A Security Audit of Third-Party AWS S3 Tools
We analyzed the security of several third-party AWS S3 tools to find out why so many S3 buckets with sensitive information have been made public, seemingly unintentionally. Here's what we found.
We analyzed the security of several third-party AWS S3 tools to find out why so many S3 buckets with sensitive information have been made public, seemingly unintentionally. Here's what we found.
The top malware infection vector is our age-old friend, phishing, while stolen credentials are popular for lateral movement - see more insights from Symantec's latest Internet Security Threat Report.
Duo Labs security researchers show how to bypass microcontroller interfaces used for internet of things (IoT) devices - these invasive attacks require physical access to typical microcontrollers.
In February, Duo released CloudMapper, an AWS environment visualization tool, to the developer community. In this blog post, we explore several potential misconfigurations that can lead to security problems.
Duo Labs performed an analysis of Objective-C binaries running on managed macOS endpoints in enterprise environments, using the Interactive Disassembler (IDA Pro) to perform disassembly and decompilation of the binaries.