China strongly condemns US cyber attacks on China’s Northwestern Polytechnical University

China strongly condemns the cyber attacks launched by the United States on China’s Northwestern Polytechnical University, and urges the U.S. side to offer an explanation and immediately stop its unlawful moves, Foreign ministry spokesperson Mao Ning said Monday. It was Read More …

CISA, NSA, and ODNI Release Part One of Guidance on Securing the Software Supply Chain

CISA, the National Security Agency (NSA), and the Office of the Director of National Intelligence (ODNI), have published part one of a three-part joint publication series, Securing Software Supply Chain Series – Recommended Practices for Developers. This guidance—created by the Read More …

US ‘actively defending against foreign interference and influence’ in midterms, Cyber Command says

US military and intelligence officials are stepping up their efforts to defend the electoral process from foreign hacking and disinformation as the November midterms approach, officials said Thursday. Officials are “actively defending against foreign interference and influence operations in U.S. Read More …

People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices

This joint Cybersecurity Advisory describes the ways in which People’s Republic of China (PRC) state-sponsored cyber actors continue to exploit publicly known vulnerabilities in order to establish a broad network of compromised infrastructure. These actors use the network to exploit Read More …

National Security Agency employee indicted for ‘leaking top secret info’

The United States Department of Justice (DoJ) has accused an NSA employee of sharing top-secret national security information with an unnamed person who worked in the private sector. According to a DoJ announcement and the indictment, an NSA staffer named Read More …

China captures powerful US NSA cyberspy tool

China captured a spy tool deployed by the US National Security Agency, which is capable of lurking in a victim’s computer to access sensitive information and was found to have controlled global internet equipment and stole large amounts of users’ Read More …

National Security Agency Cybersecurity Technical Report: Network Infrastructure Security Guidance

Guidance for securing networks continues to evolve as new vulnerabilities are exploited by adversaries, new security features are implemented, and new methods of securing devices are identified. Improper configuration, incorrect handling of configurations, and weak encryption keys can expose vulnerabilities Read More …

US Cyber Command head confirms direct actions against ransomware gangs

General Paul M. Nakasone, head of US Cyber Command confirmed during a recent national security event that his agency has begun taking direct action against international ransomware gangs as part of a larger effort to curtail attacks on American companies Read More …

UK and US join forces to strike back in cyber-space

The US and UK are joining forces to “impose consequences” on their shared adversaries who conduct malicious cyber-activities. The combined action would address “evolving threats with a full range of capabilities”, they said. The shared adversaries were not named but Read More …

NSA-CISA Guidance: Selecting and Hardening Remote Access VPN Solutions

Virtual Private Networks (VPNs) allow users to remotely connect to a corporate network via a secure tunnel. Through this tunnel, users can take advantage of the internal services and protections normally offered to on-site users, such as email/collaboration tools, sensitive Read More …