NSA Cyber
@NSACyber
Followers
134,025
Following
17
Media
206
Statuses
433
We protect our nation’s most sensitive systems against cyber threats. Likes, retweets, and follows ≠ endorsement.
Joined November 2019
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
Champions
• 233722 Tweets
Dortmund
• 202198 Tweets
Senna
• 181279 Tweets
Sancho
• 154550 Tweets
Gustavo Petro
• 141735 Tweets
Mbappé
• 96629 Tweets
#BVBPSG
• 85865 Tweets
Madonna
• 85332 Tweets
Boulos
• 80968 Tweets
Paco Villa
• 61660 Tweets
CRIME ELEITORAL
• 52843 Tweets
Rio Grande do Sul
• 42412 Tweets
Flopou
• 37656 Tweets
Ramos
• 34224 Tweets
Dembele
• 32965 Tweets
Canelo
• 26669 Tweets
Kolo Muani
• 23227 Tweets
باريس
• 21324 Tweets
دورتموند
• 17584 Tweets
Adeyemi
• 16890 Tweets
Fabian Ruiz
• 15631 Tweets
Fullkrug
• 15600 Tweets
Nuno Mendes
• 15299 Tweets
Hakimi
• 13536 Tweets
フジコ・ヘミングさん
• 12695 Tweets
Timmy
• 12336 Tweets
Luis Enrique
• 11463 Tweets
De La Hoya
• 11076 Tweets
#TierraDeNadie8
• 10895 Tweets
Barcola
• 10461 Tweets
Malicious cyber actors are using two sets of
#TTPs
to access protected data in the
#cloud
. Detect and mitigate against this activity by reviewing our latest
#cybersecurity
advisory:
60
838
2K
Russian Foreign Intelligence Service (SVR) cyber actors are exploiting five publicly known vulnerabilities to target U.S. and allied critical networks. Review our joint
#cybersecurity
guidance with
@CISAgov
and
@FBI
and apply the mitigations to stop them:
96
1K
2K
The Russian GRU 85th GTsSS, sometimes publicly known as
#APT28
or
#FancyBear
, is using a previously undisclosed
#Linux
malware called Drovorub for cyber espionage operations.
For full details and mitigations, review our
#cybersecurity
advisory with
@FBI
:
70
1K
2K
If malicious cyber actors gain initial access to networks through the
#SolarWinds
compromise, the TTPs noted in our advisory may be used to forge credentials and maintain persistent access. Our guidance helps detect and mitigate against this, no matter the initial access method.
Malicious cyber actors are using two sets of
#TTPs
to access protected data in the
#cloud
. Detect and mitigate against this activity by reviewing our latest
#cybersecurity
advisory:
60
838
2K
36
391
863
Today our
#Ghidra
team pushed a preview debugger on
@GitHub
.
#Developers
and testers, check out this long awaited feature:
41
317
966
NSA urges applying critical Microsoft patches released today, as exploitation of these
#vulnerabilities
could allow persistent access and control of enterprise networks.
31
741
1K
Great news! A new version of D3FEND is now available at . D3FEND enables other cyber professionals to tailor defenses against specific cyber threats and reduce a system's potential attack surface. Learn more about D3FEND here:
18
404
1K
Russian state-sponsored cyber actors are exploiting
#vulnerability
CVE-2020-4006 affecting VMware Workspace ONE Access. We recommend patching immediately. Read our latest
#cybersecurity
advisory for details, including detection and mitigation actions:
21
466
747
We collaborated with
@CISAgov
&
@FBI
on our
#cybersecurity
advisory, detailing Chinese state-sponsored actor
#TTPs
used against U.S. and allied networks. For a thorough understanding of this cyberthreat, read our overview, observed TTPs & mitigations.
40
429
767
D3FEND, a MITRE research project funded by the NSA, improves the
#cybersecurity
of NSS, DoD, and the DIB by providing defensive countermeasures for common offensive techniques. Learn more here:
16
389
721
Zero Trust assumes all users, devices, and network components to be untrusted until verified as legitimate. For more on how
#ZeroTrust
can enhance your organization’s security, review our latest
#cybersecurity
release:
129
336
673
Sandworm Team, Russian GRU Main Center for Special Technologies actors, continue to exploit Exim mail transfer agent
#vulnerability
, CVE-2019-10149.
