Duo's Security Blog

APRIL 20, 2023

Through the first two months of 2023 alone, the Australian Competition and Consumer Commission’s Scamwatch reported more than 19,000 phishing reports with estimated financial losses of more than $5.2 What is phishing? This is part of what makes phishing attacks so dangerous.

Phishing 77

Phishing Social Engineering Authentication Engineering 77

Krebs on Security

AUGUST 21, 2020

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) on Thursday issued a joint alert to warn about the growing threat from voice phishing or “ vishing ” attacks targeting companies. Restrict VPN access hours, where applicable, to mitigate access outside of allowed times.

VPN 359

VPN Social Engineering Authentication Engineering 359

CyberSecurity Insiders

JUNE 5, 2023

Use Strong and Unique Passwords : One of the most basic yet critical steps is to create strong, unique passwords for your online accounts. Additionally, employ a password manager to securely store and generate unique passwords for each account. This helps prevent unauthorized access even if your password is compromised.

Passwords 126

Passwords Encryption Media Banking 126

Webroot

APRIL 3, 2024

This encompasses everything from protecting your passwords to being vigilant against phishing scams and online fraud. Create strong passwords and use different ones for each account This may seem like a hassle, but it’s one of the most effective ways to thwart cyberattacks. But why dedicate an entire day to this?

VPN 83

VPN Passwords Scams Accountability 83

Malwarebytes

NOVEMBER 25, 2021

The Cybersecurity and Infrastructure Security Agency (CISA) has released two actionable Capacity Enhancement Guides (CEGs) to help users and organizations improve mobile device cybersecurity. Make sure to use strong passwords or pins to access your devices, and biometrics if possible and when needed. Phishing protection.

Mobile 89

Mobile Wireless Malware Authentication 89

Malwarebytes

AUGUST 16, 2021

Last week on Malwarebytes Labs: Home routers are being hijacked using a vulnerability disclosed just 2 before Ransomware turncoat leaks Conti data, lifts the lid on the ransomware business Check your passwords!

Social Engineering 91

Social Engineering Scams VPN Phishing 91

Security Affairs

AUGUST 10, 2022

Once obtained the credentials, the attackers launched voice phishing attacks in an attempt to trick the victim into accepting the MFA push notification started by the attacker. Upon achieving an MFA push acceptance, the attacker had access to the VPN in the context of the targeted user.

Ransomware 125

Ransomware Hacking VPN Phishing 125

IT Security Guru

MARCH 28, 2023

Having a cybersecurity plan ensures that you remain protected against data breaches, phishing scams , and other cybercrimes. One thing you should know here is that simple passwords are easier to crack; therefore, setting up a complex password is necessary. A VPN removes your IP address and switches your location.

VPN 87

VPN Passwords Internet Internet 87

CyberSecurity Insiders

APRIL 16, 2021

Security through a VPN. Among many other benefits, a VPN encrypts these files and keeps the online activity private by masking a user’s real IP address. Here are the different ways in which a VPN elevates cybersecurity: Encryption. Encryption technology in VPNs helps conceal the user’s data.

Cybersecurity 106

Cybersecurity Password Management Passwords VPN 106

Troy Hunt

SEPTEMBER 17, 2020

As I started delving back through my own writing over the years, the picture became much clearer and it really crystallised just this week after I inadvertently landed on a nasty phishing site. In the end I broke it down into 3 Ps: padlocks, phishing and privacy. Here's the value proposition of a VPN in the modern era: 1.

VPN 359

VPN Phishing DNS Encryption 359

The Last Watchdog

SEPTEMBER 6, 2023

These wallets are available in a variety of formats, including hardware wallets, online wallets, mobile wallets, and desktop wallets. Use strong passwords, 2FA. The security of your Bitcoin wallet is mostly dependent on the strength of your passwords. Select a reliable wallet. Update frequently. Use multisignature wallets.

Cryptocurrency 100

Cryptocurrency Backups Passwords Software 100

SiteLock

AUGUST 27, 2021

Use a VPN to Protect Online Communications. Instant messages, emails, and video meetings through company-issued laptops and mobile phones will be the beacons of communication during this time. Top 3 online security tips for remote workers. Communicate Security Best Practices.

VPN 98

VPN Scams Mobile Education 98

IT Security Guru

APRIL 26, 2021

Phishing and stolen identities – Phishing, the go-to method of attack for cybercriminals, is also a frequent tactic within the gaming community. Virtual Private Networks (VPN) are an ideal tool to mask sensitive information. Additionally, following basic password security hygiene is beneficial.

