Duo's Security Blog

OCTOBER 18, 2021

Recently, while co-hosting a webinar that kicked off Cybersecurity Awareness Month, a panelist commented that cybersecurity and privacy are team sports on a campus, much like our athletic teams. The use of phishing to take over user accounts as a first step to gain access to a campus for a ransomware attack has been making the headlines.

Insurance 97

Insurance Education Risk Cyber Insurance 97

Duo's Security Blog

APRIL 23, 2025

To stay protected, you need to increase the effectiveness of your MFA with powerful next-generation capabilities such as passwordless, risk-based authentication, adaptive access policies, and identity visibility tools. You can also watch our on-demand webinar, Get Defensive With Your MFA , as well. Moving to the cloud?

Authentication 59

Authentication Risk Social Engineering Accountability 59

SecureWorld News

APRIL 9, 2025

Al Lindseth , Principal, CI5O Advisory Services LLC, offered his perspective: "I speak a lot at different industry and sector conferences and gatherings and always get asked the question, 'what's our biggest risk/threat?' Mitigating these risks means we have to be able to see around the corners, be creative without paralysis by analysis."

Cybersecurity 84

Cybersecurity Education InfoSec Government 84

Duo's Security Blog

NOVEMBER 20, 2023

Security professionals agree that passwords are low hanging fruit for cybercriminals and can even be the keys to the kingdom when the compromised passwords belong to privileged accounts. Add to this, the risks of weak authentication factors such as SMS one-time passcodes and dormant or inactive accounts.

Threat Detection 138

Threat Detection Authentication Accountability Data breaches 138

Duo's Security Blog

JANUARY 14, 2025

In recent webinar Preventing Helpdesk Phishing with Duo and Traceless , Duo PMM Katherine Yang sat down with Gene Reich, Co-founder of Traceless to discuss why stronger identity verification is critical for MSPs and helpdesk teamsespecially with the increased accessibility of AI technologies driving identity fraud. How can Duo MSP help?

Phishing 111

Phishing Technology Scams Cybercrime 111

BH Consulting

MARCH 26, 2025

This rapid transformation creates a challenge for boards tasked with balancing emerging risks and strategic opportunities. Dr. Valerie Lyons, COO of BH Consulting, talked about these critical topics for the Institute of Directors Ireland in a recent webinar. How should boards approach digital risks?

Government 52

Government Artificial Intelligence Risk Digital transformation 52

Duo's Security Blog

FEBRUARY 11, 2022

To help you make the most of this new offering, Duo Product Manager Chris Demundo and Product Marketing Manager Ted Kietzman recently hosted the webinar Ask Us Anything: Passwordless Tips & Tricks , answering passwordless questions crowdsourced from our Duo Community public forum. Our long-term goal is to bring them together.

Authentication 111

Authentication Passwords Mobile Risk 111

Malwarebytes

APRIL 2, 2023

Apple fixes actively exploited vulnerability and introduces new features Steer clear of this EE phish that wants your card details 3 tips to raise your backup game 3 tips for creating backups your organization can rely on when ransomware strikes Stay safe!

Backups 89

Backups DDOS Ransomware Cyber threats 89

SecureWorld News

AUGUST 30, 2021

In the software development life cycle (SDLC), 85% of leaking secrets come from developers sharing information on public personal accounts. SecureWorld welcomed Mackenzie Jackson, a Developer Advocate for GitGuardian, to present the webinar, Is Your Software Development Life Cycle Protected Against Secret Sprawl?

Software 91

Software Accountability Risk Technology 91

BH Consulting

JANUARY 28, 2021

In our latest webinar, we looked at the EU data transfer fallout from Schrems II. Any company transferring data outside the EU needs to identify any risks arising from international transfers to ensure it can comply with EU levels for protecting personal data. Transfer Impact Assessments and their role in understanding risk.

Risk 52

Risk Encryption Government Accountability 52

Security Boulevard

FEBRUARY 14, 2025

Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) called buffer overflow vulnerabilities unforgivable defects that put national and economic security at risk. we asked attendees about their main cloud security challenges. Check out how they responded.

Banking 64

Banking Cybercrime Cybersecurity Ransomware 64

Thales Cloud Protection & Licensing

FEBRUARY 19, 2025

Security Holes Weak Initial Authentication : Relying on less secure methods such as username/password combinations or SMS one-time passwords (OTPs) for FIDO authenticator registration exposes the system to phishing attacks, account takeovers, and fraudulent activities. PIN Length : The FIDO 2.0 Go beyond FIDO 2.1 Want to know more?

