Duo's Security Blog

OCTOBER 18, 2022

By this point, we’re all familiar with the list of requirements for a strong password: unique, long, memorable, free from any personal information… But even the strongest passwords can pose a risk if they’re the only thing standing between your users and enterprise content.

Insurance 55

Insurance Passwords Cyber Insurance Authentication 55

Security Boulevard

JULY 20, 2023

AI can be used to monitor user behavior and make real-time decisions about whether to grant access or add step-up authentication if there is anything anomalous about the request (such as a login from an unusual timezone). If it detects a threat or anomalous behavior, its dashboard explains the decision in human-readable form.

Artificial Intelligence 98

Artificial Intelligence Authentication Education Risk 98

Thales Cloud Protection & Licensing

MARCH 6, 2024

With an average of 613 APIs per organization, deprecated endpoints or Broken Object Level Authorization (BOLA) heighten the potential risks facing business. The Need for Comprehensive API Security Besides the findings, Imperva offers comprehensive best practices to mitigate the risk of API vulnerabilities and strengthen business security.

Risk 87

Risk Financial Services Authentication DDOS 87

Duo's Security Blog

MAY 23, 2023

Passwords are a weak point in modern-day secure authentication practices, with Verizon highlighting that almost 50% of breaches start with compromised credentials. Until a fully password-free environment is deployed, accepted, and adopted by all users, less secure methods of authentication will still be relied on.

Authentication 112

Authentication Passwords Data breaches Phishing 112

CyberSecurity Insiders

APRIL 10, 2023

In the current digital landscape, identity security has gained paramount importance due to the growing cyber risks posed by phishing and social engineering attacks utilizing AI. Thus, a robust identity security framework is essential to safeguard against these risks and ensure the protection of personal information.

Identity Theft 105

Identity Theft Education Authentication Data breaches 105

Duo's Security Blog

SEPTEMBER 6, 2023

Be sure to tune into our webinar, The State of Passkeys in the Enterprise , on September 7th at 9am PST | 12pm EST. Passkeys on Cloud Platforms Passkeys have growing support from significant vendors. This enables client-side support for passkey authentication. They will also be transferred between cloud providers by passkey exchanges.

Passwords 75

Passwords Password Management Authentication Threat Detection 75

Security Boulevard

JULY 6, 2023

You can learn more about AI-generated identity fraud and how you can use AI to protect your business and your customers by attending our webinar: Protect Your Customers Against Identity Fraud. Also, be sure to attend our webinar, Protect Your Customers Against Identity Fraud.

Artificial Intelligence 103

Artificial Intelligence Passwords Authentication Accountability 103

Security Boulevard

MARCH 6, 2024

With an average of 613 APIs per organization, deprecated endpoints or Broken Object Level Authorization (BOLA) heighten the potential risks facing business. The Need for Comprehensive API Security Besides the findings, Imperva offers comprehensive best practices to mitigate the risk of API vulnerabilities and strengthen business security.

Risk 62

Risk Financial Services Authentication DDOS 62

CyberSecurity Insiders

NOVEMBER 2, 2021

Earlier this summer, we hosted a webinar with our partners at Mastercard , discussing how EMV tokenization can bring convenience and security to online retailers and shoppers. Secondly, merging customer authentication and user approval to increase the trust in the transaction. Unleashing full potential .

Retail 118

Retail eCommerce Authentication Marketing 118

Duo's Security Blog

SEPTEMBER 16, 2021

At Duo, we're building a passwordless authentication solution that’s as easy to set up as it is to use – with our world-class security baked in. Your Journey Begins with Multi-Factor Authentication See the video at the blog post. Learn more about common misconceptions related to passwordless authentication methods.

Authentication 88

Authentication Passwords Phishing CISO 88

Security Boulevard

FEBRUARY 14, 2022

How Enterprise Customer Identity Helps You Make Money, Slash Costs, and Reduce Risk. Here are four reasons why investing in great customer experiences with ForgeRock's enterprise CIAM will help your organization make money, slash costs, and reduce risk. Reduced Risk. ForgeRock also reduces risk with Zero Trust security.

Passwords 97

Passwords Retail Digital transformation Risk 97

Duo's Security Blog

FEBRUARY 6, 2024

Addressing identity-based attacks Duo has made a number of significant investments in identity security over the last several years with the release of Duo’s Trust Monitor, Duo’s Risk-Based Authentication, and moving Duo’s Trusted Endpoints feature into Duo’s Essentials edition. Stay tuned!

Accountability 70

Accountability Authentication Risk Marketing 70

NopSec

FEBRUARY 28, 2024

It turns out Ivanti is having a difficult time addressing a recent spate of critical vulnerabilities as last month’s patch resulted in the discovery of additional risk vectors. The attack chain is pretty interesting, but does require authenticated access. Ghost CMS is an open-source content management platform. include=roles” endpoint.

