SEARCH
All Articles
Securing Access After the Cloudflare Bug & Data Leaks
The Cloudflare data leak impacted several sites using the popular CDN. Resetting session tokens and enabling 2FA can help affected sites protect their users' credentials.
Flipping Bits and Opening Doors: Reverse Engineering the Linear Wireless Security DX Protocol
A security researcher on the Duo Labs team details how he found several vulnerabilities in a wireless physical security system.
You Got the Touch: First Impressions of the 2017 MacBook Pro
Here are some first impressions of a resident Apple nerd’s experience with the 2017 MacBook Pro with Touch Bar, including a review of the Secure Enclave Processor and Touch ID from a security perspective.
Google, Facebook Amp Up Authentication With Security Keys
Now Facebook and Google Suite users can use a security key to authenticate and verify their identities during login.
Banking Malware Dridex Targets U.K. Financial Institutions
A number of U.K.-based financial institutions were hit by a wave of financial banking malware, delivered via phishing email campaigns. Dridex is back this year with new techniques to bypass security and steal user data.
The Latest Phishing Attacks Target Gmail, Microsoft Word & Android Apps
Recently, phishing attacks against Gmail users, a major U.S. financial services provider, and Android app users have revealed unique ways to deliver malware and steal login credentials.
The Weird World of Attribution
Duo Labs researcher Mark Loveless explores the importance of attribution and how it can be helpful if your company is attacked.
Why the MongoDB Ransomware Shouldn’t Surprise Anyone
Recent reports have discovered MongoDB instances being targeted with ransomware, with over 28,000 unique cases of ransomware from multiple actors targeting MongoDB hosts. Learn about exposed instances and get some helpful tips and resources on securing a MongoDB deployment.
New Cybersecurity Regulation for NY Financial Services
Banking, insurance and other financial services must follow new cybersecurity regulation recently released by the New York State Dept. of Financial Services by March 1, 2017.
Is Your Healthcare Organization Ready for the HIPAA Security Audits?
The Office for Civil Rights is conducting audits of healthcare providers and business associates. The goal is to assess HIPAA compliance efforts and discover new security risks.
Holiday Travel Security & Privacy Tech Tips
Holiday travel tests your personal data security. It’s easier to keep your money, identity and tech safe with tips from Duo’s Senior Security Researcher.
How Secure is the Retail Industry’s Infrastructure Today?
Retailers and consumers can better secure payment data. Tactics like two-factor authentication and wireless payment technologies offer secure paths forward.
Security Projects to Keep an Eye on in 2017
Infosec is constantly evolving. We asked one of our security researchers to share some of the most exciting projects to keep an eye on in 2017.
Unicorn Wrangling 101: What is a Backdoor?
What constitutes a backdoor in software, firmware, or even hardware? This question nagged at us during a recent project that Duo Labs worked on.
Over 18,000 Redis Instances Targeted by Fake Ransomware
Duo Labs set out to measure how many Redis instances were exposed to the Internet and potentially vulnerable to attacks. Here is a brief summary of our findings.