In a technical paper released today, Duo Labs details the results of a month-long experiment in which we hunted and analyzed over 3,200 unique phishing kits.
Duo Labs analyzes npm packages and how attackers can use malicious packages to gain access to and control over systems.
We're excited to announce two new open-source tools designed to help administrators prevent, manage, and respond to phishing attacks against their organization - IsThisLegit and Phinn.
On Wednesday, a Gmail phishing attack leveraging OAuth spread quickly to multiple users. There are a number of features that you need to be aware of that made this attack incredibly successful, as well as ways to protect yourself or your employees.
Back in November 2016, we filed Freedom of Information (FoI) requests to 70 universities across the U.K. asking questions around each institution’s experiences with phishing. The responses we received indicate that phishing is still a major security challenge – even for top universities.
Learn more about Duo’s integration with Intel to bring hardware-free U2F technology to users as a strong method of two-factor authentication.
Why the MongoDB Ransomware Shouldn't Surprise Anyone Duo Labs / Featured Article
Recent reports have discovered MongoDB instances being targeted with ransomware, with over 28,000 unique cases of ransomware from multiple actors targeting MongoDB hosts. Learn about exposed instances and get some helpful tips and resources on securing a MongoDB deployment.
Every year during the holiday season, SANS publishes their annual Holiday Hack Challenge. Our security researcher details how he tackled the challenge.
Duo Labs set out to measure how many Redis instances were exposed to the Internet and potentially vulnerable to attacks. Here is a brief summary of our findings.
Duo recently released a tool called Duo Insight that lets organizations run effective mock phishing campaigns against their employees - for free. Here are some simple steps to take to get more value out of results from Duo Insight, as well as decreasing your overall exposure to phishing.