Security news that informs and inspires

All Articles

1339 articles:

The Latest Phishing Attacks Target Gmail, Microsoft Word & Android Apps

Recently, phishing attacks against Gmail users, a major U.S. financial services provider, and Android app users have revealed unique ways to deliver malware and steal login credentials.

Phishing, Google, Microsoft, Android

The Weird World of Attribution

Duo Labs researcher Mark Loveless explores the importance of attribution and how it can be helpful if your company is attacked.

Security Research

Why the MongoDB Ransomware Shouldn’t Surprise Anyone

Recent reports have discovered MongoDB instances being targeted with ransomware, with over 28,000 unique cases of ransomware from multiple actors targeting MongoDB hosts. Learn about exposed instances and get some helpful tips and resources on securing a MongoDB deployment.

Mongodb, Ransomware, Database Security

New Cybersecurity Regulation for NY Financial Services

Banking, insurance and other financial services must follow new cybersecurity regulation recently released by the New York State Dept. of Financial Services by March 1, 2017.

Financial Data Security, Banking Security

Is Your Healthcare Organization Ready for the HIPAA Security Audits?

The Office for Civil Rights is conducting audits of healthcare providers and business associates. The goal is to assess HIPAA compliance efforts and discover new security risks.

Hipaa Audits, Healthcare Security, Health Data Security

Holiday Travel Security & Privacy Tech Tips

Holiday travel tests your personal data security. It’s easier to keep your money, identity and tech safe with tips from Duo’s Senior Security Researcher.

Security Tips, Travel, Infosec, Information Security, Identity Theft Protection, Duo Security, 2fa

How Secure is the Retail Industry’s Infrastructure Today?

Retailers and consumers can better secure payment data. Tactics like two-factor authentication and wireless payment technologies offer secure paths forward.

Retail Cybersecurity, Retail Data Security, Duo Security Summit, Duo Push, 2fa

Security Projects to Keep an Eye on in 2017

Infosec is constantly evolving. We asked one of our security researchers to share some of the most exciting projects to keep an eye on in 2017.

Information Security, Infosec, Metron, Binary Analysis

Unicorn Wrangling 101: What is a Backdoor?

What constitutes a backdoor in software, firmware, or even hardware? This question nagged at us during a recent project that Duo Labs worked on.

Mobile, Backdoors, Android

Over 18,000 Redis Instances Targeted by Fake Ransomware

Duo Labs set out to measure how many Redis instances were exposed to the Internet and potentially vulnerable to attacks. Here is a brief summary of our findings.

Ransomware

Pegasus, My Little Pony of Doom: An Analysis of iOS Vulnerabilities

Find out more about the latest three vulnerabilities affecting iOS devices, and how many enterprise endpoints and phones are susceptible to these exploits.

Ios Security, Ios Vulnerabilities, Pegasus, Trident

Android Phones: Nexus Wins for Security Updates

We at Duo Labs wanted to know if there is a difference between Nexus phones and other Android phones as it relates to security posture. Here are some of the key findings from our analysis:

Android, Mobile

USENIX Annual Technical Conference (ATC) 2016: The Best and Brightest Security Talks

A Duo Labs review of the USENIX Annual Technical Conference (ATC) 2016 in Denver, Colorado and the most interesting security talks on data deduplication, Blockstack, RC4 attacks and causal profiling.

Usenix Atc, Infosec Conference

More Than Half of Android Phones Vulnerable to Encryption Bypass Attacks

The security research team at Duo Security, Duo Labs analyzed our dataset of Android phones to find out how many were vulnerable to the latest Android encryption bypass attacks, patched in the May 2016 update.

Android, Vulnerability

That Big Symantec Antivirus Bug

A Duo Labs analysis of the recent critical vulnerability found in Symantec’s Antivirus Decomposer engine, used in Symantec Endpoint Protection and other Symantec and Norton security products, and discovered by Tavis Ormandy.

Antivirus, Vulnerability