Security Boulevard

MARCH 26, 2025

tl;dr: Less FPs for Owns/WriteOwner and new Owns/WriteOwnerLimitedRights edges Before we get started, if youd prefer to listen to a 10-minute presentation instead of or to supplement reading this post, please check out the recording of our most recent BloodHound Release Recap webinar. You can also sign up for future webinars here.

Accountability 52

Accountability Engineering 52

Duo's Security Blog

APRIL 23, 2025

New threat types such as push-bombing, social engineering, and spear phishing are forcing organizations to do more than rely on MFA alone. The Duo Mobile app allows users to easily download the app onto their devices, while a self-service portal also lets them manage their own accounts and devices, reducing help desk tickets and support time.

Authentication 59

Authentication Risk Social Engineering Accountability 59

Security Boulevard

MARCH 5, 2025

As we look to the future, we are growing product engineering and research teams to continue to build out attack path coverage and features in the BloodHound platform, in addition to sales and marketing teams to better serve our customers and the broader security community. EDT on Thursday, March 20.

Penetration Testing 52

Penetration Testing Risk Marketing Engineering 52

Security Affairs

FEBRUARY 20, 2022

Business Email Compromise/Email Account Compromise (BEC/EAC) is a sophisticated scam that targets both entities and individuals who perform legitimate transfer-of-funds requests. Use secondary channels or two-factor authentication to verify requests for changes in account information. ” reads the FBI’s PSA.

Accountability 100

Accountability Social Engineering Scams Mobile 100

SecureWorld News

APRIL 9, 2025

Also, college clubs (business, engineering, etc.) ISC2 celebrates women in cybersecurity ISC2 celebrated women in cybersecurity in March and has a webinar on the topic available to view. "At This can be done across multiple disciplines within cyberengineering, product management, marketing, and sales.

Cybersecurity 84

Cybersecurity Education InfoSec Government 84

Security Boulevard

JULY 6, 2023

It's no secret that the bad guys are training their artificial intelligence (AI) engines to crack passwords, perform account takeovers (ATO), and automate their ransomware demands. Modern solutions need to take into account the new behavioral situation of the user and allow some flexibility – for a defined period of time.

Artificial Intelligence 105

Artificial Intelligence Passwords Authentication Accountability 105

Duo's Security Blog

FEBRUARY 6, 2024

Reducing the risk of identity-based attacks Picture a scenario where an attacker acquires a list of dormant accounts, performs credential-stuffing, and gets the necessary credentials to log-in. Stay tuned!

Accountability 119

Accountability Authentication Risk Marketing 119

Duo's Security Blog

JULY 21, 2022

Enhanced Security Visibility and Threat Intelligence When Duo launched Trust Monitor in November 2020, the idea was to highlight suspicious login activity and help SecOps investigate potentially compromised accounts. Surfacing this information provides SecOps analysts with greater security visibility into potential threats.

Authentication 105

Authentication Threat Detection Accountability Mobile 105

Security Boulevard

SEPTEMBER 20, 2024

Specifically, CISA and USCG assessors had the most success gaining initial access, attaining network permanence, evading defenses and moving laterally by using valid accounts, phishing schemes and default credentials – all simple attack methods.

IoT 97

IoT Cybersecurity Hacking Risk 97

Security Boulevard

MAY 2, 2025

Specifically, CISA and USCG assessors had the most success gaining initial access, attaining network permanence, evading defenses and moving laterally by using valid accounts, phishing schemes and default credentials all simple attack methods.

Cybersecurity 52

Cybersecurity Software Cyber Risk Risk 52

CyberSecurity Insiders

APRIL 10, 2023

“In the current digital landscape, identity security has gained paramount importance due to the growing cyber risks posed by phishing and social engineering attacks utilizing AI. These attacks have become more complex and challenging to detect, leading to increased instances of data breaches, account takeovers, and impersonation attacks.

Identity Theft 105

Identity Theft Education Authentication Data breaches 105

Duo's Security Blog

APRIL 20, 2023

Accounting for nearly a quarter of reported incidents in Australia, phishing is a broad category of social engineering with several variations. These social engineering techniques tricked employees into revealing their login credentials, which allowed attackers to access additional systems and data. What is phishing?

Phishing 106

Phishing Social Engineering Authentication Engineering 106

Duo's Security Blog

SEPTEMBER 1, 2023

Passkeys simplify account registration for apps and websites, are easy to use, work across most of a user’s devices, and even work on other devices within physical proximity.” - FIDO Alliance Most people know what passwords are and have experienced first-hand some of the many issues with them. Want to learn more about passkeys?