Authentication 71

Authentication Passwords Marketing Risk 71

Security Boulevard

MARCH 5, 2025

As corporate systems become more distributed and complex due to cloud adoption and organizational change, Identity Risk becomes increasingly prevalent. Attack Path Management identifies the least disruptive configuration changes that will reduce the most risk. Their support will be invaluable as we continue our growth trajectory.

Penetration Testing 52

Penetration Testing Risk Marketing Engineering 52

Security Boulevard

SEPTEMBER 8, 2021

This commitment to innovation helps enterprises reduce risk and more efficiently manage workforce access. Learn more about the new ForgeRock Autonomous Identity release by joining our upcoming webinar, “A New Era: Maximizing Zero Trust with AI-Driven Role Management. . Role-based Access Control’s (RBAC) Failed Promise .

Artificial Intelligence 98

Artificial Intelligence Risk Cyber Risk Government 98

eSecurity Planet

MAY 28, 2024

Cloud security issues refer to the threats, risks, and challenges in the cloud environment. Risks include potential damage from cyber threats and vulnerabilities. 4 Top Cloud Security Risks A cloud security risk is a combination of the possibility of a threat arising and the system’s vulnerability.

Risk 70

Risk Cloud Migration DDOS Encryption 70

Duo's Security Blog

FEBRUARY 6, 2024

Addressing identity-based attacks Duo has made a number of significant investments in identity security over the last several years with the release of Duo’s Trust Monitor, Duo’s Risk-Based Authentication, and moving Duo’s Trusted Endpoints feature into Duo’s Essentials edition. Stay tuned!

Accountability 119

Accountability Authentication Risk Marketing 119

Security Boulevard

SEPTEMBER 20, 2024

That’s according to “ CISA Analysis: Fiscal Year 2023 Risk and Vulnerability Assessments, ” a report about the risk and vulnerability assessments (RVAs) conducted by the Cybersecurity and Infrastructure Security Agency (CISA) and the U.S. Dive into six things that are top of mind for the week ending September 20. Coast Guard (USCG).

Cybersecurity 97

Cybersecurity IoT Hacking Risk 97

Security Boulevard

NOVEMBER 21, 2024

shines a bright light on the risks organizations face if their identity and access management (IAM) system is targeted by cyberattackers. Point-in-time scans risk missing active threats like Kerberoasting , DCSync and password spraying — techniques that cyberattackers can execute repeatedly to evade periodic checks.

Risk 102

Risk Accountability Passwords Authentication 102

Cisco Security

JANUARY 22, 2021

MITRE is well aware of supply chain risks, and they’re not alone. The other is User Account Control (M1052) , a Windows configuration step that helps stop adversaries from gaining elevated process access. Create Account (T1136). It relies on a policy tightrope: Too loose, and your organization remains at risk.

Accountability 137

Accountability Firewall Software Risk 137

NopSec

MAY 17, 2019

NopSec’s Risk Score is more accurate at predicting malware or targeted attacks because it takes into account the probability that this vulnerability will be used in the real world and the potential impact on your specific environment. Critical NopSec risk score is 2 ⨉ better at predicting actual threats than critical CVSS score.

Risk 52

Risk Malware Accountability Firewall 52

Security Boulevard

JULY 21, 2023

By providing visibility into attack paths, it helps to mitigate these risks. It comprises technologies and best practices to protect against unauthorized access, account takeover, credential misuse, privilege escalation, and other malicious activities that target user accounts and credentials.

Threat Detection 98

Threat Detection Passwords Authentication Accountability 98

Thales Cloud Protection & Licensing

JANUARY 24, 2024

Protecting Against the Risks and Managing the Complexities of a Quantum World with Thales and IBM Consulting madhav Thu, 01/25/2024 - 11:03 Contributors: Ollie Omotosho - Director, Strategir Partnerships, Thales Antti Ropponen, Head of Data & Application Security Services, IBM Consulting In the world of business, data security is paramount.

Risk 87

Risk Encryption Technology Architecture 87

CyberSecurity Insiders

APRIL 10, 2023

“In the current digital landscape, identity security has gained paramount importance due to the growing cyber risks posed by phishing and social engineering attacks utilizing AI. These attacks have become more complex and challenging to detect, leading to increased instances of data breaches, account takeovers, and impersonation attacks.

Identity Theft 105

Identity Theft Education Authentication Data breaches 105

Duo's Security Blog

JULY 6, 2023

The study also covered multi-factor authentication, identity protections, identity risks and identity vulnerabilities experienced. The study also covered multi-factor authentication, identity protections, identity risks and identity vulnerabilities experienced. Study Findings We’ll focus on the workforce findings: 1.

Authentication 100

Authentication Passwords Risk Technology 100

SecureWorld News

SEPTEMBER 29, 2020

Unwitting employees of the agencies visited the fake web pages and provided their e-mail account usernames and passwords. Environmental Protection Agency. government agencies. What could my company have that hackers want? While hackers may not actually care about the particular data you have, they know you care about it.