Authentication 59

Authentication Accountability Passwords Risk 59

Duo's Security Blog

JULY 15, 2021

Yes, it’s a password-less authentication method, greatly streamlining the login experience, and while that’s a great incentive to use passwordless for logging in, it’s not an improvement in authentication security in and of itself. Unlocking authenticator devices locally removes the threats of credential reuse and shared secrets.

Phishing 95

Phishing Authentication Passwords Risk 95

CyberSecurity Insiders

FEBRUARY 28, 2023

This is why governments and organizations around the world are implementing a zero trust security framework to reduce the risk of attacks while protecting resources and data. Zero Trust , will join us and discuss the current state of zero trust.

Architecture 132

Architecture Authentication Technology CISO 132

Thales Cloud Protection & Licensing

FEBRUARY 11, 2020

Knowing who and what can be trusted is a constant struggle, as malicious code, untrusted connections, and misconfiguration all lead to one thing – more risk. Several mechanisms help application and security teams to mitigate these risks, but identity is at the core. Identifying all of the “things” (e.g. 509 certificates.

Authentication 101

Authentication Encryption Risk Software 101

Duo's Security Blog

DECEMBER 7, 2022

But what are the risks with this approach? By verifying your users’ identities before they access your network, two-factor authentication protects your applications and data against unauthorized access — something that makes sense whether you take or leave cyber liability insurance cover. What are you doing about backups?

Insurance 75

Insurance Cyber Insurance Ransomware Risk 75

Duo's Security Blog

APRIL 20, 2023

Totaling up to billions of Australian Dollars at risk each year from hackers and various online scams, it's crucial that organisations (and individuals!) For one, solutions like Google Authenticator or Authy were far more confusing for the user during the enrollment process,” Stockdale said.

Phishing 62

Phishing Social Engineering Authentication Engineering 62

Thales Cloud Protection & Licensing

FEBRUARY 12, 2020

Knowing who and what can be trusted is a constant struggle, as malicious code, untrusted connections, and misconfiguration all lead to one thing – more risk. Several mechanisms help application and security teams to mitigate these risks, but identity is at the core. Identifying all of the “things” (e.g. 509 certificates.

Authentication 91

Authentication Encryption Risk Software 91

Security Boulevard

MARCH 19, 2021

Yet they are not without risk in terms of cybersecurity. With employees spread out in disparate locations during the pandemic, the increased need to share files upped the cybersecurity risk even more. Blog: 2020 – A Transformation Year in Cybersecurity On-Demand Webinar: Is Your Remote Workforce a Top Security Risk? .

Cybersecurity 117

Cybersecurity CISO Social Engineering Technology 117

Thales Cloud Protection & Licensing

JULY 31, 2019

It: Provides a consistent, simpler approach to digital commerce; Reduces risk of PAN compromise; Supports dynamic data for higher security; Leverages other technologies such as 3DS and payment tokenization; and, Provides consumer confidence via SRC Mark. X provides a better form of user authentication for online transactions.

Mobile 102

Mobile Authentication Technology Marketing 102

Thales Cloud Protection & Licensing

MAY 14, 2019

The good news is that security vendors (such as ourselves here at Thales) can be relied upon to provide state-of-the-art data centric security methods that ensure you can expand your data landscape without taking on more risk. Digital transformation is accelerating the pace at which new technologies are being adopted. Federal Agencies.”

Digital transformation 97

Digital transformation Cloud Migration IoT Threat Reports 97

Thales Cloud Protection & Licensing

JULY 20, 2023

Instead, in today’s IoT landscape, we need additional authentication layers at the gadget level to ensure any connecting Smart Devices are trusted using certificates and keys – which are infinitely more difficult for a hacker to bypass or imitate – when attempting a break-in.

Manufacturing 48

Manufacturing Computers and Electronics IoT Authentication 48

Security Boulevard

JUNE 15, 2022

It is the de-facto standard for remote administration of servers, with SSH keys acting as identities to enable automated authentication, encryption, and authorization. Risks associated with SSH keys (orphaned keys, duplicate keys, etc.). Venafi Confidential SSH Risk Assessment. Key sprawl. Policy violation. Compromised SSH keys.

Risk 52

Risk Architecture Digital transformation InfoSec 52

SecureWorld News

OCTOBER 19, 2021

APT35 thrives by going after high-risk and high-profile users simultaneously, mostly through creating realistic documents for phishing attacks. The group used ahead-of-the-curb methods by mixing in multi-factor authentication instructions to build in trust for more skeptical users. How can users stay safe from APT35's advanced threats?