Patch to the latest version to protect your networks. Learn more here:
16
417
612
ELITEWOLF is on the hunt! NSA released a repository of signatures and analytics to secure Operational Technology. Check it out on GitHub:
30
207
625
Our recent
#cybersecurity
advisory with
@CISAgov
@FBI
&
@NCSC
publicly exposes a global brute force campaign. Exploitation is likely ongoing. Review our advisory for
#IOCs
and
#mitigation
techniques:
22
333
555
Our UEFI Secure Boot Customization
#cybersecurity
report explains how system admins can customize Secure Boot to better protect against firmware threats, including the recent
#BootHole
vulnerability CVE-2020-10713. Read the detailed recommendations here:
9
272
533
Russian FSB cyber actors are deploying cyberespionage malware targeting over 50 countries. Take action to keep FSB’s Snake malware out of your networks. Learn how to detect and mitigate associated malicious activities.
81
242
525
A proof of concept exploit has been released for Windows Netlogon vulnerability CVE-2020-1472. We expect it to be used.
Install the patch and implement additional instructions in Microsoft article KB4557222.
Remember to patch CVE-2020-1472—an elevation of privilege vulnerability in Microsoft’s Netlogon. Read more at .
#Cyber
#Cybersecurity
#InfoSec
2
119
114
11
334
512
Are you teleworking? Just use your laptop to watch your favorite shows? Malicious actors have ramped up their attacks on home networks. Make your network an unattractive target by following NSA’s best practices for securing your home network:
29
204
443
Multiple zero-day exploits of Microsoft Exchange Server require immediate action. Check for reported IOCs and apply critical patches here:
9
303
448
Don’t let cyber actors sneak into your network. NSA and joint authors have released a cybersecurity advisory so you can identify and defend against PRC-linked cyber actor BlackTech.
21
215
436
DPRK cyber actors continue impersonating legitimate journalists, academics, and think tank employees in coordinated spearphishing campaigns. Read our joint advisory to learn about their tactics and our mitigations to protect against these attacks.
54
191
374
Today’s
#cybersecurity
release recommends how enterprises can adopt the encrypted DNS protocol DoH without sacrificing security control. Network owners and admins must understand the benefits/risks before adopting. Read more:
16
201
354
Cisco device admins should use password protection Type 8 whenever possible to keep their passwords secure. For details on the types available and issues with using weak encryption, read our best practices guide
21
145
332
Iranian cyber actors are exploiting known vulnerabilities to access U.S. critical infrastructure networks and conduct follow-on operations. Read our latest joint report with our partners to detect and mitigate this threat:
29
150
327
CVE-2020-10713 poses significant risk to Linux and Windows systems. Follow the mitigations in our
#Cybersecurity
Advisory to protect against this GRUB2
#BootHole
vulnerability.
12
183
276
#Mobile
devices store and share device
#geolocation
data by design. To limit risk of your location data being exposed, follow the guidance in our newest
#cybersecurity
information sheet
23
174
261
#BlackMatter
#ransomware
-as-a-service has been targeting U.S. critical infrastructure since July 2021. We partnered with
@CISAgov
and
@FBI
to share the advisory with actor TTPs and mitigations.
11
179
311
As
#CyberMonth
comes to a close, don't forget the work doesn't stop here! Join our team and play a role in helping others
#BeCyberSmart
21
85
297
Network infrastructure security is critical. Administrators can leverage our technical report to help prioritize next steps in their work to strengthen networks against adversary targeting attempts.
9
147
295
Protect against the
#Conti
#ransomware
threat using the
#cybersecurity
guidance from
@CISAgov
,
@FBI
and NSA. Understand Conti group TTPs and take immediate action:
19
156
295
Actors are forging SAML authentication to access protected data in the cloud.
