Search for blog posts, documentation, or pages

The Duo Bulletin

The Weekly Ink #36

The Weekly Ink is the weekly newsletter brought to you by Duo Labs, with curated links of interest in the security world to help educate and entertain on security happenings and culture.

Third Healthcare Insurer Hacked This Year; Affecting 1.1 Million

Yet another healthcare insurer reports a data breach, supporting the Ponemon Institute’s research that found criminal attacks on healthcare organizations have jumped 125 percent compared to five years ago. CareFirst BlueCross BlueShield was breached last June.

Efficient, Offline Access for Neustar IP Intelligence Data

We developed a tool to convert Neustar's GeoPoint data to MaxMind's database format to effect efficient access without the need for an online RDBMS.

The Current State of Law Firm Information Security

Law firms are obvious targets of attackers due to being repositories for confidential data on corporate deals, business strategies and other contracts.

Malicious Hackers Take Over Media Sites via Content Delivery Network Providers

Content delivery network providers are now targets of malicious hackers, as the brief Washington Post mobile site takeover exemplified. Last week, the Syrian Electronic Army (SEA) struck again, attacking the major news media outlet for a second time via one of their third-party tech providers, sending custom push notifications to their readers.

Healthcare at Risk: Medical Identity Theft, Phishing and Criminal Attacks Increase

According to the Ponemon Institute’s latest healthcare data security report, medical identity theft has doubled in the past five years, increasing from 1.4 million to over 2.3 million in 2014.

Estimating Google’s Two-Factor (2SV) Adoption with Pen, Paper, and Poor Math

In this post, we attempt to estimate the current adoption rates of Google's 2SV two-factor authentication service, armed with only an unlabeled graph, a single datapoint, a ruler, pen and paper, and a healthy disregard for any statistical methods.

The Weekly Ink #35

The Weekly Ink is the weekly newsletter brought to you by Duo Labs, with curated links of interest in the security world to help educate and entertain on security happenings and culture.

Mobile Payments Convenient for Customers; Criminals Too

Mobile payment enthusiasts, beware: criminals are targeting customers that use a Starbucks card or the company’s mobile payment app to make purchases at the chain. As usual, the attacks are traced back to stolen customer usernames and passwords that allow attackers to steal money from their accounts.

Welcome to Platform Edition!

Platform Edition is the culmination of discussions with our customers, iterative design sessions, many man-years worth of work, and finally, a number of highly-informative beta experiences.

Designing a Smarter Security Solution with Duo Platform Edition

Here at Duo, we focus on solving problems by simplifying things. So we decided to design a solution comprised of a suite of advanced features that do the job of multiple security vendors - the Duo Platform Edition, a new secure access platform.

Taking Action to Protect Applications and Reduce Rising Identity Theft

In order to combat rising levels of fraud, the Internal Revenue Service (IRS) has created a criminal investigation team of about a dozen agents, as the The Wall Street Journal reported.

Malicious Emails Deliver Malware via Job Recruiting Site

A recent report from Proofpoint security researchers found that attackers are sending malware to organizations via recruiting services, which may target Human Resource (HR) departments.

Keys to the Digital Kingdom: Point-of-Sale Intrusions Rely on Stolen Credentials

Over 95 percent of security incidents involve credential-harvesting from customer devices, then logging into web applications with them, according to Verizon’s 2015 Data Breach Investigations Report (DBIR). And for the retail industry, point-of-service (POS) vendors were the main source of compromise.

With a Flick of the Wrist, Security Just Got Even Easier

Duo’s mobile development team has been working on updates to our authentication application, Duo Mobile, with new features for iOS, including Apple Watch and Touch ID.


Free Guide

Two-Factor Authentication Evaluation Guide

This guide walks through some of the key areas of differentiation between two-factor authentication solutions and provides some concrete criteria for evaluating technologies and vendors.


phishing (17)  two-factor-authentication (15)  healthcare security (14)  passwords (13)  security news (12)  infosec-evolution (9)  malware (9)  cloud security (9)  rsac2015 (8)  weekly ink (8)  banking security (7)  duo mobile (7)  financial institutions (6)  financial data breach (6)  retail data breaches (6)  stolen-passwords (6)  ooba (6)  stolen credentials (5)  federal cybersecurity (5)  encryption (5)  webinar (5)  2fa (5)  atms (5)  transaction-level 2fa (5)  remote access security (4)  medical identity theft (4)  healthit (4)  healthcare cybersecurity (4)  vulnerability (4)  hipaa (4)  bank security (4)  data breach notification (4)  retail (4)  data breaches (4)  pos malware (4)  third-party security (4)  pci dss (4)  mobile security (4)  rig exploit kit (3)  anthem (3)  retail data security (3)  health it (3)  two-factor (3)  platform edition (3)  otp bypass (3)  media security (3)  critical infrastructure security (3)  defense in depth (3)  ssl (3)  uk security (3)  twitter (3)  remote access attacks (3)  manufacturing security (3)  retail ebook (3)  strong-authentication (3)  dyre trojan (3)  target (3)  home depot (3)  google (3)  e-prescriptions (3)  hipaa security rule (3)  iot security (3) 

Duo is hiring!

View our open positions

Subscribe to our Newsletter

Get product updates, interesting content, and invitations to online and live events.