China captures powerful US NSA cyberspy tool

China captured a spy tool deployed by the US National Security Agency, which is capable of lurking in a victim’s computer to access sensitive information and was found to have controlled global internet equipment and stole large amounts of users’ Read More …

National Security Agency Cybersecurity Technical Report: Network Infrastructure Security Guidance

Guidance for securing networks continues to evolve as new vulnerabilities are exploited by adversaries, new security features are implemented, and new methods of securing devices are identified. Improper configuration, incorrect handling of configurations, and weak encryption keys can expose vulnerabilities Read More …

Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology

From at least January 2020, through February 2022, the Federal Bureau of Investigation (FBI), National Security Agency (NSA), and Cybersecurity and Infrastructure Security Agency (CISA) have observed regular targeting of U.S. cleared defense contractors (CDCs) by Russian state-sponsored cyber actors. Read More …

Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure

This joint Cybersecurity Advisory (CSA)—authored by the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and National Security Agency (NSA)—is part of our continuing cybersecurity mission to warn organizations of cyber threats and help the cybersecurity community Read More …

UK and US join forces to strike back in cyber-space

The US and UK are joining forces to “impose consequences” on their shared adversaries who conduct malicious cyber-activities. The combined action would address “evolving threats with a full range of capabilities”, they said. The shared adversaries were not named but Read More …

Dutch newspaper accuses US spy agencies of orchestrating 2016 Booking.com breach

Jointly US-Dutch owned Booking.com was illegally accessed by an American attacker in 2016 – and the company failed to tell anyone when it became aware of what happened, according to explosive revelations. The alleged miscreant, named as “Andrew”, is said Read More …

Former U.S. intel operatives to pay $1.6M for hacking for foreign govt

The U.S. government has entered a Deferred Prosecution Agreement (DPA) with three former intelligence operatives to resolve criminal charges relating to their offering of hacking services to a foreign government. Between 2016 and 2019, Marc Baier, Ryan Adams, and Daniel Read More …

NSA, Partners Release Cybersecurity Advisory on Brute Force Global Cyber Campaign

FORT MEADE, Md. – The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI) and the UK’s National Cyber Security Centre (NCSC) released a Cybersecurity Advisory today exposing malicious cyber activities by Russian military Read More …