Duo signed a joint letter penned by Rapid7 recommending the addition of a vulnerability disclosure and handling process in the National Institute of Standard and Technology’s (NIST) cybersecurity framework.
One of the largest sustained global cyber espionage campaigns is targeting managed IT service providers (MSPs) in order to gain access to MSP customer networks, known as Operation Cloud Hopper.
Recently, Microsoft patched a vulnerability that could be used in phishing attacks to direct users to malicious websites. The security update is available in March’s Patch Tuesday, which included two months of updates and 18 security bulletins - 9 of which were rated as critical.
The FBI has issued a private industry notification to the healthcare industry, warning organizations that attackers are actively targeting FTP (File Transfer Protocol) servers to access protected health information.
This blog covers a talk given by Knight-Wallace journalists Bastian Obermayer and Laurent Richard discussing privacy and security challenges in investigative journalism.
There’s been a 32 percent increase in hacked sites from 2015 to 2016, with no expectations of the trend slowing down, according to Google. Here are some of the top ways that websites get hacked, and what you can do to protect your site against spammers.
Learn more about the Center for Internet Security’s Security Controls. In this blog, I cover the first control, Inventory of Authorized and Unauthorized Devices in more detail.
Today, Duo signed a joint letter in response to the Department of Commerce’s Green Paper, "Fostering the Advancement of the Internet of Things" to support cybersecurity policy in the Internet of Things (IoT) industry.
In honor of Women’s History Month, here are the wise words of a few making history at Duo...
To help raise awareness about gender disparity in infosec and honor those pushing ahead in the field, Duo’s Women in Security Awards have been awarded to two winners in the industry and academia - here’s their stories.
In October 2016, the Department of Defense (DoD) issued a final rule that requires contractors to implement information security guidelines no later than December 31, 2017.
Some of the biggest challenges in information security for the healthcare industry include EHR complexity, interoperability, dependencies and more.
Find out how to keep your user logins and access to data secure after the Cloudflare bug that leaked customer data online, including passwords, security keys and more.
Ira Winkler describes the phishing kill chain, and how both users and technology can help stop a phishing attack along its journey.
In addition to the theme of securing a new IT model without firewalls, another message I heard repeatedly in several keynotes at the 2017 RSA Conference was urging simplification and consolidation of security solutions and vendors.
Learn more about Google’s BeyondCorp and how they secured their perimeter-less IT model with a new approach to security, and find out how you can apply the same security principles with Duo Beyond.
Google, Facebook Amp Up Authentication With Security Keys Industry News / Featured Article
Now Facebook and Google Suite users can use a security key to authenticate and verify their identities during login.
A number of U.K.-based financial institutions were hit by a wave of financial banking malware, delivered via phishing email campaigns. Dridex is back this year with new techniques to bypass security and steal user data.
Join Duo Security at the 2017 RSA Conference this year at booth #1247, RSVP to our after party and don’t miss Wendy Nather’s talk!
Recently, phishing attacks against Gmail users, a major U.S. financial services provider, and Android app users have revealed unique ways to deliver malware and steal login credentials.
What are Canadian organizations doing to protect themselves against new threats, and is it enough? About one in three targeted attacks in the past year resulted in a security breach for Canadian companies.
The largest hospital group in the UK was the victim of an online attack, forcing them to take some of its systems offline. Get Duo's tips on how to protect against ransomware and other attacks against patient data.
New Cybersecurity Regulation for NY Financial Services Industry News / Featured Article
Banking, insurance and other financial services must follow new cybersecurity regulation recently released by the New York State Dept. of Financial Services by March 1, 2017.
Healthcare & Business Associates: Prepare for 2017 HIPAA Audits Industry News / Featured Article
Calling all healthcare organizations, providers, hospitals and business associates - are you ready for the HIPAA security audits coming in 2017?
Implement adaptive authentication and other infosec solutions to protect your data and applications. Find more information security knowledge at Duo.