CyberSecurityBoard
Sponsor Register Login

NSA Blocked 10 Billion Connections to Malicious and Suspicious Domains

The National Security Agency's domain security service blocked 10 billion user connections to known malicious or suspicious domains, the agency notes in an annual report.
Published on Tuesday, the NSA's 2023 Cybersecurity Year in Review report details the agency's efforts in cybersecurity and its work with government partners, foreign partners, and defense industrial base entities to improve national security.
The NSA's cybersecurity efforts mainly focus on protecting national security systems, which contain classified information or are critical to US military and intelligence, the Department of Defense services and agency networks, and DIB organizations.
The NSA also says that the no-cost cybersecurity services it offers to DoD contractors have seen a 400% adoption this year, with the number of enrolled organizations surpassing 600.
Small businesses, including organizations with limited resources, represent more than 70% of the current DIB. In 2023, the NSA released six security products tackling threats to communications, DIB, and information technology sectors.
The documents cover the supply chain, 5G network security, and identity and access management.
This year, the NSA also improved its vulnerability scanning program, which resulted in 1.3 million security defects being flagged, inventoried over 300,000 internet-accessible assets for the participating DIB entities, and issued more than 500 partner vulnerability notifications.
Along with the cybersecurity industry, the agency is tracking roughly 70 unique clusters of known state-sponsored activity, and has uncovered multiple nation-state campaigns specifically targeting DIB, including some targeting zero-day vulnerabilities.
The NSA is also promoting the secure development, adoption, and integration of artificial intelligence, through a newly established AI Security Center, which will also focus on understanding how adversaries use and target AI. This year, the agency continued to provide cybersecurity advisories to the public, to publish indicators-of-compromise associated with observed malicious activity, to execute the US government's strategy to migrate vulnerable cryptographic systems to quantum-resistant cryptography, and to research and enhance its cyber warfare capabilities.


This Cyber News was published on www.securityweek.com. Publication date: Wed, 20 Dec 2023 15:43:05 +0000


Cyber News related to NSA Blocked 10 Billion Connections to Malicious and Suspicious Domains

