Today, Duo Labs is publishing our take on the OOBE; Out-of-Box Exploitation: A Security Analysis of OEM Updaters. OEM software is making us vulnerable and invading our privacy - with that in mind, Duo Labs decided to dig in to see how ugly things can get.
From coffee shops to airports to hotels and work conferences, free public Wi-Fi is everywhere, easy and accessible. But is it safe to use?
Security research team, Duo Labs, dissects OEM laptops to find out how secure they are - learn more about the privacy and security issues they found with laptop default settings, data collection and more.
A newly discovered vulnerability in crypto protocols breaks connections and reminds us all that it's long past time to move on from SSLv2.
A newly discovered vulnerability in OpenSSL reveals private keys and reminds us all that it's long past time to move on from SSLv2.
The Glibc Project has announced a critical vulnerability affecting systems using the glibc DNS client-side resolver, that could, under certain conditions, lead to remote code execution on a system using glibc.
Microsoft will soon drop support for Internet Explorer versions 8, 9 and 10 - that means no more security updates. We took a look at our user data to determine the impact on IE users. Here’s what we found…
Watch as Duo’s Creative Director Pete Baker and Duo Labs’ Mark Loveless and Steve Manzuik debunk the myths that terrorists were using PlayStation networks and the popular Call of Duty game to communicate with each other.
While working on a larger research project, Duo Labs security researchers found sketchy certificates on a brand-new Dell Inspiron 14 laptop. Read on for more about Superfish 2: eDellRoot Boogaloo.
The whole Internet of Things (IoT) phenomenon has really gained momentum amongst security professionals as a hot topic of discussion. More than a few people are calling for self-examination...
Duo Research and Development team share common themes discussed at Black Hat and DEF CON, from advocating for individualized machine learning models to achieving actionable analysis.
Remote Access Trojans (RATs) have traditionally been known as tools that perform tasks such as installing additional malware or stealing files from an infected computer. They are often bundled with enticing software like free games or system utilities. RATs are nothing new, but their usage and related attack methods have changed recently in interesting ways.
As has often been the case with old technology that stays in use in the modern era, several concrete hacks have been demonstrated against satellite communication technology.
Kyle Lady of Duo Labs covers talks about the human factor — from social engineering to human vulnerability scanning — at DEF CON and Black Hat 2015.
The phrase "deep learning" came up many times during Black Hat 2015. It seems to have quickly risen to prominence, and it certainly merits discussion: the broad field of machine learning and developments in the field have definite potential to help the security field make better sense of the data.