@msftsecresponse
has observed similar techniques and additional TTPs. Visit their blog for more countermeasures:
17
128
262
People’s Republic of China-sponsored actors are targeting U.S. critical infrastructure, pre-positioning for disruptive actions. We’ve joined with
@CISACyber
,
@FBI
, and others to address this activity. Read our advisory now:
49
128
280
APT actors are targeting certain ICS/SCADA devices and could gain full system access if undetected. We urge organizations to apply the detection and mitigation recommendations in our joint advisory to thwart this activity.
29
161
262
Don’t let a malicious actor take advantage of you. Learn how to hunt and mitigate a PRC state-sponsored cyber actor who may be using your systems’ resources to hide their activities.
24
155
265
Ransomware incidents targeting critical infrastructure were on the rise in 2021. Protect against the threat using the joint cybersecurity guidance from
@FBI
,
@CISAGov
,
@CyberGovAu
, and
@NCSC
to help reduce the risk of compromise. Read more here:
27
135
257
Fancy Bear doesn’t hibernate – they’ve been abusing popular routers since 2022. To counter this Russian state-sponsor activity, we’ve joined
@FBI
,
@CNMF_CyberAlert
, and international co-sealers to release actionable guidance. Read our report:
25
160
260
Chinese state-sponsored malicious cyber actors are exploiting publicly known
#vulnerabilities
. Network defenders should take action to protect against this activity.
For a full list of CVEs & related mitigations review our latest
#cybersecurity
advisory:
14
172
246
Log4j vulnerabilities continue to be exploited–keep watch for updates from vendors. Read the advisory with
@CISAgov
,
@FBI
,
@CyberGovAU
,
@NCSC
,
@CERTNZ
&
@cybercentre_ca
for a summary of the threats and mitigations to defend your IT and OT assets.
36
129
250
Since the earliest days of computers, NSA has been focused on ensuring security for all. The Rainbow Series was the start of cybersecurity as we know it today. Read the original guidance here:
25
76
253
Malicious actors regularly exploit poor security and misconfigurations to gain access to networks. The latest joint release captures what you can do to keep networks safe from these commonly exploited controls and practices.
38
133
240
Our 2023 Year in Review is out now – read it to learn about our work on AI, strategic competition, and more, all possible because of our strong partnerships:
30
109
250
Thousands of cybersecurity students and network defenders have used
#Ghidra
to build and research current technologies since its release — head over to to check it out.
40
68
223
We expect to see an increase in targeting of managed service providers. This joint advisory with
@NCSC
,
@CISAgov
,
@FBI
,
@CyberGovAU
, and
@cybercentre_ca
highlights key actions for MSPs and their customers to secure communications and other sensitive data.
42
128
211
The quantum computing era is fast approaching and qubits are coming. Learn how to prepare and protect against malicious use of quantum computers.
139
138
220
Microsoft has released a powershell script for deploying critical
#mitigations
related to the Microsoft Exchange Vulnerabilities. If network defenders can't patch in a timely fashion, use the released script to shrink the attack surface.
View the script:
10
141
225
Cybersecurity Awareness Month is almost here! We are looking forward to another great year of partnership with
@DHSgov
and
@CISAgov
to kick off
#CyberMonth
and promote best practices in cyber!
#BeCyberSmart
50
98
227
Adversaries are seeking to influence the design and manufacturing of DoD microelectronics critical to national security. NSA released two technical reports today to help DoD protect field programmable gate array (FPGA) systems from adversary influence.
22
100
214
The future is here: AI systems are widely available and accessible. But with new systems come new risks. Along with partners, we’re releasing a new set of best practices to help your org stay secure. Read “Deploying AI Systems Securely” now:
21
90
224
Don’t get fooled by deepfakes. Learn about synthetic media threats, techniques, and trends, and how to protect against them.
35
109
216
CVE-2020-1350 represents significant risk to Windows DNS servers.
#Patch
or apply the mitigation steps today, you should expect adversaries are hard at work writing exploits for this
#vulnerability
. Check out our detailed guidance:
14
131
196
Don’t let malicious actors use your remote access as backdoors into your system. Learn how to detect and mitigate this type of targeting:
22
75
195
Data security is a critical part of Zero Trust architecture. We’re releasing guidance and recommendations to help you secure your data at rest and in transit. Read now and stay secure:
32
98
206
Take action. Russian SVR cyber actors are targeting technology companies worldwide by taking advantage of known vulnerabilities in JetBrains TeamCity servers. Learn how to detect and mitigate associated activities.
