Saturday , June 20 2026
NIST

NSA Releases Guidance on Zero Trust Maturity

infosecbulletin Sunday , May 26 2024 International

The NSA released an information sheet called “Advancing Zero Trust Maturity Throughout the Application and Workload Pillar.” This sheet will help organizations protect their applications from unauthorized users and maintain constant visibility of their workload.

This CSI gives recommendations for achieving different levels of application and workload capabilities under the Zero Trust (ZT) paradigm. It explains how these capabilities fit into a complete ZT framework. ZT implementation aims to improve cybersecurity protections, responses, and operations over time.

CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices

By infosecbulletin / Saturday , June 20 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) asked Fortinet users with FortiGate devices on Thursday to act to protect...
Read More
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices

CISA: Splunk flaw under active exploit, patch by Sunday

By infosecbulletin / Saturday , June 20 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has asked federal agencies to protect their systems by Sunday from a...
Read More
CISA: Splunk flaw under active exploit, patch by Sunday

Texas data breach exposes 3 million driver’s licenses

By infosecbulletin / Saturday , June 20 2026
The Texas Parks and Wildlife Department (TPWD) revealed a data leak at its license system provider. This leak exposed private...
Read More
Texas data breach exposes 3 million driver’s licenses

Critical Cisco ISE Vulnerability Enables Remote Code Execution

By infosecbulletin / Friday , June 19 2026
Cisco has revealed critical security flaws in its Identity Services Engine (ISE). These flaws could let attackers run harmful code...
Read More
Critical Cisco ISE Vulnerability Enables Remote Code Execution

F5 Patches NGINX Flaw for Code Execution and DoS Attacks

By infosecbulletin / Thursday , June 18 2026
F5 has shared a security warning about serious flaws in NGINX. These issues could let attackers run any code and...
Read More
F5 Patches NGINX Flaw for Code Execution and DoS Attacks

FortiBleed: 70,000 Fortinet Firewalls Compromised Globally

By infosecbulletin / Wednesday , June 17 2026
A vast cyber spying operation called “FortiBleed” has quietly compromised more than 73,932 different Fortinet firewall URLs in 194 countries....
Read More
FortiBleed: 70,000 Fortinet Firewalls Compromised Globally

New Rokarolla Android malware hits 217 banking and crypto apps

By infosecbulletin / Wednesday , June 17 2026
A new Android banking trojan called Rokarolla is hitting 217 banking and cryptocurrency apps with a wide range of 137...
Read More
New Rokarolla Android malware hits 217 banking and crypto apps

Phishing Campaign Exploits Legitimate Microsoft Login Flow

By infosecbulletin / Tuesday , June 16 2026
Attackers are using Microsoft’s OAuth 2.0 Device Authorization Grant (device code) flow in a campaign to take control of Microsoft...
Read More
Phishing Campaign Exploits Legitimate Microsoft Login Flow

ALERT
Cisco SD-WAN Zero-Day, FortiSandbox and cPanel flaws exploited in attacks

By infosecbulletin / Tuesday , June 16 2026
Cisco on Monday told customers about a new SD-WAN product flaw used in attacks. The flaw, called CVE-2026-20262, is a...
Read More
ALERT Cisco SD-WAN Zero-Day, FortiSandbox and cPanel flaws exploited in attacks

“Panthalassa” builds floating AI data centers powered by ocean waves

By infosecbulletin / Tuesday , June 16 2026
Every American data center story these days follows almost the same pattern. Someone has the chips, someone has the cash,...
Read More
“Panthalassa” builds floating AI data centers powered by ocean waves

“This guidance helps organizations disrupt malicious cyber activity by applying granular access control and visibility to applications and workloads in modern network environments,” said Dave Luber, NSA’s Director of Cybersecurity. “Implementing a Zero Trust framework places cybersecurity practitioners in a better position to secure sensitive data, applications, assets, and services.”

According to the CSI, applications and workloads depend on each other. Applications are computer programs and services that run on premise and cloud environments. Workloads can be standalone solutions or groups of processing components performing functions.

The application and workload pillar in a Zero Trust architecture relies on these capabilities: application inventory, secure software development and integration, software risk management, resource authorization and integration, and continuous monitoring and ongoing authorizations.

NSA is helping DoD customers test Zero Trust systems and create more guidance for integrating Zero Trust principles into enterprise networks.

This guidance expands on NSA’s previously released CSIs on Zero Trust, including the following:

Embracing a Zero Trust Security Model

Advancing Zero Trust Maturity Throughout the User Pillar

Advancing Zero Trust Maturity Throughout the Device Pillar

Advancing Zero Trust Maturity Throughout the Data Pillar

Advancing Zero Trust Maturity Throughout the Network and Environment Pillar. Click here to read the full report.

Check Also

PeopleSoft

ShinyHunters claim stolen data from 100+ org via oracle PeopleSoft servers

Oracle PeopleSoft servers are under attack in ongoing data theft by the ShinyHunters gang, which …

Mail: [email protected]
© Copyright 2026, All Rights Reserved InfoSecBulletin