Duo Labs researchers discovered that Apple was using serial numbers to authenticate devices with its Device Enrollment Program (DEP). If organizations treat DEP as a trust broker and assume DEP-registered devices are trusted, they expose themselves to a variety of risks, including rogue devices receiving internal network configuration settings.
Mark Loveless from Duo Labs goes on camera to show how he tested RFID-blocking gear such as sleeves, wallets, and purses. Which one gives you the most protection for your money?
With all the reports about criminals lifting information off credit cards, access cards, and even passports, does it make sense to buy one of those RFID-blocking sleeves and wallets? Duo Labs finds out in this Decipher report.
Here are some recommendations for what we’d like to see online services do while monitoring their platform for account fraud. While some of them apply specifically to account recovery, but recommendations focus on improving overall account security.
An examination of 12 popular web services show distinct differences in how different providers implement account recovery. They all have different options, but Facebook and GitHub offers some of the best security options on the list.