The Duo Bulletin

Primary Defense Against New Business Email Scams: Two-Factor Authentication

Phishing emails purporting to be wire transfers are the latest ‘business email compromise’ (BEC), according to the Internet Crime Center (IC3).
Read more...

Security Best Practices for Third-Parties: Protecting the Enterprise

The entire chain of security starts at the top - enterprise-level companies that hire contractors, vendors and other third-parties must ensure their counterparts are operating at a sufficient level of security.
Read more...

Two-Factor Authentication for PeopleSoft Apps & Higher Education

Duo Security provides two-factor authentication to protect PeopleSoft applications, paired with GreyHeller's ERP Firewall Plug-in to ensure seamless security for students and staff at higher education institutions.
Read more...

Breached? Who Even Knows

A recent report from the Ponemon Institute on 2014: A Year of Mega Breaches reveals interesting information about companies following a data breach, and attitudes after ‘mega’ breaches such as Target.
Read more...

The Weekly Ink #25

The Weekly Ink is the weekly newsletter brought to you by Duo Labs, with curated links of interest in the security world to help educate the company - and anyone else who will listen - on security happenings and culture.
Read more...

Remote Overlay Toolkit Bypasses OTP Two-Factor Authentication

A new user-friendly toolkit targets online credentials in addition to one-time passwords used to complete two-factor authentication with the use of ‘remote overlay.’
Read more...

Chrome 40 and SHA-2: Certificate Boogaloo

What you need to know about the imminent release of Chrome 40 and its impact on SHA-1 SSL certificates and secure communication.
Read more...

Duo Security Integrates with Epic to Secure E-Prescriptions for Health IT

In order to help healthcare providers meet e-prescription requirements as mandated by the U.S. Drug Enforcement Agency (DEA), Duo Security provides two-factor authentication security for healthcare organizations that send and receive prescriptions for controlled substances electronically.
Read more...

Single-Factor Authentication: Vulnerable to New Malware & The Same Old Threats

A new malware targets Active Directory systems protected by only a password (single-factor authentication).
Read more...

The Weekly Ink #24

The Weekly Ink is the weekly newsletter brought to you by Duo Labs, with curated links of interest in the security world to help educate the company - and anyone else who will listen - on security happenings and culture.
Read more...

Airline Fraud Highlights Loyalty Reward Program Security Problems

Ten thousand American Airlines and three dozen United Airline accounts were targets of fraud, with criminals reusing credentials to access customer loyalty reward points and use them to book or upgrade flights late last month, as PCWorld.com reports.
Read more...

A Medley of State Healthcare Data Laws: Insurance Encryption & 2FA for E-Prescriptions

Some states are upping the ante when it comes to specific healthcare data protection laws, as the U.S. Dept. of Health & Human Services’ healthcare legislation proves to be not enough.
Read more...

New Federal InfoSec Initiatives; CENTCOM Social Media Hacked

A number of new cybersecurity initiatives, including newly proposed acts and efforts to partner with private companies to prevent attacks, will be unveiled at President Obama’s sixth State of the Union Address, scheduled for next Tuesday, January 20 at 9pm ET.
Read more...

Stolen Passwords Allowed Hackers to Steal Over One Billion Rubles

A recent report released about a hacker group that has targeted banks and payment systems in Russian and CIS (Commonwealth of Independent States) countries reveals how the criminals steal money from the bank itself, not its customers. Over one billion rubles, or $17 million, have been stolen over the last six months.
Read more...

Hacktivist Student Protests High Tuition; Targets Cornell & University of Hawaii

Defined by Dictionary.com, hacktivism is the practice of gaining unauthorized access to a computer system and carrying out various disruptive actions as a means of achieving political or social goals.
Read more...

Categories

Free Guide

Two-Factor Authentication Evaluation Guide

This guide walks through some of the key areas of differentiation between two-factor authentication solutions and provides some concrete criteria for evaluating technologies and vendors.

Tags

phishing (14)  passwords (13)  two-factor-authentication (11)  ooba (6)  encryption (5)  malware (5)  webinar (5)  2fa (5)  atms (5)  retail (4)  data breaches (4)  cloud security (4)  target (3)  rig exploit kit (3)  twitter (3)  third-party security (3)  defense in depth (3)  pci dss (3)  health it (3)  healthit (3)  vulnerability (3)  financial data breach (3)  retail data breaches (3)  strong-authentication (3)  two-factor (3)  transaction-level 2fa (3)  home depot (3)  iot security (3)  stolen-passwords (3)  medical devices (3)  hipaa security rule (3) 

Duo is hiring!

View our open positions

Follow Us

Subscribe to our Newsletter

Get product updates, interesting content, and invitations to online and live events.