Passwords 133

Passwords Authentication Insurance Cyber Insurance 133

Duo's Security Blog

OCTOBER 24, 2023

Be sure to tune into our webinar - Authenticate Further, Defend Faster with Higher Security from Duo – to learn more about ways to protect against MFA bypass attacks, credential theft and compromised third-party security. An MFA fatigue attack cannot work when attackers also need to input a multi-digit number that only users know.

Social Engineering 88

Social Engineering Authentication Education Engineering 88

Duo's Security Blog

MAY 6, 2024

Despite their remarkable security value, our 2024 Trusted Access Report reveals that passwordless methods still account for less than 5% of authentications. If you’d like to learn more about Continuous Identity Security, register for our webinar , read more at our solution page , or just drop us a line. The benefit is twofold.

Authentication 95

Authentication Accountability VPN Phishing 95

Identity IQ

MAY 17, 2023

The 2022 Trends in Identity Report indicates identity thieves are getting better at using social engineering techniques to convince people to share personal, financial, and important business information. Of the 7% of federal accounts that were misused – 78% were due to IRS accounts. For more information, email webinar@idiq.com.

Identity Theft 66

Identity Theft Scams Education Data breaches 66

SecureWorld News

OCTOBER 19, 2021

The malicious campaigns Charming Kitten are unleashing on unsuspecting victims makes use of superior social engineering, such as creating dummy accounts on Gmail that look realistic enough to trick users into clicking through. Users were instructed to activate an invitation to a (fake) webinar by logging in.

Phishing 97

Phishing Authentication Social Engineering Government 97

Webroot

FEBRUARY 11, 2021

As we mentioned in a previous blog , hackers come in many forms, but their methods can generally be classified into three distinct types of cybercriminals: The Impersonator – Hackers that pretend to be others, often using social engineering and human psychology to trick users. Let’s look at a few primary examples. Who is the Impersonator?

Scams 119

Scams Phishing Firewall Social Engineering 119

Security Boulevard

OCTOBER 4, 2024

Protect all accounts that offer multifactor authentication (MFA) with this security method. RansomHub ranked as the most active ransomware group, accounting for 16% of all attacks observed in August. Learn how to spot phishing attempts made via email, text or voice calls. Keep all your software updated.

Cybersecurity 69

Cybersecurity CISO Ransomware Technology 69

SecureList

SEPTEMBER 3, 2021

On August 31, 2021 we ran a joint webinar between VirusTotal and Kaspersky, with a focus on YARA rules best practices and real world examples. If you didn’t have the chance to watch the webinar live, you can see it as a recording on Brighttalk: Applied YARA training. Stay safe everyone and hope to see you at our next webinars!

Malware 110

Malware Engineering Technology Antivirus 110

Duo's Security Blog

JULY 13, 2022

You’ll see that when you start listening to other people and taking their situations and considerations into account, how much it can change.’” You need to be a great designer to be able to figure out how we interact with all of that and take it into account. Do they want to go out or prefer you to come to their house?

Accountability 122

Accountability Information Security Technology Engineering 122

Thales Cloud Protection & Licensing

FEBRUARY 24, 2021

A FIDO authenticator embeds one or more private keys, each dedicated to one online account. Conceived by Atul Tulshibagwale, an engineer at Google, Continuous Access Evaluation Protocol (CAEP) is a new way of thinking about federated identities, offering a solution to perform continuous authentication and access.

Authentication 87

Authentication Mobile Passwords Software 87

Webroot

FEBRUARY 5, 2025

Check out our recent webinar where we discuss passkeys How do passkeys work? Passkeys are unique for every website, preventing credential reuse across multiple accounts. Syncs automatically across devices when backed up in Apple iCloud Keychain, Google Password Manager, or Microsoft Account.

Authentication 62

Authentication Password Management Passwords Backups 62

Duo's Security Blog

DECEMBER 19, 2024

While we tend to associate phishing emails more with our personal accounts, attacks targeting our work identities whether through socially engineered phishing, brute force, or another form, are very common. Combined, these sectors accounted for more than 30 percent of account compromises.

Phishing 64

Phishing Authentication Social Engineering Passwords 64

CyberSecurity Insiders

JUNE 15, 2021

This session will explain why these attacks are identity-based at their core, and how they exploit compromised legitimate identities, privileged accounts and non-human service accounts. WHERE: This webinar is accessible online with confirmed registration. WHEN: Tuesday, June 22, 2021 at 1:30 pm MDT.

