The Duo Bulletin

Securing Against Domain Hijacking with Strong Access Controls

Hosting registrars for regional Lenovo and Google domains were hijacked last month, prompting a focus on the security of hosting vendors.

The Weekly Ink #29

The Weekly Ink is the weekly newsletter brought to you by Duo Labs, with curated links of interest in the security world to help educate and entertain on security happenings and culture.

Consumer Data Leaked; Finance Startup Lacks Database Security

Kreditech, a Germany-based consumer finance startup that lends money to consumers with little or no credit rating, was the target of the latest financial breach, as Brian Krebs reported.

Password Plight: Despite a Compromise, Two Factor Protects Data

A recent breach forced a video streaming and gaming community to reset all of their users’ passwords, forcing users to choose a new password after their next login, according to

New POS Malware Steals Passwords for Remote Access; Breaching Retailers

Retail data breaches are up 10 percent, as Mandiant's M-Threat report found. Attackers are continuing to cash in by using malware designed especially for breaching retailer systems, stealing customer payment data, and retailer login credentials.

Premera's IT Security Audit Report Revealed Lack of Multi-Factor Authentication

Back at the end of November 2014, the Office of Personnel Management (OPM) released an IT security audit report on the state of Premera’s security profile, noting a gap in access controls. A few months later, Premera discovered a breach of their systems that may have compromised the medical and financial data of 11 million individuals.

The Weekly Ink #28

The Weekly Ink is the weekly newsletter brought to you by Duo Labs, with curated links of interest in the security world to help educate the company - and anyone else who will listen - on security happenings and culture.

Healthcare Data in the Crosshairs

Predictions that 2015 would be a year of ‘healthcare breaches’ are proving prescient, as another massive security incident comes to light.

FISMA Report Reveals Federal Agencies Struggle with Strong Authentication

The annual Federal Information Security Management Act (FISMA) report (PDF) for Congress published Feb. 27 reveals a 15 percent increase in information security incidents impacting federal agencies last year, totalling nearly 70,000 events, recognizing that “strong authentication remains a key challenge.”

Authentication-Based Attacks Target Energy & Critical Manufacturing Industries

The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) finds that the energy sector reported the highest number of security incidents in 2014 at 32 percent, while the critical manufacturing industry came in second at 27 percent, in their most recent Monitor newsletter.

Protecting Against Remote Access Attacks With Strong Authentication

In most breach cases, a devious lone hacker, or an army of state-sponsored foreign attackers are among the defendants named in the media. But former employees may also pose a serious risk, as an FBI press release about a security breach case involving a New York company and former employee revealed a few weeks ago.

Criminals Leverage Apple Pay for Fraud; Banks Boost Authentication Security

As The Wall Street Journal reported, criminals are loading stolen credit card data on iPhones in order to make fraudulent purchases, taking advantage of lax bank security requirements for authentication.

Cloud Security Concerns Call for New Security Controls

A new study from CloudPassage, the LinkedIn Cloud Security Spotlight Report, has found that in order to secure the cloud, information security professionals are moving away from perimeter-based security models.

Apps Implement Multifactor Authentication After Mobile Breaches

Mobile apps that take on the work of online banks need also take on the responsibility of security. This could be seen in the recent Slate article detailing the hack of a web developer’s account with Venmo...

Point-of-Sale Malware Continues to Plague Retailers in 2015

If you have credit card data, they will come. While retail data breaches appeared to be in vogue last year, they haven’t exactly gone out of style quite yet - Zoup, a soup eatery chain, and Natural Grocers, a health food chain may be victims of credit card theft, according to Brian Krebs.


Free Guide

Ebook: A Modern Guide to Retail Data Risks

Avoiding Catastrophic Data Breaches in the Retail Industry


phishing (16)  two-factor-authentication (15)  passwords (13)  healthcare security (12)  cloud security (8)  malware (7)  financial data breach (6)  security news (6)  ooba (6)  stolen-passwords (5)  federal cybersecurity (5)  transaction-level 2fa (5)  stolen credentials (5)  atms (5)  2fa (5)  encryption (5)  financial institutions (5)  webinar (5)  retail data breaches (5)  banking security (4)  data breach notification (4)  healthcare cybersecurity (4)  pci dss (4)  hipaa (4)  healthit (4)  data breaches (4)  bank security (4)  retail (4)  pos malware (3)  e-prescriptions (3)  weekly ink (3)  twitter (3)  retail ebook (3)  otp bypass (3)  home depot (3)  hipaa security rule (3)  manufacturing security (3)  critical infrastructure security (3)  two-factor (3)  strong-authentication (3)  remote access security (3)  medical devices (3)  iot security (3)  health it (3)  third-party security (3)  anthem (3)  target (3)  defense in depth (3)  vulnerability (3)  mobile security (3)  rig exploit kit (3) 

Duo is hiring!

View our open positions

Follow Us

Subscribe to our Newsletter

Get product updates, interesting content, and invitations to online and live events.