Thales Cloud Protection & Licensing

MAY 13, 2024

Multi-Factor Authentication: the mandatory first step for organizations moving to the cloud. But there is one simple solution to drastically reduce the risk of account take-over: enable Multi-Factor Authentication. Even the one without mobile phones? How to secure access from all my devices?

Authentication 62

Authentication Phishing Marketing Cloud Migration 62

Duo's Security Blog

JANUARY 27, 2022

Not all multi-factor authentication (MFA) solutions are equal. For a two-factor authentication solution, that may include hidden costs, such as upfront, capital, licensing, support, maintenance, and operating costs. Estimate and plan for how much it will cost to deploy multi-factor authentication to all of your apps and users.

Authentication 71

Authentication Software Mobile Passwords 71

The Last Watchdog

JUNE 22, 2020

Keeler Keeler outlined how implementing three tried-and-true technologies — Single Sign-On (SSO,) multi-factor authentication (MFA) and virtual private networking (VPN) — can go a long way to locking down school networks. This column originally appeared on Avast Blog.).

Mobile 276

Mobile Passwords Technology VPN 276

Pen Test Partners

FEBRUARY 14, 2024

October 2023’s Cyber Security Awareness Month led to a flurry of blog posts about a new attack called Quishing (QR Code phishing) and how new AI powered email gateways can potentially block these attacks. Mobile security All this makes it harder to exploit a desktop end user, but in a mobile world its very different.

Phishing 65

Phishing Mobile Social Engineering Data breaches 65

Krebs on Security

APRIL 6, 2022

Microsoft blogged about its attack at the hands of LAPSUS$, and about the group targeting its customers. “They would just keep jamming a few individuals to get [remote] access, read some onboarding documents, enroll a new 2FA [two-factor authentication method] and exfiltrate code or secrets, like a smash-and-grab,” the CXO said.

Social Engineering 252

Social Engineering Phishing Engineering Accountability 252

Krebs on Security

OCTOBER 21, 2019

Antivirus and security giant Avast and virtual private networking (VPN) software provider NordVPN each today disclosed months-long network intrusions that — while otherwise unrelated — shared a common cause: Forgotten or unknown user accounts that granted remote access to internal systems with little more than a password.

Accountability 136

Accountability VPN Software Antivirus 136

Duo's Security Blog

AUGUST 25, 2022

So we listened when customers pointed out the weaknesses in the Duo Push – the notification Duo Mobile users approve when they want to log into protected accounts. We’re excited to announce early access release of the Verified Duo Push, which will increase the security of our push-based multi-factor authentication (MFA) solution.

Authentication 74

Authentication Mobile VPN Threat Detection 74

Cisco Security

MARCH 27, 2021

Read more about DoH in this blog by my colleague Nancy Cam-Winget. But unlike enterprise cloud services, which authenticate users before letting them in, DoH doesn’t have a gatekeeper. In this blog I’ll explain the need and how we see it working. The difference: with VPNs, most enterprise traffic goes through a single tunnel.

DNS 105

DNS VPN Advertising Encryption 105

Duo's Security Blog

SEPTEMBER 4, 2023

These days, users connect to company resources through a variety of endpoints: desktops, laptops, mobile phones, tablets, wearables…the list goes on. Passkey private keys are typically protected by a hardware secure module, like iOS’ Secure Enclave, and must be present on the device to authenticate. That’s where passkeys come in.

Passwords 72

Passwords Authentication Accountability Password Management 72

Duo's Security Blog

MARCH 18, 2022

We recently explored in the blog the National Cyber Security Center’s (NCSC) newly revised Cyber Essentials scheme , and how its specific post-pandemic “Bring Your Own Device” policies have led to some publications labeling the change “BYOD 2.0.” You can learn more about this topic in Duo’s Two-Factor Authentication Evaluation Guide.

Authentication 81

Authentication Mobile VPN Risk 81

Duo's Security Blog

NOVEMBER 30, 2022

Supporting OIDC allows us to protect more of the applications that our customers are adopting as we all move towards a mobile-first world and integrate stronger and modern authentication methods (e.g. protocol adding Authentication to what has historically been used for Authorization purposes. biometrics). What is OIDC?

B2C 92

B2C B2B Authentication Mobile 92

Duo's Security Blog

MARCH 19, 2021

We covered differentiating user authentication methods , Duo enrollment and self-remediation and Duo Admin Dashboard and Device Insight so far. Step 4: Setting Up an Application See the video at the blog post. We recommend using a mobile phone that can receive text messages as the backup.

