA guide to mitigate BlackLotus threat

Rachelle Blair-Frasier

June 28, 2023

The National Security Agency (NSA) is warning of a known vulnerability in the Microsoft Windows secure startup process that malicious actors could use to bypass Secure Boot protection and execute BlackLotus malware.

CISA releases joint guide to securing remote access software

Security Staff

June 6, 2023

CISA has released a joint guide that informs organizations how to detect and defend against malicious actors abusing remote access software.

Secure-by-design and -default principles released by CISA

Security Staff

April 13, 2023

New joint guidance by CISA and other governmental agencies prompts software manufacturers to ship products that are secure-by-design and -default.

Cybersecurity memo standardizes federal incident response

Madeline Lauver

January 20, 2022

National Security Agency Chief of Cybersecurity Policy and Strategy Greg Bednarski offers insight into the implications of President Biden's latest cybersecurity memorandum.

Man holds smart phone in front of computer

NSA awards $500,000 cybersecurity grant to University of Missouri research

October 6, 2021

Cybersecurity researchers from the University of Missouri seek to develop a security tool that allows smart devices to learn from past cyberattacks with minimal user interaction. The cybersecurity feature would be functional across different types of smart devices and aim to prevent both small- and large-scale cyberattacks in the future.

NSA issues guidance on securing wireless devices in public settings

August 3, 2021

NSA released the Cybersecurity Information Sheet, “Securing Wireless Devices in Public Settings,” to help National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) teleworkers identify potential threats and minimize risks to their wireless devices and data.

NSA releases cybersecurity advisory on ensuring security of operational technology

May 4, 2021

The National Security Agency (NSA) released the Cybersecurity Advisory, “Stop Malicious Cyber Activity Against Connected Operational Technology.” The CSA details how to evaluate risks to systems and improve the security of connections between OT and enterprise networks. Information technology (IT) exploitation can serve as a pivot point for OT exploitation, so carefully evaluating the risk of connectivity between IT and OT systems is necessary to ensure unique cybersecurity requirements are met.

Russian foreign intelligence service exploiting five publicly known vulnerabilities to compromise U.S. and allied networks

April 16, 2021

The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) jointly released a Cybersecurity Advisory, “Russian SVR Targets U.S. and Allied Networks,” to expose ongoing Russian Foreign Intelligence Service (SVR) exploitation of five publicly known vulnerabilities. This advisory is being released alongside the U.S. government’s formal attribution of the SolarWinds supply chain compromise and related cyber espionage campaign. We are publishing this product to highlight additional tactics, techniques, and procedures being used by SVR so that network defenders can take action to mitigate against them.

UWF re-designated as Cybersecurity Regional Hub for the Southeast US

December 10, 2020

The University of West Florida has been re-designated by the National Security Agency and Department of Homeland Security as the Southeast Centers of Academic Excellence in Cybersecurity (CAE-C) Regional Hub.