Latest coverage for NSA

CISA, the FBI, the NSA, the Department of Energy, and other US government partners are warning that hackers are targeting internet-exposed automatic tank gauge (ATG) systems used to monitor fuel and liquid storage tanks across various critical infrastructure sectors. [...]

White House Cuts Proposed AI Review Period From 90 Days to 30President Trump signed an executive order creating a voluntary framework for evaluating advanced AI systems with significant cybersecurity capabilities, directing NSA, Treasury and CISA to establish classified benchmarks while avoiding mandatory licensing or preclearance requirements.

Under a draft executive order, the NSA, Treasury Department and other federal agencies would get 90-days to test new models for cybersecurity and national security concerns. The post Trump postpones executive order focused on AI security  appeared first on CyberScoop.

The guidance warns that agents capable of taking real-world actions on networks are already inside critical infrastructure, and most organizations are granting them far more access than they can safely monitor or control. The post US government, allies publish guidance on how to safely deploy AI agents appeared first on CyberScoop.

GrassMarlin leaks sensitive information, provided your targeting phishing skills are sharp enough

GrassMarlin leaks sensitive information, provided your targeting phishing skills are sharp enough The Cybersecurity and Infrastructure Security Agency (CISA) is warning anyone who uses GrassMarlin, a tool developed by the National Security Agency (NSA), about a new vulnerability that attackers can use to snoop on sensitive information.…

Chris Inglis was the head civilian in charge at the NSA when the Snowden leaks exploded. He gets candid about mistakes the organization made, and what CISOs need to know about spotting potential threats, media disclosures, and "enculturation."

A systemic numbness to cyberattacks has exposed the U.S. economy and its institutions to ever-widening threats. Retired four-star military officials worry the worst day in cyber is yet to come. The post Former NSA chiefs worry American offensive edge in cybersecurity is slipping appeared first on CyberScoop.

Four former NSA bosses walk onto the stage at RSAC… rsac 2026 There's a theoretical red line with cyber warfare. Cross it, and the US will respond with a physical attack like missile strikes. And that line "is whatever the President says it is," according to former NSA boss retired General Paul Nakasone.…

Four former NSA chiefs representing a near-complete history of US Cyber Command debate the role of offensive cyber in the government at RSAC.

'It freakin' worked' says Rob Joyce - and shows how relentless AI agents can find holes humans miss RSAC 2026 The now-infamous Anthropic report about Chinese cyberspies abusing Claude AI to automate cyberattacks was a Rorschach test for the infosec community, according to former NSA cyber boss Rob Joyce.…

Follows suggestions iPhone-pwning toolset bears hallmarks of zero-days that targeted Russian diplomats Russian cybersecurity outfit Kaspersky is waving away claims that an iPhone exploit kit recently uncovered by Google was developed by the same people who were behind a group of zero-days that allegedly compromised thousands of Russian diplomats in a 2023 campaign.…

New NSA Guidance Demands Continuous Access Checks, Implementation OverhaulThe National Security Agency's new zero trust guidance instructs agencies to move beyond login-based security by continuously assessing user behavior and app-layer activity in real time, aiming to close gaps that allow post-authentication abuse and elevate federal defenses against modern threats.

NSA released new guidelines to help organizations achieve target-level Zero Trust maturity

CISA and NSA have released a blueprint to enhance Microsoft Exchange Server security against cyber-attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA), along with international partners from Australia and Canada, have released guidance to harden on-premise Microsoft Exchange Server instances from potential exploitation

The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have released guidance to help IT administrators harden Microsoft Exchange servers on their networks against attacks. [...]

China on Sunday accused the U.S. National Security Agency (NSA) of carrying out a "premeditated" cyber attack targeting the National Time Service Center (NTSC), as it described the U.S. as a "hacker empire" and the "greatest source of chaos in cyberspace." The Ministry of State Security (MSS), in a WeChat post, said it uncovered "irrefutable evidence" of the agency's involvement in the intrusion

Broadcom has released security updates to patch two high-severity VMware NSX vulnerabilities reported by the U.S. National Security Agency (NSA). [...]

Plus: Google clears up Gmail concerns, NSA drops SBOM bomb, Texas sues PowerSchool, and more Infosec in brief The US Cybersecurity and Infrastructure Security Agency (CISA) has said two flaws in routers made by Chinese networking biz TP-Link are under active attack and need to be fixed – but there's another flaw being exploited as well.…