NSA

In a joint cybersecurity advisory, the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Multi-State Information Sharing and Analysis Center (MS-ISAC) warn that threat actors used legitimate remote monitoring and management software to gain access to the networks of multiple federal civilian executive branch agencies. The advisory includes technical details, indicators of …

The US National Security Agency (NSA) has published IPv6 security guidance to help the Department of Defense (DoD) and other federal agencies with the transition to IPv6. One concern is dual stacked networks (networks that are running IPv4 and IPv6 at the same time), as this poses additional security risks, including an increased attack surface. …

Updated on 2022-12-15: 5G network slicing guidance CISA and the NSA have released new guidance this week for 5G network operators as part of a larger series they started earlier this week. This new one [PDF] touches on how mobile networks can best set up and defend 5G networks that have been split into smaller …

Updated on 2022-12-22: Memory safety The US Congress will require the National Cyber Director to study the use of memory safety languages in the federal government, according to a provision included in the Financial Services and General Government Appropriations Act 2023 [PDF, page 19]. Updated on 2022-12-01: Android and safe languages Google says that Android …

Updated on 2022-11-17: Securing the Supply Chain Guidance for Customers The US Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Office of the Director of National Intelligence have published Securing Software Supply Chain Series – Recommended Practices Guide for Customers. The publication is the third in a series of guidance …

The US National Security Agency (NSA) has released guidance regarding the Commercial National Security Algorithm Suite 2.0. The “advisory notifies National Security Systems (NSS) owners, operators, and vendors of future requirements for quantum-resistant (QR) algorithms for NSS.” NSA expects owners and operators of NSS to begin using QR algorithms by 2035.