Authentication 52

Authentication Backups Mobile Accountability 52

Duo's Security Blog

AUGUST 3, 2023

Access management solutions, including single sign-on (SSO), multi-factor authentication (MFA), and privileged access management (PAM), can offer a comprehensive defense against threats. based and mobile-first OpenID Connect (OIDC) applications.

Authentication 83

Authentication Risk Passwords Insurance 83

Security Boulevard

JANUARY 28, 2022

Long story short it's an OTR and OpenPGP-based communication protocol that actually has a lot of new improvements in terms of privacy and security including interoperability between multiple IM clients and mobile applications courtesy of different vendors. Protocol Introduction. What exactly is OMEMO? ChatSecure. Conversations.

Encryption 105

Encryption Cybercrime Social Engineering Mobile 105

Duo's Security Blog

MAY 5, 2022

Cumbersome password and authentication processes lead to poor user experiences and potential cyberthreats, putting the business and its people at risk. To create a more secure and convenient future, authentication must become passwordless.

Passwords 78

Passwords Password Management Authentication Risk 78

Duo's Security Blog

DECEMBER 7, 2021

Passwordless is a sea change in authentication. Passwordless authentication provides the rare opportunity to increase our access security drastically while simultaneously improving the user experience — a compelling prospect! See the video at the blog post. Users can also enroll multiple passwordless authenticators.

Authentication 83

Authentication Technology VPN Mobile 83

Duo's Security Blog

AUGUST 1, 2022

focuses on developing stronger authentication requirements around NIST Zero Trust Architecture guidelines. now mandates that multi-factor authentication (MFA) must be used for all accounts that have access to the cardholder data, not just administrators accessing the cardholder data environment (CDE). DarkReading reports PCI DSS 4.0

Authentication 84

Authentication Passwords Accountability VPN 84

Duo's Security Blog

MARCH 30, 2023

In our last Universal Prompt blog we focused on a few of the security benefits that using it provides. In this blog we’ll get into more of the user experience benefits. Improved User Experience – The Universal Prompt is a major redesign with new styling and a workflow-based authentication experience.

Authentication 54

Authentication Software Risk VPN 54

Duo's Security Blog

JANUARY 18, 2021

Securing the cloud was once a barrier to entry, but MFA (multi-factor authentication) has paved the way for an easy and effective way to secure remote and cloud access. Duo’s data shows a 60% increase in authentications to VPN and RDP applications to further secure sensitive data. See the video at the blog post.

Authentication 40

Authentication VPN Mobile Cybersecurity 40

Duo's Security Blog

JUNE 2, 2021

This report Bridging Healthcare Security Gaps: Better Authentication Improves Controls aims to bring clarity and solutions to these security gaps. In this report you will learn: About zero trust and how multi-factor authentication meets the HIPPA requirements for a third factor of authentication.

Healthcare 78

Healthcare CISO Authentication VPN 78

Security Affairs

AUGUST 6, 2020

A new company has been added to the list of the victims of the Netwalker ransomware operators, it is Forsee Power , which provides advanced lithium-ion battery systems for any mobility application. Consider installing and using a VPN. Use two-factor authentication with strong passwords.

Ransomware 106

Ransomware VPN Advertising Marketing 106

Hackology

DECEMBER 26, 2023

Enforcement of the Policy The policy is not enforced on smartphones because it is natural for mobile phones to be active outside of Netflix household. What is Tailscale VPN? Tailscale is a free VPN which allows you to route and monitor the traffic, you are sending or receiving from your IP. Lets discover them one by one.

VPN 64

VPN Accountability Internet Internet 64

Troy Hunt

NOVEMBER 14, 2018

2FA, MFA, 2-Step They may all be familiar, but there are important differences that warrant explanation and we'll start with the acronym we most commonly see: 2FA is two-factor authentication. MFA is multi-factor authentication. 2-Step authentication does not necessarily require 2 discrete factors. It's a subset of MFA.

Passwords 259

Passwords Authentication Accountability Mobile 259

McAfee

JANUARY 28, 2020

If they can tie that to your email address, and another service obtains your zip-code and a third service asks for your mobile number, you can see that anyone collating that information could have enough to try to steal your identity. Think twice about mobile apps and their data collection. Enable multi-factor authentication.

Passwords 71

Passwords Mobile Identity Theft VPN 71

Thales Cloud Protection & Licensing

NOVEMBER 22, 2017

In addition, the increasing speed of technology innovation has lead to a broader diversity of payment methods in recent years with new platforms for mobile payments continuing to be deployed. Enable multi-factor authentication – more and more online services and apps require multi-factor authentication. Happy (and safe!)