31
90
198
Our latest
#cybersecurity
product helps sys admins
#detect
and replace outdated TLS encryption protocol implementations with updated configurations to ensure data is being effectively protected. Read more:
13
97
180
Don’t let adversaries darken your skies – secure your cloud environments now.
To aid organizations in defending their cloud resources, we’re releasing our Top Ten Cloud Security Mitigation Strategies. Learn more about what you can do:
16
84
192
We’re on top of AI. We know that our adversaries are actively exploiting AI and looking for ways to do harm. NSA CCC chief Morgan Adamski explains how we’re combatting the threat. Watch her message, then read our 2023 Cybersecurity Year in Review:
55
70
184
Updates to our
#Kubernetes
Hardening Guide with
@CISAgov
are live! Thanks to all who reached out with feedback to help make the guidance more comprehensive — including more detailed info on logging and threat detection in addition to other clarifications.
22
103
181
In October 2019,
@NSAGov
established a directorate dedicated to preventing and eradicting cyber threats in support of our
#cybersecurity
mission. Our
#YearInReview
outlines key milestones and mission outcomes achieved.
32
83
159
#OperationalTechnology
owners and operators will benefit from our recent
#Cybersecurity
Advisory on how to evaluate risks to their systems & make informed decisions to prevent and detect malicious activities. Review the pragmatic evaluation methodology:
7
94
179
Round two! NSA has partnered again with
@CISACyber
,
@FBI
, and other U.S. and international agencies to provide guidance and harden targets against living off the land techniques employed by People’s Republic of China and Russian state-sponsored actors.
67
74
178
#CodebreakerTechTip
: Having proficiency with an advanced text editor can make it easier to examine large or complex text files. Two popular editors: emacs and vi. Our preference? No comment.
20
39
173
Our guidance is still applicable for network defenders hunting webshells this weekend.
21
87
175
Minimize the risk of malicious PDFs affecting your environments. Our latest technical report includes updated
#configuration
recommendations for
#Adobe
Acrobat Reader—including for the newer cloud features.
18
84
168
Is your leadership asking about PRC threats to your systems? Along with
@CISACyber
and other partners, we’re releasing an executive overview of the February 2024 joint cybersecurity advisory on PRC actor Volt Typhoon activity. Read now:
10
84
175
Ransomware tactics and techniques are rapidly evolving. Learn what you can do to
#StopRansomware
.
21
91
165
We chase and eradicate threats all across the globe.
@CYBERCOM_DIRNSA
and
@NSA_CSDirector
sat down to talk about the state of cybersecurity and how NSA defends the nation 24/7.
Watch their conversation, then read our Year in Review report:
67
81
168
NSA has released a technical report with our evaluation of commercially available embedded field programmable gate arrays (eFPGA). If you’re protecting sensitive information, read more now:
52
91
170
Make sure your systems are quantum-resistant! We're releasing updates to the Commercial National Security Algorithm Suite 2.0 (CNSA 2.0) FAQ, including information on hash-based signatures, hybrid classical/pq solutions, NIST updates, and more. Read now:
23
97
176
Dave Luber has started as
@NSAGov
's new Director of Cybersecurity
@NSA_CSDirector
. He now leads our critical mission to prevent and eradicate threats to National Security Systems and the Defense Industrial Base. Welcome, Dave! Learn more about him here:
28
53
168
NSA just released our 2022 Cybersecurity Year in Review. Find out how our work to defend the nation impacts you, and stay tuned as we highlight 5 ways NSA is securing at scale:
11
77
155
It takes collaboration to secure Operational Technology. Morgan Adamski, Director of
@NSAGov
's
#Cybersecurity
Collaboration Center, spoke with
@DragosInc
,
@ENERGY
, and
@CISAgov
about threats to these systems and how
#Partnerships
play a key role in securing them.
11
49
158
