Computer Security

Modern society relies heavily on software-based automation, implicitly trusting developers to write software that operates in the expected way and cannot be compromised for malicious purposes. While developers often perform rigorous testing to prepare the logic in software for surprising conditions, exploitable software vulnerabilities are still frequently based on memory issues. Examples include overflowing a memory buffer and leveraging issues with how software allocates and de-allocates memory.

Believe you can, and you will! This is a brief story of how a veteran security professional and cyber influencer George McPherson got into cybersecurity.

The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI) assess that People’s Republic of China's state-sponsored malicious cyberactivity is a major threat to the US and allied cyberspace assets.

Since World War II, the National Security Agency (NSA) and its predecessors have protected the United States’ most sensitive information. As technological advancements have created a more interconnected world with ever-increasing threats, NSA’s mission has expanded. NSA has embraced new responsibilities and operational authorities to ensure our networks remain secure.

Unmitigated vulnerabilities in the software supply chain continue to pose a significant risk to organizations and our nation. This paper builds on the previously released Recommended Practices Guide for a software supply chain’s development, production and distribution, and management processes, to further increase the resiliency of these processes against compromise.

Since the introduction of multi-user computer systems, user authentication has primarily relied on the use of usernames and passwords. To strengthen the authentication process, Multi-Factor Authentication (MFA) requires the user to present multiple elements in different categories, or “factors,” as part of an authentication attempt. These factors are something you have, something you know, and something you are.

Threats from synthetic media, such as deepfakes, present a growing challenge for all users of modern technology and communications, including National Security Systems (NSS), the Department of Defense (DoD), the Defense Industrial Base (DIB), and national critical infrastructure owners and operators.

I am proud to share the 2023–2025 CISA Strategic Plan, the first comprehensive Strategic Plan since CISA was established as an agency in 2018. The strategic plan represents a forward-leaning, unified approach to achieving our vision of ensuring secure and resilient critical infrastructure for the American people.

The Snake implant is considered the most sophisticated cyber espionage tool designed and used by Center 16 of Russia’s Federal Security Service (FSB) for long-term intelligence collection on sensitive targets. To conduct operations using this tool, the FSB created a covert peer-to-peer (P2P) network of numerous Snake-infected computers worldwide.

These cybersecurity authorities—herein referred to as “authoring organizations”—are aware that communities may seek cost-savings and quality-of-life improvements through the digital transformation of infrastructure to create “smart cities".

The National Security Agency (NSA) formed a Cybersecurity Directorate in 2019 with the charge to prevent and eradicate threats to the United States’ National Security Systems and critical infrastructure, with an initial focus on the Defense Industrial Base and its service providers. Drawing on the NSA’s rich information assurance legacy, the Cybersecurity Directorate refocused to meet the demands of the present and the future. It integrated key parts of the NSA’s cybersecurity mission into a more public-facing organization determined to raise the cybersecurity bar.

If you have been abused or are currently a victim of cybercrime harassment, cyberstalking, or cyberbullying and have not yet spoken out, reach toward a safe person and speak your truth. You are strong and courageous, and you deserve to live an abuse-free life. Stand with me, no longer a victim but a survivor.

The internet can be a fearful and frightening place, especially when we hear about things like online identity theft. As scary as they may seem, there are some simple steps that anyone can take to protect ourselves from those dangers. This audiobook will explain what those threats are, and what you can use to guard against being a victim. It’s all broken down in simple terms you can understand. Once you have a basic understanding of how the pieces fit together, you can then protect yourself from danger.

The purpose of this publication is to provide organisations with guidance on how to use AI systems securely. The audio summarises some important threats related to AI systems and prompts organisations to consider steps they can take to engage with AI while managing risk. It provides mitigations to assist both organisations that use self-hosted and third-party hosted AI systems. The guidance within this publication is focused on using AI systems securely rather than developing secure AI systems.

This document recommends guidelines for providers of any systems that use artificial intelligence (AI), whether those systems have been created from scratch or built on top of tools and services provided by others. Implementing these guidelines will help providers build AI systems that function as intended, are available when needed, and work without revealing sensitive data to unauthorized parties.

Human Security describes the steps organizations should take to protect their networks from intruders, emphasizing what employees can do to defend their network. The points are crisp, simple, and eminently doable with a CEO or board chairperson's support. A must listen for organization IT and leaders.

Determine how much of your organization’s operations are dependent on IT. Consider how much your organization relies on information technology to conduct business and make it a part of your culture to plan for contingencies in the event of a cyber incident. Identify and prioritize your organization’s critical assets and the associated impacts to operations if an incident were to occur.

BlackLotus is a recently publicized malware product garnering significant attention within tech media. Similar to 2020’s BootHole (CVE-2020-10713), BlackLotus takes advantage of a boot loader flaw—specifically CVE-2022-21894 Secure Boot bypass known as “Baton Drop”—to take control of an endpoint from the earliest phase of software boot.

Remote access software and tools comprise a broad array of capabilities used to maintain and improve IT, operational technology (OT), and industrial control systems (ICS) services; they allow a proactive and flexible approach for organizations to remotely oversee networks, computers, and other devices.

Don't be a victim! Malicious cyber actors may leverage your home network to gain access to personal, private, and confidential information. Help protect yourself, your family, and your work by practicing cybersecurity-aware behaviors, observing some basic configuration guidelines, and implementing the following mitigations on your home network.