04 Aug 2021

Hackers target Kubernetes to steal data and processing power. Now the NSA has tips to protect yourself

The NSA recently released guidance regarding Kubernetes to aid organizations in deploying the open-source platform without exposing it to hackers seeking to steal data and processing power. The application is utilized by organizations for managing containerized applications. The guidance was a joint publication that was also authored by the DHS’s

Read More
02 Aug 2021

NSA Warns Public Networks are Hacker Hotbeds

The NSA has warned that attackers are targeting teleworkers taking advantage of free public networks to steal corporate data that may be sensitive. The US National Security Agency offered advice to security teams that are seeking the best wireless practices to protect corporate networks and personal devices. According to the

Read More
06 Jul 2021

Widespread Brute-Force Attacks Tied to Russia’s APT28

US and UK authorities have declared that a known advanced threat actor, APT28, also referred to as Fancy Bear or Strontium, has been tied to a range of brute-force password spraying attacks against hundreds of government and private sector targets worldwide, including European governments and military. The joint alert was

Read More
19 Apr 2021

NSA: 5 Security Bugs Under Active Nation-State Cyberattack

The National Security Agency (NSA) has released an alert warning that five vulnerabilities are being actively targeted by nation-state actors. The bugs affect VPN solutions, collaboration-suite software, and virtualization technologies in widely deployed platforms from Citrix, Fortinet, Pulse Secure, Synacor, and VMware. According to the NSA, the goal of the

Read More
23 Feb 2021

Chinese-Affiliated APT31 Cloned & Used NSA Hacking Tool

According to recent Check Point Security Research, Chinese threat actor group APT31 allegedly cloned and re-used a National Security Agency hacking tool years before Microsoft patched the severe vulnerability that it targeted. The tool was a Windows-based program that was referred to as “Jian” until the Microsoft vulnerability was patched

Read More
02 Feb 2021

SolarWinds Hack Prompts Congress to Put NSA in Encryption Hot Seat

Congress has called on the National Security Agency to be more transparent regarding a cyberattack that occurred in 2015 against Juniper Networks. The Juniper Networks supply-chain breach attack bears similarities to the recent SolarWinds espionage campaign, hence the emphasis on acquiring more information about it. Last week, SolarWinds sent a

Read More
27 Jan 2021

W.V. Woman Gets 11 Years for Trying to Hawk NSA Docs to Russia, Kidnapping Daughter

Elizabeth Jo Shirley, a 47-year-old West Virginia resident has been sentenced to over 11 years in federal prison after she kidnapped her daughter, fled to Mexico, and attempted to sell classified NSA information stolen from her place of work to Russia. Shirley pleaded guilty to all charges, including unlawfully retaining

Read More
18 Jan 2021

NSA Appoints Rob Joyce as Cyber Director

US cybersecurity official Rob Joyce has been named the new leader of the National Security Agency’s (NSA) Cybersecurity Directorate. Joyce was previously the NSA’s top representative in the UK. Joyce will replace Anne Neuberger, who was recently appointed Deputy National Security Advisor for Cyber and Emerging Technology on the National

Read More
15 Jan 2021

NSA Recommends Smart Use of DNS Resolvers

From Dark Reading: The National Security Agency recommended that enterprises use only their designated DNS resolver in DNS traffic and avoid third-party resolvers. Domain Name System technology, or DNS over HTTPS, DoH, can be abused by attackers. Companies using only their designated DNS server is the safest route and all

Read More
08 Dec 2020

The NSA Warns That Russia Is Attacking Remote Work Platforms

The COVID-19 pandemic has created a massive movement towards working from home, inadvertently also creating more opportunities for hackers. The National Security Agency (NSA) released an advisory warning that Russian-state sponsored hackers have been actively attacking a vulnerability in remote-work platforms developed by VMware. The agency also released a security

Read More