Phishing 73

Phishing Social Engineering Authentication Government 73

Security Boulevard

JUNE 8, 2021

In the third installment of our series, Protecting Industrial Control Systems Against Cyberattacks , we explore additional risk factors and vulnerabilities facing ICS SCADA systems. The most common vulnerabilities include: Lack of authentication/authorization and insecure defaults. IT/OT Convergence a Key Risk Factor. .

Ransomware 101

Ransomware Software Healthcare Risk 101

LRQA Nettitude Labs

JULY 5, 2023

In addition to the topics below that you can expect to see reviewed and discussed in the forms of blog posts or webinars, LRQA Nettitude would also like to extend an open invitation for feedback and collaboration. Current Regulations Initial investigation shows the challenges that organisations will face in regulating the use of AI.

Artificial Intelligence 52

Artificial Intelligence Data privacy Social Engineering Risk 52

Thales Cloud Protection & Licensing

MARCH 3, 2020

This starts from the build process and goes all the way through to the release in order to develop code that maintains a strong root of trust, and with a high degree of authenticity and integrity. Geographically dispersed development teams add another level of difficulty for securely accessing code signing certificates.

InfoSec 93

InfoSec Software Risk Authentication 93

NopSec

APRIL 3, 2024

The application behavior varies depending on the authentication status of the attacker. An unauthenticated user can only read the first three (3) lines of a file, however authenticated users can read the entire file system. Bring any questions you have and we’ll be happy to answer them!

VPN 45

VPN Authentication Architecture Software 45

Thales Cloud Protection & Licensing

FEBRUARY 24, 2020

As more sensitive data is stored in cloud environments, data security and privacy risks increase. Regulations such as GDPR or the California Consumer Privacy Act (CCPA) mandate the use of appropriate protection technologies, such as encryption, and policies to minimize the risk of exposing this sensitive data to threats.

Digital transformation 79

Digital transformation Threat Reports Encryption Technology 79

Thales Cloud Protection & Licensing

JANUARY 24, 2024

Protecting Against the Risks and Managing the Complexities of a Quantum World with Thales and IBM Consulting madhav Thu, 01/25/2024 - 11:03 Contributors: Ollie Omotosho - Director, Strategir Partnerships, Thales Antti Ropponen, Head of Data & Application Security Services, IBM Consulting In the world of business, data security is paramount.

Risk 87

Risk Encryption Technology Architecture 87

Thales Cloud Protection & Licensing

FEBRUARY 24, 2021

Overview of Authentication Mechanisms. In this regard, continuously authenticating users who are accessing corporate resources helps maintain trust in distributed IT environments. Let us examine some of the most prominent authentication mechanisms before we move on to the emerging continuous access evaluation protocol (CAEP) standard.

Authentication 87

Authentication Mobile Passwords Software 87

SC Magazine

APRIL 26, 2021

From an economics point of view, solutions that can be simultaneously implemented across both IT and OT environments – such as secure-access platforms with two-factor or multi-factor authentication – is a good place for a utility to start, she added, speaking in an online webinar organized by Cisco Systems.

CISO 82

CISO IoT VPN InfoSec 82

Thales Cloud Protection & Licensing

SEPTEMBER 9, 2021

PrimeKey’s EJBCA Cloud acts as the in-house certificate authority (CA) for provisioning of all certificates required for ensuring the integrity and authenticity of OTA updates. This fragmented infrastructure results in a lack of centralized control and increases governance risks. Tomas Gustavsson | CTO, PrimeKey.

Manufacturing 71

Manufacturing Technology IoT Government 71

Duo's Security Blog

OCTOBER 6, 2023

Threat actors have dramatically escalated their attacks – targeting security controls like multi-factor authentication (MFA), conducting wily social engineering attacks and extorting businesses large and small with ransomware. To achieve more resilience in this heightened risk environment, stepping up zero trust maturity is essential.

Authentication 113

Authentication Risk Social Engineering InfoSec 113

Thales Cloud Protection & Licensing

DECEMBER 2, 2021

What is Modern Authentication and Its Role in Achieving Zero Trust Security? The evolving business and technology landscape and the need for secure, yet convenient, ways of logging into applications are driving the quest for more effective authentication. To reduce the overall risk, organizations are investing in access security.

Authentication 125

Authentication Passwords Risk Mobile 125

Security Boulevard

FEBRUARY 3, 2021

Remote collaboration increases the risk that an organizations’ data is not always shared securely 100 percent of the time. HelpSystems’ award-winning MFT solution uses encryption and authentication to keep sensitive data secure when sharing files. Webinar: How to Enhance Data Loss Prevention in Office 365. Additional Resources.

Cybersecurity 76

Cybersecurity Digital transformation Cyber threats Ransomware 76