Security news that informs and inspires

All Articles

2160 articles:

What You Need to Know About Complying With GDPR

Have questions about the E.U.'s General Data Protection Regulation (GDPR)? Get non-scary advice on the basics of complying, and what you need to do to protect your organization.

Gdpr, General Data Protection Regulation, Uk Security

Malicious Chrome Extensions Steal Passwords & CPU Power

A number of recent malicious Google Chrome extensions that steal user data and CPU have slipped into the Chrome Web Store, disguised as ad blockers, security tools and URL shorteners. Users beware of shady extensions in the Chrome Web Store...

Chrome Security, Stolen Passwords

Protecting Against Bad Rabbit Ransomware Infection

A new severe variation of the Not-Petya ransomware has infected mainly Russian users - here’s how it spreads and how to protect against it.

Ransomware, Smb Security, Drive by Malware

SSH Key Exposure: Lapses in Server Access Security

The exposure of SSH keys to public websites or code repositories can result in unauthorized admin access to your servers and systems.

Ssh Security, Ssh Keys, Server Security, Aws Security

Bluetooth Hacking Tools Comparison

The Duo Labs security research team compares the features and capabilities of several Bluetooth scanners and software to best assist you in your security and IoT research.

Labs Research, Bluetooth Security, Bluetooth Hacking

Explaining KRACK: A Critical Attack Affecting A Wi-Fi Security Protocol

Learn about KRACK (key reinstallation attacks), the serious WPA2 vulnerabilities and how it impacts authentication and certain platforms, plus caveats on how the attack can work in the real world.

Wpa2 Security, Wi Fi Security, Krack

Evasive Brute-Force Attacks Target Office 365 Accounts

There’s a new sneaky brute-force attack targeting unprotected enterprise Office 365 accounts, including those in the manufacturing, financial services, healthcare industries.

Mfa, Sso, Cloud

New York Cybersecurity Regulations in Effect for Financial Services

New York-based banks, insurance companies and other financial services must comply with finalized cybersecurity regulations - here’s a summary of the mandatory provisions and components of a cybersecurity program.

Cybersecurity, Financial Data Security

An Analysis of BlueBorne: Bluetooth Security Risks

Cut through the FUD (Fear, Uncertainty & Doubt) with a Duo Labs analysis of the recent series of Bluetooth vulnerabilities known as BlueBorne - and get our mitigation recommendations on how to keep your devices safe.

Bluetooth Security, Blueborne, Bluetooth Vulnerabilities

Securing Access to Data Stored in Amazon S3 Buckets

There have been countless examples of misconfigured access to Amazon S3 buckets containing massive amounts of sensitive data - here’s how you can configure granular access policies and use MFA to protect your data in the cloud.

Cloud, Aws Security, Aws Authentication, Amazon S3 Security, S3 Bucket Security

Cloud Auth - Are You Doing Enough?

What does it take to secure your cloud applications and data? Technology today has made it possible to require stronger authentication controls for access to business-critical applications.

Cloud

Universities Targeted by Increasing Phishing & Ransomware Attacks

Malicious attacks against U.K. universities have doubled in the past year - find out how to protect against ransomware and phishing attacks that target research data.

University Security, Higher Education, Ransomware, Phishing

The State of the Breach in Healthcare: A Look at 2017 So Far

See how many healthcare data breaches have been reported so far in 2017, how many are due to hacking, what areas are lacking in security protection, how many ransomware attacks have targeted healthcare and more.

Healthcare Security, Healthcare Data Breach, Healthit

New Critical Infrastructure Security Recommendations from NIAC

A White House advisory group, The President’s National Infrastructure Advisory Council (NIAC), has released an 11-step report urging the Administration to take action to protect against “a watershed, 9/11-level cyber attack.”

Government, Critical Infrastructure Security

The State of Real-Time Threat Detection

An overview of tracking ransomware payments, tools to fight ransomware attacks, 3D printing security concerns and more from Black Hat 2017 and DEF CON 25 talks this year.

Black Hat, Defcon, Ransomware, 3d Printing Security