Search for blog posts, documentation, or pages

The Duo Bulletin

Detecting Out of Date and Vulnerable Flash Versions on Your Network

Adobe Flash Player is used prolifically to display video/audio content across the web. But recently, rashes of vulnerabilities and zero-days have prompted the information security community to encourage moving away from the technology, or finding a better way to detect outdated versions in order to protect against vulnerabilities.

Outlook Web App (OWA) Auth Credentials Targeted by Attackers

A recent attack on a midsize public services company showed how attackers were able to use malware to steal more than 11k sets of authentication credentials via the company's Outlook Web App (OWA), a Microsoft-based Internet-facing webmail server.

Duo’s New Features Make Endpoint Security Easy & Effective!

We just added new features to Duo Platform Edition that give you complete insight into all of your devices, flag any that may be running out of date or vulnerable browsers or plugins, and give you the option to notify your users and let them update their device software.

Duo Hosts Higher Education Security Panel at the Internet2 Tech Exchange

Duo Security is sponsoring the Internet2’s Technology Exchange, an annual tech/education event hosted in Cleveland, Ohio from Oct. 4-7 this year.

XcodeGhost: Resources for Developer and User Security

iOS developers were the target of a recent malware attack, not Apple Store, although malicious code was spread through many apps downloaded via the online app store. Find out how developers and users can protect themselves with our helpful security tips and resources.

Duo Protects Cloud Access at Amazon re:Invent 2015

Duo will be attending and exhibiting security solutions at the largest cloud computing conference, Amazon re:Invent 2015, hosted at the Venetian in Las Vegas next week, from October 6-8.

Introducing Auto-Push and Custom Logos in the Authentication Prompt

Today, we are launching a beta for the fastest and easiest authentication experience for Duo customers: auto-push.

Strengthening the Signal in the Noise: IoT Security and Stunt Hacking

The whole Internet of Things (IoT) phenomenon has really gained momentum amongst security professionals as a hot topic of discussion. More than a few people are calling for self-examination...

Rising Mobile Malware Attacks Call for Better Endpoint Security

Early this year, the Ponemon Institute and Lumension conducted a survey of IT professionals, revealing that 75 percent of respondents reported that mobile endpoints in their organizations have been targeted by malware over the past year in their report, 2015 State of the Endpoint Report: User-Centric Risk.

London Report: Gartner Analysts Push for Two-Factor Push Notifications

At the Gartner Security & Risk Management Summit in London, analysts and industry leaders are discussing security innovation and new technology, including the latest in authentication tools.

Update Your OS for Security: AirDrop Vulnerability Affects iOS 8.4.1

A new AirDrop vulnerability affecting iOS 8.4.1 (the most recent version until today, when iOS 9 becomes available for update on your Apple devices) has been reported by security researcher Mark Dowd.

Comparing the Total Cost of Ownership of Two-Factor Authentication Solutions

The total cost of ownership (TCO) of a solution includes all direct and indirect costs of owning a product – for a two-factor solution, that may include hidden costs, such as upfront, capital, licensing, support, maintenance, operating and many other unforeseen expenses over time. Check out our comparison of modern two-factor authentication solutions vs. older, traditional solutions (ones built for a client-server computing model).

Blocking Authentication Attempts from Anonymous Networks

The Dark Web can hide criminals and other large-scale threat actors that may want to conduct illegal transactions. Now researchers are warning companies to check for illegal web traffic on their own corporate networks

Duo's CTO Joins InfoSec Experts on FTC Security Panel for Startups

Today, Duo Security’s CTO and Co-Founder Jon Oberheide will join security professional speakers from Twitter, Dropbox, Pinterest, Google and many others at a security conference hosted by the Federal Trade Commission (FTC).

Identifying Bad Apples: Getting to the Core of iOS Vulnerabilities

At Duo Labs, we’re curious about the state of iOS updates. Since Apple manages both hardware and OS, we wanted to find out if the situation was better or worse than Android’s. Here’s our synopsis of our research, and recommendations for practical ways to keep your iOS devices secure.


Free Guide

Ebook: A Modern Guide to Retail Data Risks

Avoiding Catastrophic Data Breaches in the Retail Industry


phishing (20)  two-factor-authentication (18)  security news (17)  healthcare security (16)  passwords (15)  weekly ink (13)  cloud security (11)  mobile security (10)  federal cybersecurity (10)  malware (10)  infosec-evolution (9)  duo mobile (8)  retail data breaches (8)  rsac2015 (8)  banking security (8)  financial data breach (7)  stolen-passwords (7)  data breaches (7)  2fa (6)  pci dss (6)  stolen credentials (6)  financial institutions (6)  ooba (6)  webinar (5)  remote access security (5)  transaction-level 2fa (5)  atms (5)  encryption (5)  healthcare cybersecurity (5)  healthit (5)  platform edition (5)  ios security (5)  defcon-23 (4)  remote access attacks (4)  bank security (4)  data breach notification (4)  pos malware (4)  higher education (4)  blackhat 2015 (4)  google (4)  financial data security (4)  vulnerability (4)  medical identity theft (4)  rig exploit kit (4)  retail data security (4)  hipaa (4)  endpoint security (4)  third-party security (4)  retail (4)  2-factor-authentication (4)  security threats (4)  uk security (4)  defense in depth (3)  media security (3)  ffiec (3)  payment card breach (3)  health it (3)  out of band authentication (3)  law firm security (3)  ios (3)  retail data risks (3)  e-prescriptions (3)  otp bypass (3)  ssl (3)  car security (3)  security research (3)  critical infrastructure security (3)  dyre trojan (3)  end-user authentication (3)  strong-authentication (3)  iot security (3)  ehr (3)  target (3)  social engineering (3)  anthem (3)  defcon (3)  byod (3)  retail ebook (3)  manufacturing security (3)  home depot (3)  healthcare data breach (3)  duo-security-summit (3)  two-factor (3)  twitter (3)  hipaa security rule (3) 

Duo is hiring!

View our open positions

Subscribe to our Newsletter

Get product updates, interesting content, and invitations to online and live events.