Industry News

Making the Switch to Duo: Why Customers are Replacing RSA

on Jun 21, 2017

Many large enterprise organizations are switching from legacy two-factor solutions – which add friction, cost and complexity – to Duo's lightweight, cloud-based solution that's both designed for the modern era and reduces overhead while adding greater security benefits.

Read more...

Duo Labs

Bug Hunting: Drilling Into the Internet of Things (IoT)

on Jun 19, 2017

In his latest bit of odd research, Duo Labs' Mark Loveless takes a closer look at IoT as he pulls apart a wireless drill, bit by bit.

Read more...

Press and Events

Duo Security and Global Risk Institute Host Discussion on Cyber Risk and Security in Canada

on Jun 6, 2017

Duo Security and Global Risk Institute (GRI) co-hosted an executive breakfast in Toronto to provide an update on current security trends and key information that leaders need to know.

Read more...

Industry News / Featured Article

Now Available: The 2017 Duo Trusted Access Report

on Jun 5, 2017

You can't secure what you can't see. To shed light on who’s at risk, Duo has collected and analyzed our dataset of 4.6 million endpoints, completing over two hundred million authentications a month - all now available in The 2017 Duo Trusted Access Report.

Read more...

Duo Labs

Driving Headless Chrome with Python

on May 23, 2017

Back in April, Google announced that it will be shipping Headless Chrome in Chrome 59. Since the respective flags are already available on Chrome Canary, the Duo Labs team thought it would be fun to test things out and also provide a brief introduction to driving Chrome using Selenium and Python.

Read more...

Industry News

HHS Urges HIPAA Guidance for Dealing With Ransomware

on May 18, 2017

In the wake of the widespread ransomware attack launched last Friday that has quickly spread worldwide, the Dept. of Health and Human Services (HHS) sent an email reminder to healthcare organizations, urging them to adhere to the Office for Civil Rights’ (OCR) ransomware guide published last year.

Read more...

Industry News

The Competitive Advantage of Integrating Security & Privacy into Your Business Strategy

on May 17, 2017

Organizations are exploring how to gain a competitive advantage by integrating information security and privacy with their business strategy, according to a 2017 cybersecurity report from PricewaterhouseCoopers (PwC).

Read more...

Industry News / Featured Article

Widespread Ransomware Attack Plagues Europe, Asia & U.K. Hospitals

on May 12, 2017

A widespread, worm-like ransomware attack has shut down computers across Europe and Asia, hitting the Spanish telecom provider, Telefonica and operations in major U.K.-based health systems especially hard.

Read more...

Duo Labs

A Security Analysis of Over 500 Million Usernames and Passwords

on May 11, 2017

Here’s Duo Labs’ analysis of the Anti Public Combo List, over 500 million usernames and passwords aggregated from a variety of breaches and password dumps.

Read more...

Industry News

SMS-Based Two Factor Exploited in Bank Account Transfer Scheme

on May 9, 2017

Yet another example of how SMS-based two-factor authentication is not secure can be seen in the recent Signalling System No. 7 (SS7) attacks in January. Malicious hackers redirected money from German customers’ banking accounts to their own accounts in a series of attacks, according to Ars Technica and Süddeutsche Zeitung.

Read more...

Duo Labs

Gmail OAuth Phishing Goes Viral

on May 4, 2017

On Wednesday, a Gmail phishing attack leveraging OAuth spread quickly to multiple users. There are a number of features that you need to be aware of that made this attack incredibly successful, as well as ways to protect yourself or your employees.

Read more...

Duo Labs / Featured Article

The macOS Phishing Easy Button: AppleScript Dangers

on May 4, 2017

An attacker can send phishing dialogs to users by writing a few lines of AppleScript, effectively allowing them to steal Apple ID or local user account credentials. Here’s our technical overview of the dangers of AppleScript.

Read more...

Industry News

Stop the Pwnage: 81% of Hacking Incidents Used Stolen or Weak Passwords

on May 2, 2017

According to the 10th edition of the Verizon Data Breach Investigations Report, 81 percent of hacking-related breaches leveraged stolen and/or weak passwords. Other trends include a jump in phishing, web application and ransomware attacks.

Read more...

Industry News

Education, Healthcare & Government Targeted by Stolen RDP Logins

on May 1, 2017

Education and healthcare are among the most frequently targeted industries, at least when it comes to the amount of stolen remote desktop protocol (RDP) logins up for sale on the dark web, according to an analysis of 85,000 servers from Flashpoint.

Read more...