To provide users and IT teams with actionable intelligence about Chrome extensions, Duo Labs is excited to announce the public beta of CRXcavator (rhymes with “excavator”), a free service that analyzes Chrome extensions and produces comprehensive security reports.
Duo Labs is releasing an open-source Android library that serves as a WebAuthn authenticator, supporting hardware-backed keys and biometric user verification.
The Department of Homeland Security (DHS) made a curious announcement during the shutdown that had everyone scratching their collective heads ... at first. DHS gave agencies 10 days to get their account security in order, specifically calling out two-factor authentication (2FA) and other protections due to DNS hijacking vulnerabilities.
The latest evolution in phishing is the Modlishka tool, which provides the attacker a simple tool to use a reverse proxy to place the attacker between the user and the target site. The user’s traffic passes through the tool and can capture SMS-based 2FA tokens. Here, we look at how to counter modern phishing attacks with strong 2FA and a defense in depth strategy.
The new Guide to Web Authentication aims to provide a useful developer resource for engaging with WebAuthn to replace or supplement password-based authentication on your own websites.
An overview of methods used in the wild to detect jailbreaks, as well as methods used to evade detection.
What do usability lessons mean for the future of security technology? Learn about how passwordless authentication, WebAuthn, U2F and zero-trust networking are revolutionizing how we securely log in.
In this two-part series on usability and security, we'll explain what users expect from effective authentication and authorization tech, and how to apply these lessons to the next generation of tech.
To provide secure access to applications in a hybrid cloud and on-premises environment, customers typically start by adding Duo’s multi-factor authentication (MFA) to virtual private networks (VPNs) like Cisco AnyConnect.
We’re pleased to announce the general availability of our offline MFA for Windows laptops, desktops and servers. Duo’s offline MFA for Windows allows end users to perform 2FA even while they are temporarily disconnected from the internet.
