Connect with Duo users and security professionals in our Community.
Can't find what you're looking for? Contact Sales or Contact Support.
Featured Articles
Driving Headless Chrome with Python
Back in April, Google announced that it will be shipping Headless Chrome in Chrome 59. Since the respective flags are already available on Chrome Canary, the Duo Labs team thought it would be fun to test things out and also provide a brief introduction to driving Chrome using Selenium and Python.
Industry News / Featured Article
HHS Urges HIPAA Guidance for Dealing With Ransomware
In the wake of the widespread ransomware attack launched last Friday that has quickly spread worldwide, the Dept. of Health and Human Services (HHS) sent an email reminder to healthcare organizations, urging them to adhere to the Office for Civil Rights’ (OCR) ransomware guide published last year.
Industry News / Featured Article
The Competitive Advantage of Integrating Security & Privacy into Your Business Strategy
Organizations are exploring how to gain a competitive advantage by integrating information security and privacy with their business strategy, according to a 2017 cybersecurity report from PricewaterhouseCoopers (PwC).
Industry News / Featured Article
Widespread Ransomware Attack Plagues Europe, Asia & U.K. Hospitals
A widespread, worm-like ransomware attack has shut down computers across Europe and Asia, hitting the Spanish telecom provider, Telefonica and operations in major U.K.-based health systems especially hard.
Recent Articles
The Competitive Advantage of Integrating Security & Privacy into Your Business Strategy
Organizations are exploring how to gain a competitive advantage by integrating information security and privacy with their business strategy, according to a 2017 cybersecurity report from PricewaterhouseCoopers (PwC).
Industry News / Featured Article
Widespread Ransomware Attack Plagues Europe, Asia & U.K. Hospitals
A widespread, worm-like ransomware attack has shut down computers across Europe and Asia, hitting the Spanish telecom provider, Telefonica and operations in major U.K.-based health systems especially hard.
SMS-Based Two Factor Exploited in Bank Account Transfer Scheme
Yet another example of how SMS-based two-factor authentication is not secure can be seen in the recent Signalling System No. 7 (SS7) attacks in January. Malicious hackers redirected money from German customers’ banking accounts to their own accounts in a series of attacks, according to Ars Technica and Süddeutsche Zeitung.
Gmail OAuth Phishing Goes Viral
On Wednesday, a Gmail phishing attack leveraging OAuth spread quickly to multiple users. There are a number of features that you need to be aware of that made this attack incredibly successful, as well as ways to protect yourself or your employees.
Duo Labs / Featured Article
The macOS Phishing Easy Button: AppleScript Dangers
An attacker can send phishing dialogs to users by writing a few lines of AppleScript, effectively allowing them to steal Apple ID or local user account credentials. Here’s our technical overview of the dangers of AppleScript.
Stop the Pwnage: 81% of Hacking Incidents Used Stolen or Weak Passwords
According to the 10th edition of the Verizon Data Breach Investigations Report, 81 percent of hacking-related breaches leveraged stolen and/or weak passwords. Other trends include a jump in phishing, web application and ransomware attacks.
Education, Healthcare & Government Targeted by Stolen RDP Logins
Education and healthcare are among the most frequently targeted industries, at least when it comes to the amount of stolen remote desktop protocol (RDP) logins up for sale on the dark web, according to an analysis of 85,000 servers from Flashpoint.
Phishing Across the Pond: 70% of U.K. Universities Impacted
Back in November 2016, we filed Freedom of Information (FoI) requests to 70 universities across the U.K. asking questions around each institution’s experiences with phishing. The responses we received indicate that phishing is still a major security challenge – even for top universities.
Press and Events / Featured Article
Duo Signs Letter Supporting Vulnerability Disclosure Process for NIST
Duo signed a joint letter penned by Rapid7 recommending the addition of a vulnerability disclosure and handling process in the National Institute of Standard and Technology’s (NIST) cybersecurity framework.
Duo Labs / Featured Article
Don’t Get Sonic Screwed: Update Your S%&#
Recent events surrounding Apple and widely-reported vulnerabilities of its Macintosh products are once more emphasizing the importance of applying macOS security updates as quickly as possible.
The emergency sirens were activated in Dallas County last Friday night at 11:42pm. First reported as a malfunction, it was later discovered to be a hack - here’s the technical details and why someone may have done it.
Hackers Target Managed Service Providers to Breach Client Networks
One of the largest sustained global cyber espionage campaigns is targeting managed IT service providers (MSPs) in order to gain access to MSP customer networks, known as Operation Cloud Hopper.
Microsoft Patch: Update to Fix Actively Exploited Vulnerabilities
Recently, Microsoft patched a vulnerability that could be used in phishing attacks to direct users to malicious websites. The security update is available in March’s Patch Tuesday, which included two months of updates and 18 security bulletins - 9 of which were rated as critical.
Navigating New PCI DSS 3.2 Guidelines for MFA With Duo
When you’re trying to parlay a multi-factor authentication (MFA) product into a solution that complies with current requirements and stays ahead of future ones, it’s hard to tell which way the ship is sailing.
May, 2017
April, 2017
March, 2017
February, 2017
January, 2017
December, 2016
November, 2016
October, 2016
September, 2016
August, 2016
July, 2016
June, 2016
May, 2016
April, 2016
March, 2016
February, 2016
January, 2016
December, 2015
November, 2015
October, 2015
September, 2015
August, 2015
July, 2015
June, 2015
May, 2015
April, 2015
March, 2015
February, 2015
January, 2015
December, 2014
November, 2014
October, 2014
September, 2014
August, 2014
July, 2014
June, 2014
May, 2014
April, 2014
March, 2014
February, 2014
January, 2014
December, 2013
November, 2013
October, 2013
September, 2013
August, 2013
July, 2013
June, 2013
May, 2013
April, 2013
February, 2013
January, 2013
December, 2012
November, 2012
September, 2012
August, 2012
July, 2012
June, 2012
May, 2012
March, 2012
February, 2012
January, 2012
September, 2011
August, 2011
July, 2011
June, 2011
May, 2011
April, 2011
December, 2010