Phishing 96

Phishing Government Cyber Risk Cybercrime 96

Duo's Security Blog

SEPTEMBER 6, 2023

Be sure to tune into our webinar, The State of Passkeys in the Enterprise , on September 7th at 9am PST | 12pm EST. Passkeys on Cloud Platforms Passkeys have growing support from significant vendors. Recovery Password managers often sync to the cloud, but this comes with a risk. Want to learn more about passkeys in the enterprise?

Passwords 105

Passwords Password Management Authentication Threat Detection 105

Duo's Security Blog

JULY 25, 2024

ITDR helps organizations detect and mitigate identity risk by surfacing identity posture and security threats from across your environment. The Cisco Identity Intelligence team has a list of 50+ examples of posture risks and security threats for you to review which can help disambiguate between posture and threat risk.

Threat Detection 139

Threat Detection Risk Architecture Artificial Intelligence 139

Security Boulevard

FEBRUARY 14, 2022

How Enterprise Customer Identity Helps You Make Money, Slash Costs, and Reduce Risk. Here are four reasons why investing in great customer experiences with ForgeRock's enterprise CIAM will help your organization make money, slash costs, and reduce risk. Reduced Risk. ForgeRock also reduces risk with Zero Trust security.

Passwords 97

Passwords Retail Digital transformation Risk 97

Duo's Security Blog

MAY 6, 2024

Despite their remarkable security value, our 2024 Trusted Access Report reveals that passwordless methods still account for less than 5% of authentications. Duo will continuously assess the risk throughout the user’s session — before, during, and after login. This means there are serious holes in our authentication armor today.

Authentication 95

Authentication Accountability VPN Phishing 95

Duo's Security Blog

MARCH 9, 2022

The Australian government is urging companies in the region to adopt strong cybersecurity practices due to increased global risk stemming from the conflict in Ukraine. This insight allows you to observe access patterns, review risky logins, and investigate compromised accounts.

Cybersecurity 98

Cybersecurity Passwords Authentication VPN 98

Duo's Security Blog

SEPTEMBER 4, 2023

To learn more about the difference between passkeys and passwords – and which solution offers the best value for enterprises – be sure to tune into our webinar, The State of Passkeys in the Enterprise , on September 7th at 9am PST | 12pm EST. Passkeys on User Endpoints Passkeys and passwords can both be stored on endpoints.

Passwords 81

Passwords Authentication Accountability Password Management 81

Security Boulevard

JULY 6, 2023

It's no secret that the bad guys are training their artificial intelligence (AI) engines to crack passwords, perform account takeovers (ATO), and automate their ransomware demands. Modern solutions need to take into account the new behavioral situation of the user and allow some flexibility – for a defined period of time.

Artificial Intelligence 105

Artificial Intelligence Passwords Authentication Accountability 105

Thales Cloud Protection & Licensing

JULY 17, 2019

In fact, there’s no way to opt out of the risk. A credit card or bank account can be closed. Cybercriminals know that stolen account information has a very short shelf-life and must be bought and sold quickly over a short period of time on the dark web. Thales will also host a webinar on Thursday, Sept. 12 at 2:00 p.m.

Healthcare 101

Healthcare Encryption Data breaches Authentication 101

Security Affairs

APRIL 24, 2020

The database of the credit and debit card details mainly contains Track 2 information – the data stored on the magnetic stripe of a card, which includes the bank identification number (BIN), the account number, expiration date and may also include the card verification value (CVV).

Banking 136

Banking Advertising Risk Marketing 136

Security Affairs

OCTOBER 5, 2023

With over 100,000 exposed invoices, this situation highlights the vulnerability that can allow anyone with an internet connection to see who are Really Simple System’s customers, how much they are spending, their storage plans, account numbers, and other information that was not intended to be public.

Data breaches 131

Data breaches B2B Education Risk 131

Responsible Cyber

MARCH 2, 2025

As businesses increasingly rely on cloud platforms and applications for collaboration, productivity, and operations, understanding their security features is criticalespecially when managing subscriptions to mitigate risks like Shadow IT, Shadow AI, and cybersecurity vulnerabilities. employees using free accounts for work) and Shadow AI (e.g.,

Education 40

Education Marketing Encryption Threat Detection 40

SecureWorld News

SEPTEMBER 22, 2021

Sanction risks for ransomware payments. The OFAC advisory also outlines the following recommendations for ransomware risk mitigation: 1. Implement a risk plan to mitigate possible breaches, especially for financial institutions and others privy to sensitive information. The webinars are eligible for CPE credit.].

Ransomware 86

Ransomware Cryptocurrency Cyber Attacks Government 86