Cybersecurity 113

Cybersecurity Spyware VPN Antivirus 113

CyberSecurity Insiders

SEPTEMBER 14, 2021

Endpoint security – mobile device management (MDM) policies, antivirus (AV) solutions, URL filtering and blocking are all considered good cyber hygiene to block the most basic cyber threats. Use of a VPN – virtual private networks (VPN) create a secure connection to other networks over the internet.

Small Business 98

Small Business Cybersecurity Passwords Education 98

CyberSecurity Insiders

AUGUST 26, 2021

Creating a strong password – School and college system admins should make sure that they are giving safe login credentials to kids, as hackers are always on a prowl of weak passwords and sensitive data. Shut down- Whenever students are not using a mobile, tablet or PC, it is always safe to shut it or lock it down.

Cybersecurity 92

Cybersecurity Education Identity Theft VPN 92

SecureList

SEPTEMBER 6, 2022

To make the overview more in-depth, we included both mobile and PC games. Additionally, we looked at the phishing activity around gaming, specifically that related to cybersports tournaments, bookmakers, gaming marketplaces, and gaming platforms, and found numerous examples of scams that target gamers and esports fans. Need for Speed.

Mobile 96

Mobile Passwords Software Accountability 96

SecureWorld News

NOVEMBER 22, 2023

Making a cybersecurity list, checking it twice This year, give yourself the gift of peace of mind by following our Core 4 behaviors: Protect each account with a unique, complex password that is at least 12 characters long—and use a password manager! Use multi-factor authentication ( MFA ) for any account that allows it.

Retail 78

Retail Identity Theft Banking Password Management 78

Adam Levin

FEBRUARY 10, 2020

More Phishing Attacks. Phishing may seem like an ordinary part of online life, but it could also be the initial volley in a major cyberattack. Phishing here is shorthand for the Pantheon of Ishings: generic, spearphishing (personalized), vishing (phone based), and SMishing (text based). password, 123456, qwerty, etc.

Passwords 245

Passwords Phishing Password Management Accountability 245

Malwarebytes

JULY 1, 2021

If you were phished, that was it. If you’re phished now, it (probably) won’t hurt you because the attacker also needs your authentication code. If you’re phished now, it (probably) won’t hurt you because the attacker also needs your authentication code. These are sent to your mobile, via your carrier.

Authentication 97

Authentication Phishing Passwords Mobile 97

Adam Levin

NOVEMBER 17, 2020

Mobile payment platforms, like Apple Pay and Google Pay, use advanced technology, like fingerprint authentication and tokenization (in which credit card account numbers are replaced by randomly generated numbers) to provide brick-and-mortar shoppers with an added layer of security. Create long and strong passwords. Lock your devices.

Scams 243

Scams Retail Banking Passwords 243

Security Affairs

AUGUST 6, 2020

A new company has been added to the list of the victims of the Netwalker ransomware operators, it is Forsee Power , which provides advanced lithium-ion battery systems for any mobility application. Consider installing and using a VPN. Use two-factor authentication with strong passwords.

Ransomware 106

Ransomware VPN Advertising Marketing 106

SecureWorld News

JUNE 28, 2020

These are off limits regardless of where the BYOD is located, and organizations should use a Mobile Device Management (MDM) solution to provide email segmentation and data management. This includes specialized email phishing attacks like spear phishing and whaling that might be more appealing targets to remote workers.

Penetration Testing 96

Penetration Testing Social Engineering VPN Phishing 96

SecureWorld News

OCTOBER 8, 2023

Avoid charging mobile devices through a computer; instead, use separate adapters. Even harmless details, such as pet names or birthplaces, can be used by hackers to reset passwords. Opt for strong, hard-to-crack passwords. Consider using dedicated password manager apps. Use the 3-2-1 backup rule.

Firmware 86

Firmware IoT Accountability Passwords 86

CyberSecurity Insiders

APRIL 4, 2023

Chinese fraudsters primarily target the United States for two reasons: the large population makes phishing attacks more effective, and credit card limits in the country are higher compared to other nations. These factors make the US an attractive market for card fraudsters. These elements can be acquired online through various channels.

Phishing 67

Phishing Social Engineering Authentication eCommerce 67

Malwarebytes

SEPTEMBER 21, 2021

Show them these tips: Never use the same password twice. And if your child uses the same password across multiple accounts, when one gets breached they are all vulnerable. And if your child uses the same password across multiple accounts, when one gets breached they are all vulnerable. This is where a password manager comes in.

