SEARCH
All Articles
DROWN Provides Another Reminder to Disable SSLv2 (and 3, while you’re at it)
A newly discovered vulnerability in crypto protocols breaks connections and reminds us all that it's long past time to move on from SSLv2.
OpenSSL Provides Another Reminder to Disable SSLv2 (and 3, while you’re at it)
A newly discovered vulnerability in OpenSSL reveals private keys and reminds us all that it's long past time to move on from SSLv2.
Critical Vulnerability Affecting Glibc: Patch Immediately
The Glibc Project has announced a critical vulnerability affecting systems using the glibc DNS client-side resolver, that could, under certain conditions, lead to remote code execution on a system using glibc.
Microsoft Drops Support for Internet Explorer: Just How Big of Deal is This?
Microsoft will soon drop support for Internet Explorer versions 8, 9 and 10 - that means no more security updates. We took a look at our user data to determine the impact on IE users. Here’s what we found…
Debunking Myths: Do Terrorists Use Game Consoles to Communicate With Each Other?
Watch as Duo’s Creative Director Pete Baker and Duo Labs’ Mark Loveless and Steve Manzuik debunk the myths that terrorists were using PlayStation networks and the popular Call of Duty game to communicate with each other.
Dude, You Got Dell’d: Publishing Your Privates
While working on a larger research project, Duo Labs security researchers found sketchy certificates on a brand-new Dell Inspiron 14 laptop. Read on for more about Superfish 2: eDellRoot Boogaloo.
Strengthening the Signal in the Noise: IoT Security and Stunt Hacking
The whole Internet of Things (IoT) phenomenon has really gained momentum amongst security professionals as a hot topic of discussion. More than a few people are calling for self-examination...
I, For One, Welcome Our New Algorithmic Overlords
Duo Research and Development team share common themes discussed at Black Hat and DEF CON, from advocating for individualized machine learning models to achieving actionable analysis.
You Built a Better Mousetrap? They Built Better RATs
Remote Access Trojans (RATs) have traditionally been known as tools that perform tasks such as installing additional malware or stealing files from an infected computer. They are often bundled with enticing software like free games or system utilities. RATs are nothing new, but their usage and related attack methods have changed recently in interesting ways.
What’s Old is… Still Old: The Security from the Obscurity of Legacy Systems is Crumbling
As has often been the case with old technology that stays in use in the modern era, several concrete hacks have been demonstrated against satellite communication technology.
I’m Sorry, *You* Are… The Weakest Link
Kyle Lady of Duo Labs covers talks about the human factor — from social engineering to human vulnerability scanning — at DEF CON and Black Hat 2015.
Applications of Deep Learning: The Good, The Bad and The Opinion
The phrase "deep learning" came up many times during Black Hat 2015. It seems to have quickly risen to prominence, and it certainly merits discussion: the broad field of machine learning and developments in the field have definite potential to help the security field make better sense of the data.
Welcome to Vegas! A Primer on Attending Black Hat & DEF CON
This is a general guideline aimed at first-time attendees to Black Hat and DEF CON.