Recently, Microsoft patched a vulnerability that could be used in phishing attacks to direct users to malicious websites. The security update is available in March’s Patch Tuesday, which included two months of updates and 18 security bulletins - 9 of which were rated as critical.
The FBI has issued a private industry notification to the healthcare industry, warning organizations that attackers are actively targeting FTP (File Transfer Protocol) servers to access protected health information.
This blog covers a talk given by Knight-Wallace journalists Bastian Obermayer and Laurent Richard discussing privacy and security challenges in investigative journalism.
There’s been a 32 percent increase in hacked sites from 2015 to 2016, with no expectations of the trend slowing down, according to Google. Here are some of the top ways that websites get hacked, and what you can do to protect your site against spammers.
The Cloudflare data leak impacted several sites using the popular CDN. Resetting session tokens and enabling 2FA can help affected sites protect their users' credentials.
A security researcher on the Duo Labs team details how he found several vulnerabilities in a wireless physical security system.
Here are some first impressions of a resident Apple nerd’s experience with the 2017 MacBook Pro with Touch Bar, including a review of the Secure Enclave Processor and Touch ID from a security perspective.
Now Facebook and Google Suite users can use a security key to authenticate and verify their identities during login.
A number of U.K.-based financial institutions were hit by a wave of financial banking malware, delivered via phishing email campaigns. Dridex is back this year with new techniques to bypass security and steal user data.
Recently, phishing attacks against Gmail users, a major U.S. financial services provider, and Android app users have revealed unique ways to deliver malware and steal login credentials.
Duo Labs researcher Mark Loveless explores the importance of attribution and how it can be helpful if your company is attacked.
Recent reports have discovered MongoDB instances being targeted with ransomware, with over 28,000 unique cases of ransomware from multiple actors targeting MongoDB hosts. Learn about exposed instances and get some helpful tips and resources on securing a MongoDB deployment.
Banking, insurance and other financial services must follow new cybersecurity regulation recently released by the New York State Dept. of Financial Services by March 1, 2017.
The Office for Civil Rights is conducting audits of healthcare providers and business associates. The goal is to assess HIPAA compliance efforts and discover new security risks.
Holiday travel tests your personal data security. It’s easier to keep your money, identity and tech safe with tips from Duo’s Senior Security Researcher.