Search for blog posts, documentation, or pages

The Duo Bulletin

Remote Access Trojan (RAT) Targets Windows Environments

The latest RAT (Remote Access Trojan) targets Windows machines, bypassing security measures like antivirus and built-in security enhancements in Windows.

Protecting Windows Installations with Duo Security’s Strong Authentication

Duo Security’s integration for Windows Remote Desktop Protocol (RDP) protects both RDP and local console logins for versions of Windows from Vista to 8.1 clients, and Windows server operating systems from 2008 to 2012 R2.

Detecting Out of Date and Vulnerable Flash Versions on Your Network

Adobe Flash Player is used prolifically to display video/audio content across the web. But recently, rashes of vulnerabilities and zero-days have prompted the information security community to encourage moving away from the technology, or finding a better way to detect outdated versions in order to protect against vulnerabilities.

Outlook Web App (OWA) Auth Credentials Targeted by Attackers

A recent attack on a midsize public services company showed how attackers were able to use malware to steal more than 11k sets of authentication credentials via the company's Outlook Web App (OWA), a Microsoft-based Internet-facing webmail server.

Duo’s New Features Make Endpoint Security Easy & Effective!

We just added new features to Duo Platform Edition that give you complete insight into all of your devices, flag any that may be running out of date or vulnerable browsers or plugins, and give you the option to notify your users and let them update their device software.

Duo Hosts Higher Education Security Panel at the Internet2 Tech Exchange

Duo Security is sponsoring the Internet2’s Technology Exchange, an annual tech/education event hosted in Cleveland, Ohio from Oct. 4-7 this year.

XcodeGhost: Resources for Developer and User Security

iOS developers were the target of a recent malware attack, not Apple Store, although malicious code was spread through many apps downloaded via the online app store. Find out how developers and users can protect themselves with our helpful security tips and resources.

Duo Protects Cloud Access at Amazon re:Invent 2015

Duo will be attending and exhibiting security solutions at the largest cloud computing conference, Amazon re:Invent 2015, hosted at the Venetian in Las Vegas next week, from October 6-8.

Introducing Auto-Push and Custom Logos in the Authentication Prompt

Today, we are launching a beta for the fastest and easiest authentication experience for Duo customers: auto-push.

Strengthening the Signal in the Noise: IoT Security and Stunt Hacking

The whole Internet of Things (IoT) phenomenon has really gained momentum amongst security professionals as a hot topic of discussion. More than a few people are calling for self-examination...

Rising Mobile Malware Attacks Call for Better Endpoint Security

Early this year, the Ponemon Institute and Lumension conducted a survey of IT professionals, revealing that 75 percent of respondents reported that mobile endpoints in their organizations have been targeted by malware over the past year in their report, 2015 State of the Endpoint Report: User-Centric Risk.

London Report: Gartner Analysts Push for Two-Factor Push Notifications

At the Gartner Security & Risk Management Summit in London, analysts and industry leaders are discussing security innovation and new technology, including the latest in authentication tools.

Update Your OS for Security: AirDrop Vulnerability Affects iOS 8.4.1

A new AirDrop vulnerability affecting iOS 8.4.1 (the most recent version until today, when iOS 9 becomes available for update on your Apple devices) has been reported by security researcher Mark Dowd.

Comparing the Total Cost of Ownership of Two-Factor Authentication Solutions

The total cost of ownership (TCO) of a solution includes all direct and indirect costs of owning a product – for a two-factor solution, that may include hidden costs, such as upfront, capital, licensing, support, maintenance, operating and many other unforeseen expenses over time. Check out our comparison of modern two-factor authentication solutions vs. older, traditional solutions (ones built for a client-server computing model).

Blocking Authentication Attempts from Anonymous Networks

The Dark Web can hide criminals and other large-scale threat actors that may want to conduct illegal transactions. Now researchers are warning companies to check for illegal web traffic on their own corporate networks


Free Guide

Two-Factor Authentication Evaluation Guide

This guide walks through some of the key areas of differentiation between two-factor authentication solutions and provides some concrete criteria for evaluating technologies and vendors.


phishing (20)  two-factor-authentication (18)  security news (17)  healthcare security (15)  passwords (15)  weekly ink (13)  cloud security (11)  mobile security (10)  federal cybersecurity (10)  malware (10)  infosec-evolution (9)  banking security (8)  retail data breaches (8)  rsac2015 (8)  duo mobile (8)  stolen-passwords (7)  financial data breach (7)  data breaches (7)  2fa (6)  pci dss (6)  financial institutions (6)  ooba (6)  stolen credentials (6)  atms (5)  transaction-level 2fa (5)  encryption (5)  remote access security (5)  webinar (5)  remote access attacks (5)  platform edition (5)  ios security (5)  bank security (4)  defcon-23 (4)  blackhat 2015 (4)  pos malware (4)  vulnerability (4)  data breach notification (4)  google (4)  higher education (4)  retail (4)  financial data security (4)  retail data security (4)  third-party security (4)  healthcare cybersecurity (4)  endpoint security (4)  rig exploit kit (4)  healthit (4)  hipaa (4)  medical identity theft (4)  security threats (4)  uk security (4)  2-factor-authentication (4)  e-prescriptions (3)  defense in depth (3)  ffiec (3)  otp bypass (3)  out of band authentication (3)  health it (3)  law firm security (3)  ios (3)  retail data risks (3)  payment card breach (3)  ssl (3)  car security (3)  manufacturing security (3)  home depot (3)  iot security (3)  end-user authentication (3)  strong-authentication (3)  outlook-web-app (3)  anthem (3)  target (3)  social engineering (3)  dyre trojan (3)  two-factor (3)  defcon (3)  duo-security-summit (3)  critical infrastructure security (3)  media security (3)  security research (3)  retail ebook (3)  byod (3)  twitter (3)  hipaa security rule (3) 

Duo is hiring!

View our open positions

Subscribe to our Newsletter

Get product updates, interesting content, and invitations to online and live events.