US cybersecurity official Rob Joyce has been named the new leader of the National Security Agency’s (NSA) Cybersecurity Directorate. Joyce was previously the NSA’s top representative in the UK. Joyce will replace Anne Neuberger, who was recently appointed Deputy National Security Advisor for Cyber and Emerging Technology on the National
The National Security Agency recommended that enterprises use only their designated DNS resolver in DNS traffic and avoid third-party resolvers. Domain Name System technology, or DNS over HTTPS, DoH, can be abused by attackers. Companies using only their designated DNS server is the safest route and all other resolvers should
The COVID-19 pandemic has created a massive movement towards working from home, inadvertently also creating more opportunities for hackers. The National Security Agency (NSA) released an advisory warning that Russian-state sponsored hackers have been actively attacking a vulnerability in remote-work platforms developed by VMware. The agency also released a security
Although the NSA has maintained that its mass surveillance program was efficient in stopping terrorist attacks, a new US court ruling found that the program may have been illegal, even unconstitutional. The mass surveillance program perpetrated by the NSA was exposed in 2013 by a former contractor and whistleblower Edward
Two government agencies, the NSA and the FBI, have warned about a new malware variant called Drovorub that intentionally targets Linux systems and was constructed by the Russian military for use in cyber-espionage operations. Drovorub boasts a variety of espionage capabilities, including file stealing and remote code execution. According to
The US National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have released a joint advisory that foreign adversaries could be actively targeting US critical infrastructure across the nation. The alert states that infrastructure such as power plants, factories, oil, and gas refineries could be among the
On Thursday, the US National Security Agency (NSA) released a warning to government partners and private companies about an ongoing Russian hacking operation that targets operating systems behind computer infrastructure. This intrusion technique actively exploits a vulnerability that the NSA advised companies to take seriously. The notice is part of
The Intelligence Workstation of the Future will empower analysts in new ways, combining the most modern analytical and visualization tools with enterprise security and governance technologies. This post explores this workstation, leading to actionable recommendations that organizations can put in place now to bring this concept to reality sooner vice later.
On Tuesday, the Office of the Director of National Intelligence unveiled plans for a new approach to combatting cyber threats that encourages greater private sector participation. A document related to the strategy will be released on Monday. An overview of the plan was released at an event hosted by the
Last week, the security community was in a flurry around the disclosure of a severe vulnerability (known as CVE-2020-0601) in Microsoft’s Windows operating system. Notably, it was because the National Security Agency (NSA) tipped off Microsoft, helping the tech giant patch the flaw instead of exploiting it for national security missions. NSA was praised for its cultural shift from offense to defense, however, in my opinion, not all that glitters is gold.