The Duo Bulletin

Video: Two-Factor Authentication for Web Apps with Duo's Web SDK

We released an integration video to show you just how easy it is to set up two-factor authentication with your web-based application using Duo’s web SDK!
Read more...

SOURCE Boston 2014 Wrap Up

The Duo Security team is back from SOURCE Boston 2014 and ready to share new details about BuildItSecure.ly and clue you in to some of the awesome talks we caught. If we missed you while we were in town, we're sorry but we'll be back soon...
Read more...

SANS Webinar: How to Strengthen the "Weakest Link" with Two-Factor Authentication

Did you miss our webinar with SANS and TrustedSec? Watch a video recording of How to Strengthen the "Weakest Link" with Two-Factor Authentication here!
Read more...

Heartbleed Defense-in-Depth Part #2: Don't Trust SSL

Despite the Heartbleed vulnerability, our customers and company were protected through careful security design and defense-in-depth techniques. Read on for the full details.
Read more...

Duo Mobile 3.2. Update for Android: Authenticate via Notification

We’ve released a new version of Duo Mobile 3.2 for Android, available now in the Google Play Store. By making the authentication process even leaner, we’ve made it faster and easier to authenticate via our two-factor authentication mobile app.
Read more...

Heartbleed Defense-in-Depth Part #1: Preventing Admin Session Hijacking

Despite the Heartbleed vulnerability, our customers and company were protected through careful security design and defense-in-depth techniques. Read on for the full details.
Read more...

ATM Admin Panels Hacked to Allow Unlimited Withdrawals, Warns FFIEC

The FFIEC warns that criminals are maxing out bank accounts on ATMs by using phishing emails to access internal networks and change ATM administrator settings. Read more to find out their recommendations for security best practices against these recent attacks.
Read more...

Duo Security's Response to OpenSSL Heartbleed

Duo’s cloud service was fully patched and protected against Heartbleed within hours of the vulnerability being publicly disclosed. Read on for the full details.
Read more...

Come See Us at SOURCE Boston 2014

Despite what the weather may imply, spring is officially here and that means it's time for SOURCE Boston! We're proud to announce that Duo Security is not only giving a presentation, but also sponsoring the event this year. If you're going to be at SOURCE Boston (April 8-10 at the Marriott Courtyard Boston) be sure not to miss out on saying hello, grabbing some swag, and maybe even winning a great prize!
Read more...

Redefining Information Security for Journalists & the Media

As the number of compromised major online media publications continues to rise, the attention should be focused on journalist information security standards, or rather, the lack thereof.
Read more...

Healthcare Data Breaches Increase in 2013; Errors Traced to Admin Passwords

In three of the top 10 breaches in 2013, the error was traced to poor administrative password behavior, such as keeping default passwords or sharing passwords, according to InformationWeek.com.
Read more...

Audits & Scrutiny Drive Law Firms to Seek Stronger IT Security Profiles

While the retail industry has been in the spotlight lately for a rash of high-profile data breaches, vendors that support the industry have also been scrutinized lately for their role in keeping data secure, including law firms in particular.
Read more...

Duo Security Acquired by RSA Security and EMC Corporation

Duo Security, the innovative leader in cloud-based two-factor authentication, announces today that they have been acquired by RSA Security and EMC Corporation.
Read more...

Securing ERP (Enterprise Resource Planning) Software for Manufacturers

Within the complexity of the manufacturing industry exist many security threats, including threats to Internet/intranet communications, intellectual property, global supply chain, proprietary business data and more. Find out how to protect against these threats with strong authentication security.
Read more...

What Windows XP End of Life Means for PCI DSS & Device Security

How does the Windows XP end of life affect PCI DSS compliance and device security in the medical and retail industries? Read to find out!
Read more...

Duo Security's WordPress Plugin Updated to Address Multisite Vulnerability

We discovered a vulnerability affecting Duo Security's WordPress plugin - and we also found a fix. Download and upgrade version 2.2 to fix the multisite bypass vulnerability today!
Read more...

Two-Factor Authentication for Social Media: Now, Tumblr!

Following in the footsteps of Twitter, Linkedin, Facebook and Google, Tumblr has recently rolled out two-factor authentication for users of their micro-blogging platform to protect their logins.
Read more...

Duo Tech Talk: My Pet Fish Drove Downtown (An IoT Security Video)

In February, Duo Security hosted another Duo Tech Talk featuring guest speaker Don A. Bailey, founding partner of Capitol Hill Consultants, LLC. Don presented on the security perspective of the Internet of Things (IoT). Watch the video if you missed it!
Read more...

CanSecWest: Latest BlackBerry 10 Security Research

Find out more about Duo Security's Senior Researcher Zach Lanier's talk on his research with Ben Nell from Accuvant Labs on the BlackBerry 10 mobile security platform.
Read more...

Protect Against Google Phishing Emails

Protect against the latest Google phishing attack with Duo Security's two-factor authentication - here's how!
Read more...

Modern Two-Factor: Could It Have Prevented Bitcoin Breaches?

Using a modern two-factor authentication solution to protect against credential-stealing malware attacks that steal your cryptocurrency and your bank accounts, you can avoid OTP (one-time password) bypassing and protect your accounts.
Read more...

Passwords Aren't Enough: 76% of Breaches Exploit Stolen Credentials

The latest 2013 Verizon Breach Report found that 76 percent of network intrusions exploited weak or stolen credentials, putting passwords squarely in the limelight.
Read more...

2014 RSA: Duo Presents on Hackers & Threats

Duo Security’s Security Evangelist Mark Stanislav presented on IP camera security at the 2014 RSA Conference in San Francisco a few weeks ago - in case you missed it, click through to view the presentation slideshow!
Read more...

CanSecWest in Vancouver: Duo Security Presents on InfoSec

The CanSecWest 2014 security conference in Vancouver is next week, and Duo Security will be presenting two separate talks, both on Wednesday, March 12th.
Read more...

BSides San Francisco: Announcing BuildItSecure.ly

Missed BSides San Francisco? Check out our slides from the talk, and learn more about our latest debuted security tool, BuildItSecure.ly!
Read more...

RSAC 2014 Recap, Duo Party, Expo & Talks!

Check out a slideshow with highlights from this year's RSA Conference, including photos from the expo, booth and our talk!
Read more...

5 Signs You’re Doing Authentication Wrong: Duo Security & Forrester Webinar

Find out if you’re doing authentication wrong by joining our webinar with guest speaker Eve Maler of Forrester Research as she presents her latest research the authentication market on Tuesday, March 25th @ 2pm EST!
Read more...

Keynotes: How to Combat The 20 Percent Rise in Successful Data Breaches

Globally, we spent 46 billion on cyber security last year. We block most of what comes at us. However, the number of breaches continue to rise, increasing 20 percent last year, while the damage caused by breaches has increased 30 percent. Read on to find out what strategy we can use to combat these threats.
Read more...

Under Pressure: Despite Security Concerns, IT Projects Roll Out

Four out of five IT professionals feel pressured to roll out IT projects, despite concerns they were not security-ready. Find out how a simple two-factor authentication solution solves top IT pressures and concerns.
Read more...

2014 RSA Keynotes: Juniper, Microsoft & RSA on Security Today

Missed out on the 2014 RSA keynotes today? Read a summary of the top takeaways from each speech, including talks from RSA Chairman, Microsoft Corporate VP, and Juniper Security VP on the government, new technology and the problems with security innovation today.
Read more...