SEARCH
All Articles
Applications Using Apache .htaccess at Risk for Attacks
The original vulnerability may be in a jQuery plugin, but the disconnect in how web developers use .htaccess with the Apache web server and how the server is actually configured means there are potentially more applications out there that are vulnerable to attack.
Trio of Bugs in D-Link Routers Allows Device Takeover
A researcher has found three flaws in some D-Link wireless routers that can allow an attacker full control of an affected device.
Android License Changes Raise Security Questions
Android has long been viewed as the less-secure mobile operating system compared to iOS, and Google's licensing changes to comply with the European Commission's anti-trust ruling can potentially make the ecosystem's overall security situation worse.
Apple Puts Privacy and Security Out Front
Apple has launched a new privacy portal that details the company's security and privacy tools and allows users to download a copy of their personal data.
DisruptOps Aims to Automate Cloud Security
A new SaaS firm is working to automate the security and operational aspects of cloud computing to take the burden off enterprises.
Straight Talk with Real CISOs: Is That Really My Job?
In this Straight Talk with Real CISOs video for Decipher, Wendy Nather (director of Advisory CISOs at Duo), Chad Loder (CEO and co-founder of Habitu8), and Manju Mude ("Paranoid" Security Leader at Oath) swap stories about their CISO days and the importance of empathy in security.
Tech Companies Push Back Against Australia’s Crypto Backdoor Bill
Apple, Cisco, Mozilla, and other tech providers say a proposed law in Australia to force backdoors in encrypted services would weaken security for everyone.
Android Trojan Imitates Google Play Store
Cisco Talos researchers have discovered an Android trojan called GPlayed that mimics the Google Play store and can morph once it's installed.
Labs Presents: Browser Settings When Using Personal VPNs
The main point of using a personal VPN is to surf the interwebs in privacy, away from prying eyes. Lock down the browser before starting up the personal VPN for maximum benefits.
Labs Presents: Reasons for Using a Personal VPN
Personal VPNs have a lot of expectations, and they aren't suited for all of them. But there are some scenarios that are ideal for personal VPNs.
Foreign Cyberattacks ‘Getting Worse Not Better’
Senators and law enforcement officials warned that cyberattacks by foreign adversaries are reaching a critical point.
Labs Presents: Evaluating Personal VPNs
People expect the personal VPN to hide or otherwise obscure what they are doing on the Internet. Some are better than others, but it is difficult to evaluate them on technical merits. Duo Labs provides guidelines on how to pick a personal VPN that matches your threat model.
Apple Fixes Passcode Bypasses in iOS 12.01
In a small update to iOS, Apple has fixed two bugs that allowed someone to bypass the passcode on a locked iPhone.
Hardware Security Keys Go Open Source With Solo
The Solo security keys are based on open-source software and hardware designs and work with both desktop and mobile devices for two-factor authentication.
New California Law Requires Strong Passwords for Internet of Things
Thank you California. Gov. Brown has signed into the law that requires manufacturers to give Internet-connected devices unique passwords and not weak passowords like "admin" by default.