Threat landscape for industrial automation systems. H2 2023 - In the second half of 2023, the percentage of ICS computers on which malicious objects were blocked decreased by 2.1 pp to 31.9%. Percentage of ICS computers on which malicious objects were blocked, by half year. In H2 2023, building automation once ...
3 months ago Securelist.com
Toward Ending the Domain Wars: Early Detection of Malicious Stockpiled Domains - The two main advantages of detecting stockpiled domains are expanding coverage of malicious domains and providing patient-zero detections as attackers stock up on domains for future use. As of July 2023, our detection pipeline has found 1,114,499 ...
6 months ago Unit42.paloaltonetworks.com
NSA Blocked 10 Billion Connections to Malicious and Suspicious Domains - The National Security Agency's domain security service blocked 10 billion user connections to known malicious or suspicious domains, the agency notes in an annual report. Published on Tuesday, the NSA's 2023 Cybersecurity Year in Review report ...
6 months ago Securityweek.com
Threat landscape for industrial automation systems, Q1 2024 - In the first quarter of 2024, the percentage of ICS computers on which malicious objects were blocked decreased by 0.3 pp from the previous quarter to 24.4%. Compared to the first quarter of 2023, the percentage decreased by 1.3 pp. Percentage of ICS ...
1 month ago Securelist.com
InfectedSlurs Botnet Spreads Mirai via Zero-Days - The payload targets routers and network video recorder devices with default admin credentials and installs Mirai variants when successful. Until November 9, 2023, the vulnerable devices being targeted were unknown. Since both the name and the version ...
7 months ago Akamai.com
Hunting for malicious domains with VT Intelligence ~ VirusTotal Blog - Please note that this blogpost is part of our #VTMondays series, check out our collection of past publications here. Many cyberattacks begin by victims visiting compromised websites that host malware or phishing scams, threat actors use domains for ...
6 months ago Blog.virustotal.com
Researchers Hunted Malicious Stockpiled Domains DNS Records - Malicious stockpiled domains are the collection of domain names that threat actors acquire in advance for several types of future malicious activities like:-. While all these domains are often kept unused initially to evade detection, and then later ...
6 months ago Cybersecuritynews.com
Cloudflare loses 22% of its domains in Freenom.tk shutdown - A staggering 12.6 million domains on TLDs controlled by Freenom have been shut down and no longer resolve, leading to a significant reduction in the number of websites hosted by Cloudflare. The disappearance of these websites was spotted during our ...
3 months ago Netcraft.com
Imperva Client-Side Protection Mitigates the Polyfill Supply Chain Attack - The recent discovery of a website supply chain attack using the cdn. Polyfill.io domain has left many websites vulnerable to malicious code injection. Once a trusted resource for adding JavaScript polyfills to websites, the domain has recently become ...
6 days ago Imperva.com
AsyncRAT Loader Delivers Malware via JavaScript - For at least 11 months, this threat actor has been working on delivering the Remote Access Trojan through an initial JavaScript file, embedded in a phishing page. After more than 300 samples and over 100 domains later, the threat actor is persistent ...
5 months ago Cybersecurity-insiders.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
7 months ago Esecurityplanet.com
CVE-2020-25600 - An issue was discovered in Xen through 4.14.x. Out of bounds event channels are available to 32-bit x86 domains. The so called 2-level event channel model imposes different limits on the number of usable event channels for 32-bit x86 domains vs ...
2 years ago
NSA Publishes 2023 Cybersecurity Year in Review > National Security Agency/Central Security Service > Press Release View - FORT MEADE, Md.-The National Security Agency published its 2023 Cybersecurity Year in Review today to share its recent cybersecurity successes and how it is working with partners to deliver on cybersecurity advances that enhance national security. ...
6 months ago Nsa.gov
Apple blocked $7 billion in fraudulent App Store purchases in 4 years - Apple's antifraud technology has blocked more than $7 billion in potentially fraudulent transactions in four years, the company states in its latest annual fraud prevention analysis. From 2020 through 2023, the company also detected more than 14 ...
1 month ago Bleepingcomputer.com
NSA Releases 2023 Cybersecurity Year in Review Report - This document highlights the agency's achievements in enhancing national security through cybersecurity. It emphasizes the value of NSA's collaborations with U.S. government agencies, international allies, and the Defense Industrial Base, underlining ...
6 months ago Heimdalsecurity.com
Hijacking Your Bandwidth How Proxyware Apps Open You Up to Risk - Is this true? To examine and understand the kind of risks a potential user might be exposed to by joining such programs, we recorded and analyzed network traffic from a large number of exit nodes of several different network bandwidth sharing ...
1 year ago Trendmicro.com
Israel $3.2bn Grant For Intel's $25 Billion Chip Factory - Intel to make its largest ever single investment in Israel, with a $25 billion chip-making factory in the south of the country. Intel and the Israeli government have confirmed plans to construct a $25 billion chip-making factory in Southern Israel. ...
6 months ago Silicon.co.uk
NSA & CISA Alert: How to Protect Your Computer from This Phishing Scam - The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) of the US Department of Homeland Security have recently warned users of a widespread phishing scam targeting computer users. The scam involves ...
1 year ago Zdnet.com
Criminal IP and Quad9 Collaborate to Exchange Domain and IP Threat Intelligence - Criminal IP, a renowned Cyber Threat Intelligence search engine developed by AI SPERA, has recently signed a technology partnership to exchange threat intelligence data based on domains and potentially on the IP address to protect users by blocking ...
1 month ago Hackread.com
General Timothy Haugh Takes Lead of NSA and Cyber Command - A transfer of authority and responsibility ceremony at Fort Meade, Maryland marked the transition of leadership from General Paul M. Nakasone, to General Haugh. President Joe Biden chose Haugh back in May 2023 to take the leadership position that ...
5 months ago Securityweek.com
US To Invest $5 Billion In Semiconductor Research - White House confirms $5 billion from US Chips and Science Act will be used for semiconductor research and development. The Biden Administration has confirmed that the United States is setting aside billions of dollars for semiconductor-related ...
4 months ago Silicon.co.uk
The NSA Seems Pretty Stressed About the Threat of Chinese Hackers in US Critical Infrastructure - The United States National Security Agency is often tight-lipped about its work and intelligence. At the Cyberwarcon security conference in Washington DC on Thursday, two members of the agency's Cybersecurity Collaboration Center had a "Call to ...
7 months ago Wired.com
Explained: Domain fronting - Domain fronting is a technique of using different domain names on the same HTTPS connection. Put simply, domain fronting hides your traffic when connecting to a specific website. The technique became popular in the early 2010s in the mobile app ...
7 months ago Malwarebytes.com
Latest Information Security and Hacking Incidents - The NSA and CISA have released a set of five cybersecurity bulletins to help make cloud environments safer. These bulletins share important tips for keeping cloud systems secure, which are used a lot by businesses. Cloud services are popular because ...
3 months ago Cysecurity.news
VirusTotal: Generative AI is Great at Detecting, Identifying Malware - Generative AI engines similar to OpenAI's ChatGPT and Google's Bard will become indispensable tools for enterprises and cybersecurity operations in detecting and analyzing malicious code in a real-world environment, according to researchers with ...
7 months ago Securityboulevard.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)