Risk 90

Risk Retail Digital transformation Authentication 90

Centraleyes

FEBRUARY 25, 2024

This blog aims to dissect the nuances of cloud security risks , shedding light on the challenges commonly faced when securing digital assets in the cloud. This revelation underscored the importance of transparency in cloud security, emphasizing the need for robust measures to secure cloud authentication.

Risk 52

Risk Encryption Social Engineering Authentication 52

McAfee

MAY 10, 2021

Protecting laptops and mobile devices for travel become extra important when using public, airport, and public Wi-Fi, as those networks can expose people to more threats than their home networks. . Look into using a virtual private network (VPN). and on top of the latest consumer and mobile security threats, follow?

Internet 108

Internet Internet Banking VPN 108

Duo's Security Blog

NOVEMBER 17, 2021

According to ZDNet , Remote Desktop Protocol (RDP) is the number one exploit that threat actors leverage to gain access to Windows computers and install ransomware and other malware, followed by email phishing and VPN bug exploits. The modern workforce is more mobile than ever before.

Ransomware 52

Ransomware Education VPN Authentication 52

The Last Watchdog

SEPTEMBER 6, 2023

These wallets are available in a variety of formats, including hardware wallets, online wallets, mobile wallets, and desktop wallets. Also, whenever it is possible, activate two-factor authentication (2FA). A virtual private network (VPN) can offer an additional layer of encryption and security. Select a reliable wallet.

Cryptocurrency 100

Cryptocurrency Backups Passwords Software 100

Webroot

JUNE 13, 2022

Use a password generator , enable two-factor authentication (2FA) as much as possible and don’t reuse passwords from multiple logins. Enable a Virtual Private Network (VPN) : Protect your connection and location from malicious hackers, targeted ads and others who try to spy and track your every move online.

Education 127

Education Passwords VPN Risk 127

CyberSecurity Insiders

NOVEMBER 4, 2021

This blog was written by an independent guest blogger. In perimeter-based models, the system will trust user credentials if they are, say, logged in to the corporate VPN or if they are using a pre-registered device. The zero trust approach still authenticates users based on passwords, among other traditional security procedures.

Retail 111

Retail eCommerce Cyber Attacks Authentication 111

Duo's Security Blog

APRIL 20, 2023

A major leading research and teaching institution, the University was looking for a multi-factor authentication (MFA) solution that could integrate with existing IT architecture and be rolled out easily across campus. Duo’s enrollment and authentication processes made it easy for even the most anti-tech users to get up and running with MFA.

Phishing 67

Phishing Social Engineering Authentication Engineering 67

Security Boulevard

APRIL 16, 2021

This blog post was originally created by Jeremy Rasmussan, Chief Technology Officer at Abacode. Read the original blog here. . RDP client software is available for most flavors of Windows (including Windows Mobile), Linux, Unix, macOS, iOS, Android, and other operating systems. Enable Network Level Authentication (NLA).

Firewall 71

Firewall Passwords Authentication Accountability 71

Thales Cloud Protection & Licensing

NOVEMBER 6, 2019

In a previous blog post ( [link] ) we explored the relationship between GPDR and applications in the cloud. In other words, users were accessing company data either physically on site, or through a dedicated network or VPN. For instance, is the app being accessed from a mobile device, a personal tablet or a company issued computer?

Identity Theft 109

Identity Theft Authentication Passwords Accountability 109

BH Consulting

JUNE 20, 2023

One may know what the term VPN means, but what about when a VPN should be used and more importantly – not used, and what are the risks of using a VPN versus the benefits. For the purpose of this blog – we are going to use the term information security to mean both cyber and information security.

Cybersecurity 52

Cybersecurity Information Security VPN Authentication 52

SiteLock

AUGUST 27, 2021

Public WiFi is convenient for the traveling mobile device user, but also notoriously dangerous. Use only WiFi with proper authentication and encryption methods, or purchase a cellular data plan from your carrier while traveling. Use an encrypted VPN service. Visit the our blog for more security tips ! Avoid insecure WiFi.

Encryption 52

Encryption VPN Wireless Retail 52

SecureList

NOVEMBER 14, 2022

Mobile devices exposed to wide attacks. Although 2022 did not feature any mobile intrusion story on the scale of the Pegasus scandal, a number of 0-days have still been exploited in the wild by threat actors. In line with our predictions, we released two blog posts in 2022 introducing sophisticated low-level bootkits.

Firmware 111

Firmware Surveillance Mobile Telecommunications 111