Security news that informs and inspires

All Articles

658 articles:

DROWN Provides Another Reminder to Disable SSLv2 (and 3, while you’re at it)

A newly discovered vulnerability in crypto protocols breaks connections and reminds us all that it's long past time to move on from SSLv2.

SSL, SSL Security, OpenSSL, Vulnerability

OpenSSL Provides Another Reminder to Disable SSLv2 (and 3, while you’re at it)

A newly discovered vulnerability in OpenSSL reveals private keys and reminds us all that it's long past time to move on from SSLv2.

SSL, SSL Security, OpenSSL, Vulnerability

Critical Vulnerability Affecting Glibc: Patch Immediately

The Glibc Project has announced a critical vulnerability affecting systems using the glibc DNS client-side resolver, that could, under certain conditions, lead to remote code execution on a system using glibc.

Glibc, Linux Security, Vulnerability

Microsoft Drops Support for Internet Explorer: Just How Big of Deal is This?

Microsoft will soon drop support for Internet Explorer versions 8, 9 and 10 - that means no more security updates. We took a look at our user data to determine the impact on IE users. Here’s what we found…

Internet Explorer, Browser Security, Windows Security

Debunking Myths: Do Terrorists Use Game Consoles to Communicate With Each Other?

Watch as Duo’s Creative Director Pete Baker and Duo Labs’ Mark Loveless and Steve Manzuik debunk the myths that terrorists were using PlayStation networks and the popular Call of Duty game to communicate with each other.

Security Research, Gaming

Dude, You Got Dell’d: Publishing Your Privates

While working on a larger research project, Duo Labs security researchers found sketchy certificates on a brand-new Dell Inspiron 14 laptop. Read on for more about Superfish 2: eDellRoot Boogaloo.

Security Research, Dell Security, Edell Root, Labs Research

Strengthening the Signal in the Noise: IoT Security and Stunt Hacking

The whole Internet of Things (IoT) phenomenon has really gained momentum amongst security professionals as a hot topic of discussion. More than a few people are calling for self-examination...

IoT Security, Stunt Hacking, Security Research

I, For One, Welcome Our New Algorithmic Overlords

Duo Research and Development team share common themes discussed at Black Hat and DEF CON, from advocating for individualized machine learning models to achieving actionable analysis.

Black Hat, Defcon, Machine Learning, Deep Learning

You Built a Better Mousetrap? They Built Better RATs

Remote Access Trojans (RATs) have traditionally been known as tools that perform tasks such as installing additional malware or stealing files from an infected computer. They are often bundled with enticing software like free games or system utilities. RATs are nothing new, but their usage and related attack methods have changed recently in interesting ways.

Defcon, Data Breaches, Remote Access Attacks, Remote Access Security

What’s Old is… Still Old: The Security from the Obscurity of Legacy Systems is Crumbling

As has often been the case with old technology that stays in use in the modern era, several concrete hacks have been demonstrated against satellite communication technology.

Black Hat, Embedded Systems

I’m Sorry, *You* Are… The Weakest Link

Kyle Lady of Duo Labs covers talks about the human factor — from social engineering to human vulnerability scanning — at DEF CON and Black Hat 2015.

Human Factor, Social Engineering, Black Hat, Defcon

Applications of Deep Learning: The Good, The Bad and The Opinion

The phrase "deep learning" came up many times during Black Hat 2015. It seems to have quickly risen to prominence, and it certainly merits discussion: the broad field of machine learning and developments in the field have definite potential to help the security field make better sense of the data.

Deep Learning, Black Hat

Welcome to Vegas! A Primer on Attending Black Hat & DEF CON

This is a general guideline aimed at first-time attendees to Black Hat and DEF CON.

Blackhat, Defcon, Conference, Security Threats