Duo's Security Blog

MAY 23, 2023

What to do when your credentials are compromised How are credentials compromised in the first place? In our previous two features, we covered the dangers of phishing (one method of credential compromise) and how to mitigate its impact on users. Today, we cover best practices for an environment that has been compromised.

Authentication 131

Authentication Passwords Data breaches Phishing 131

CyberSecurity Insiders

FEBRUARY 1, 2022

This blog was written by an independent guest blogger. There has been a significant increase in the number of connected devices used to access business email and intranet since more organizations have transitioned to remote and hybrid work models. What is quantum computing? What are the security risks?

Risk 134

Risk Social Engineering Threat Detection Encryption 134

Errata Security

JANUARY 28, 2020

In this blog post, I show how to decrypt it. It sounds like a term we use in malware/viruses, where a first stage downloads later stages using encryption. But that's not what happened here. But those on the ends can -- and that's what we have here, one of the ends. Now let's talk about "end-to-end encryption".

Media 67

Media Backups Encryption Authentication 67

Security Boulevard

MAY 24, 2023

To achieve this, organizations must critically ensure their protection addresses the constantly changing and evolving techniques from nefarious actors by addressing their attacks at the source – the infrastructure behind them. What Is Cyber Adversary Infrastructure? Phishing attacks have been a threat for over two decades.

Cyber Attacks 59

Cyber Attacks Phishing Cyber threats Malware 59

Malwarebytes

SEPTEMBER 20, 2023

If you've received a message from a company saying your data has been caught up in a breach, you might be unsure what to do next. We've put together some tips which should help you when the (more or less) inevitable happens. Organizations often put out a rolling statement on their website, blog, or X (Twitter).

Data breaches 127

Data breaches Passwords Authentication Phishing 127

Troy Hunt

NOVEMBER 14, 2018

Let's start with defining some terms because they tend to be used a little interchangeably. Before I do that, a caveat: every single time I see discussion on what these terms mean, it descends into arguments about the true meaning and mechanics of each. This week, I wanted to focus on going beyond passwords and talk about 2FA.

Passwords 261

Passwords Authentication Accountability Mobile 261

Security Boulevard

APRIL 13, 2022

This can be done using a low-privileged account on any Windows SCCM client. To prevent the attack techniques noted in this blog post, disable the “Allow connection fallback to NTLM” client push installation setting, which is enabled by default in SCCM. Background.

Authentication 52

Authentication Accountability Penetration Testing Software 52

Duo's Security Blog

JANUARY 27, 2022

How can you be sure you’re getting the best security return on your investment? Upfront Costs See if your vendor’s purchasing model requires that you pay per device, user or integration – this is important if your company plans to scale and add new applications or services in the future.

Authentication 87

Authentication Software Mobile Passwords 87

Security Boulevard

JULY 21, 2021

The US government and the White House like to talk tough on Ransomware. If you listen to Joe Biden, fighting Ransomware is a top priority of the US Government. We regularly blogged about his spam campaigns. 16JAN2008 - " Storm Loves You! ". 01JUL2008 - " July Storm Worm gives us some Love " .

Banking 111

Banking Ransomware Government Malware 111