Internet 103

Internet Internet Passwords Password Management 103

CyberSecurity Insiders

JUNE 7, 2023

A report reveals various cyber-attacks that often target small businesses, such as malware, phishing, data breaches, and ransomware attacks. This culture has given rise to a large number of personal devices like mobile phones, laptops, and tablets that can easily access sensitive information.

Small Business 93

Small Business Cybersecurity Cyber Attacks Data breaches 93

Duo's Security Blog

NOVEMBER 17, 2021

According to ZDNet , Remote Desktop Protocol (RDP) is the number one exploit that threat actors leverage to gain access to Windows computers and install ransomware and other malware, followed by email phishing and VPN bug exploits. The modern workforce is more mobile than ever before.

Ransomware 52

Ransomware Education VPN Authentication 52

Centraleyes

FEBRUARY 25, 2024

Employee education programs should include guidelines on securing home networks, updating router passwords, and ensuring the security of connected devices. This includes regularly updating security software on employee devices, conducting periodic security training, and implementing mobile device management (MDM) solutions.

Risk 52

Risk Encryption Social Engineering Authentication 52

Thales Cloud Protection & Licensing

OCTOBER 24, 2019

Help telecommuting employees : Given the rise of mobile and the cloud, organizations would do themselves a great disservice if they exclude telecommuting employees from their security training programs. That includes setting up a VPN through which remote employees can access work assets. Implement Multi-Factor Authentication.

Security Awareness 83

Security Awareness InfoSec Passwords Accountability 83

eSecurity Planet

OCTOBER 20, 2021

Generally, ransomware gets into a network courtesy of phishing emails. AppSec teams work with cloud, desktop, mobile, and web applications. By adding layers to app logins, attackers can’t steal or hack passwords to gain the access they need. Also read: Hackers Leak 87,000 Fortinet VPN Passwords.

Ransomware 94

Ransomware Software Network Security Authentication 94

SiteLock

NOVEMBER 23, 2021

Fifty-three percent of mobile site visitors will leave a page if it takes longer than three seconds to load. The first thing you should do when shopping online in public places like airports or cafes is connect to a Virtual Private Network (VPN). Be suspicious of holiday deals and phishing emails. Update your passwords.

Retail 52

Retail Encryption Passwords Banking 52

Troy Hunt

NOVEMBER 14, 2018

Last week I wrote a couple of different pieces on passwords, firstly about why we're going to be stuck with them for a long time yet and then secondly, about how we all bear some responsibility for making good password choices. This week, I wanted to focus on going beyond passwords and talk about 2FA.

Passwords 261

Passwords Authentication Accountability Mobile 261

SecureWorld News

AUGUST 11, 2022

Cisco explains: "Initial access to the Cisco VPN was achieved via the successful compromise of a Cisco employee's personal Google account. The user had enabled password syncing via Google Chrome and had stored their Cisco credentials in their browser, enabling that information to synchronize to their Google account.

Ransomware 72

Ransomware Accountability Cybercrime Encryption 72

Krebs on Security

FEBRUARY 18, 2019

government — along with a number of leading security companies — recently warned about a series of highly complex and widespread attacks that allowed suspected Iranian hackers to siphon huge volumes of email passwords and other sensitive data from multiple governments and private companies.

DNS 267

DNS Internet Internet Government 267

Security Affairs

SEPTEMBER 1, 2019

Bad Packets warns of over 14,500 Pulse secure VPN endpoints vulnerable to CVE-2019-11510. Experts uncovered an advanced phishing campaign delivering the Quasar RAT. A new variant of Trickbot banking Trojan targets Verizon, T-Mobile, and Sprint users. Foxit Software discloses a data breach that exposed user passwords.

eCommerce 49

eCommerce Data breaches Malware Advertising 49

SiteLock

AUGUST 27, 2021

Or, you can secure your connection with a virtual private network (VPN). That means no holiday shopping at your favorite coffeehouse unless your connection is secured with a VPN. Update your information – Changing online store passwords regularly will help protect your information from bad actors. If you are unsure, delete it!

Retail 98

Retail eCommerce Small Business Scams 98

Google Security

OCTOBER 11, 2022

Dave Kleidermacher, Jesse Seed, Brandon Barbello, Sherif Hanna, Eugene Liderman, Android, Pixel, and Silicon Security Teams Every day, billions of people around the world trust Google products to enrich their lives and provide helpful features – across mobile devices, smart home devices, health and fitness devices, and more.

Mobile 132

Mobile VPN Penetration Testing Encryption 132