Big data 52

Big data Accountability Technology Authentication 52

CyberSecurity Insiders

APRIL 5, 2023

Recently, the Center for Cyber Safety and Education held its first Birds of a Feather : Newbies in Cyber webinar to promote an open dialogue and space for those leaning toward a career in cybersecurity, career changers and anyone interested in joining the field with questions. See the open applications available now at [link].

Education 52

Education Cybersecurity System Administration Engineering 52

Thales Cloud Protection & Licensing

OCTOBER 8, 2019

The engine that is powering this transformation is the cloud and the vast array of on demand services it provides. Whatever you store, whatever services you are using “in the cloud”, it is your responsibility to configure them correctly and to assume responsibility and accountability if something goes wrong.

Encryption 63

Encryption Data breaches Digital transformation Accountability 63

eSecurity Planet

APRIL 22, 2022

Other cyber incidents are common, including phishing attacks , business email compromise, exploitation of cloud and software vulnerabilities , social engineering , third-party exposures, and more. The top eight insurers account for about 60% of the market and more than $1.5 billion in direct premiums.

Cyber Insurance 119

Cyber Insurance Insurance Marketing Small Business 119

Security Boulevard

DECEMBER 6, 2024

1 - Study: Security of open source software projects must improve Improperly secured developer accounts. Here are more details about the three key security issues identified in the study: To conduct their FOSS work, developers often use individual accounts, which typically lack the security protections of organizational accounts.

Cybersecurity 64

Cybersecurity VPN Ransomware Software 64

SecureList

MAY 27, 2022

The attackers are mainly interested in collecting data on user accounts, IP addresses and session information; and they steal configuration files from programs that work directly with cryptocurrency and may contain account credentials. You can find the recording of the webinar here and a summary/Q&A here. zip”).

Phishing 132

Phishing Spyware Firmware Malware 132

Security Boulevard

JUNE 24, 2024

Weekly Threat Intelligence Report Date: June 24, 2024 Prepared by: David Brunsdon, Threat Intelligence - Security Engineer, HYAS Malware developers will use all sorts of techniques to obfuscate their C2 location and keep security analysts from being able to understand the operation of their malware. View our webinar on-demand.

Malware 59

Malware Accountability Cyber Attacks Mobile 59

Duo's Security Blog

JULY 1, 2021

By enforcing local authentication via PIN, we effectively force remote attackers to “walk” to each account they want to hack. To fool a remote biometric check, I must simply submit a digital equivalent to the remote verification engine. Burglars who have to walk from house to house are much less of a threat.

Passwords 98

Passwords Surveillance Authentication Risk 98

Cisco Security

AUGUST 26, 2022

Data collected from Umbrella can then be routed to Sumo’s Cloud SIEM, where it is then automatically normalized and applied to our rule’s engine. The Fastvue Site Clean engine intelligently interprets Cisco Secure Firewall log data so that non-technical employees can easily see what people are actually doing online.

Firewall 144

Firewall Authentication Passwords Threat Detection 144

NopSec

MARCH 25, 2019

In this blog post, we summarize the first part of that webinar, without going into the three specific applications and the challenges. For more details, that entire webinar is now available on demand here. Predict the number of account sign-ins form a specific user or a specific office location given a known history.

Cybersecurity 52

Cybersecurity Artificial Intelligence Phishing Malware 52

Chicago CyberSecurity Training

JULY 1, 2023

Use Strong Passwords and Multi-Factor Authentication (MFA): One of the most important steps to securing your business is to use strong pass phrases for your accounts. Phrases are easier to remember, hard to crack, and offer stronger protection for your online accounts. Avoid using pass words (ex.

Cybersecurity 40

Cybersecurity Backups Social Engineering Passwords 40

Security Boulevard

DECEMBER 20, 2024

on-demand webinar) Harden Your Cloud Security Posture by Protecting Your Cloud Data and AI Resources (blog) 10 Considerations for Securing Stateful Persistent Volumes Attached to Kubernetes Pods and Applications (white paper) 2 - Feds: North Korea plants IT workers to commit fraud in the U.S. The North Korean IT workers got jobs with U.S.

Cybersecurity 52

Cybersecurity Government Internet Internet 52

Responsible Cyber

JULY 13, 2024

Recognize and avoid social engineering scams by educating yourself on common tactics. Social Engineering Scams : Manipulative tactics are employed to deceive investors into divulging confidential information or making unwise investments. Enable MFA on all exchange accounts and wallets to add an extra layer of security.

Cryptocurrency 52

Cryptocurrency Cyber Attacks Social Engineering Scams 52