Duo's Security Blog

SEPTEMBER 19, 2024

In this blog, we will explore the importance of securing identity admins, highlight the risks of poorly managed admin accounts and provide best practices to mitigate these risks. The risks of poorly managed administrator accounts Poorly managed identity administrator accounts can lead to significant security risks.

Accountability 119

Accountability Risk Authentication Social Engineering 119

Duo's Security Blog

NOVEMBER 15, 2024

Traditionally, organizations have relied on strong authentication requirements, such as multi-factor authentication (MFA), to address compromised access. Addressing these posture gaps is crucial for strengthening defenses and reducing the risk of breaches.

Threat Detection 111

Threat Detection Cybersecurity Digital transformation Authentication 111

Duo's Security Blog

FEBRUARY 13, 2023

And for more information on protecting against ransomware, be sure to check out our ebook: Protecting Against Ransomware: Zero Trust Security for a Modern Workforce. Mitigating ransomware attacks using MFA Multi-factor authentication (MFA) is very effective at protecting credentials and limiting attackers’ access to company resources.

Ransomware 116

Ransomware Insurance Passwords Authentication 116

Duo's Security Blog

OCTOBER 8, 2024

As organizations continue to rely on digital identities for access control and authentication, the risk of identity compromise grows. They can pose significant risks to its operations, reputation, and stakeholders. This precaution helps mitigate the risk of undetected compromised accounts and enhances overall security.

Passwords 111

Passwords Accountability Education Social Engineering 111

Security Boulevard

FEBRUARY 1, 2024

Passkeys and The Beginning of Stronger Authentication madhav Fri, 02/02/2024 - 05:23 How passkeys are rewriting the current threat landscape Lillian, an experienced CISO, surveyed the threat landscape. Lillian knew that a shift in authentication couldn't wait. FIDO is an overarching framework for secure and passwordless authentication.

Authentication 64

Authentication Passwords CISO Password Management 64

Duo's Security Blog

MARCH 4, 2024

Recently, attackers have targeted multi-factor authentication (MFA). Even if an attacker has access to a username and password, they still need access to the second authentication factor to break into the organization. This becomes a constant cycle of organizations introducing new protections and attackers finding ways to exploit them.

Authentication 86

Authentication Social Engineering Passwords Risk 86

Duo's Security Blog

APRIL 20, 2023

Totaling up to billions of Australian Dollars at risk each year from hackers and various online scams, it's crucial that organisations (and individuals!) For one, solutions like Google Authenticator or Authy were far more confusing for the user during the enrollment process,” Stockdale said.

Phishing 106

Phishing Social Engineering Authentication Engineering 106

Thales Cloud Protection & Licensing

SEPTEMBER 10, 2019

Additionally, 58% of the data security leaders surveyed indicated that multi-factor authentication was the most likely technology to protect cloud and web-based apps. IT and business decision makers must be vigilant in understanding the risks to their cloud solutions in order to implement the ones that are most relevant and effective.

Consumer Services 115

Consumer Services Passwords Authentication Technology 115

Duo's Security Blog

JUNE 27, 2023

Implementing a model of secure access with solutions like Duo can help mitigate the risk of cyberattacks today and the Ransomware 4.0s Multi-factor authentication (MFA) is a critical component of their security program, but the solution that was packaged with the existing enterprise suite did not meet the requirements of the IT security team.

Ransomware 111

Ransomware Healthcare Phishing Authentication 111

Duo's Security Blog

AUGUST 16, 2021

“There are primarily three ways you can authenticate someone: with their username and password, with two-factor authentication, and with a company-supplied device that you can trace. For most stuff, you should have two of those things. For critical things, you should have all three.”.

Authentication 98

Authentication Data breaches Encryption Phishing 98

Cisco Security

JANUARY 10, 2023

As the majority of the global Covid fog finally started lifting in 2022, other events – and their associated risks – started to fill the headspace of C-level execs the world over. So, security will need to focus on supporting the introduction of flexibility and the ease of user experience, such as passwordless or risk-based authentication.

CISO 142

CISO Insurance Cyber Insurance Phishing 142

Duo's Security Blog

DECEMBER 7, 2022

But what are the risks with this approach? By verifying your users’ identities before they access your network, two-factor authentication protects your applications and data against unauthorized access — something that makes sense whether you take or leave cyber liability insurance cover. What are you doing about backups?

Insurance 98

Insurance Cyber Insurance Ransomware Risk 98

Duo's Security Blog

FEBRUARY 4, 2025

CyberCube, a company specializing in quantifying cyber risk, estimates that the U.S. Its also important to support two-factor authentication for Remote Desktop Protocol (RDP), which allows users to remotely access and control a computer. Reduce RDP risk by adding two-factor authentication to Windows and Windows Server logon scenarios.

Cyber Insurance 64

Cyber Insurance Insurance Authentication Risk 64

Security Boulevard

MARCH 15, 2022

A few days later, Lapsus$ announced on its Telegram channel that it had breached Samsung and offered evidence including biometric authentication information and source code from both Samsung and one of its suppliers, Qualcomm. The Top Software Supply Chain Attacks: Code Signing at Risk. Read our free eBook! "> Off.

Ransomware 128

Ransomware Telecommunications Firmware Media 128

Duo's Security Blog

APRIL 29, 2021

Compliance with corporate device health policy can be enforced each time the user attempts to authenticate. When deployed in this mode, the Device Health app will simply collect health data and report it back at each authentication when the application is installed on the access device.

Authentication 85

Authentication Encryption Firewall Risk 85

Thales Cloud Protection & Licensing

MARCH 5, 2025

Thales solutions identify, evaluate, and prioritize potential risks for accurate risk assessment. They also identify anomalous behavior and monitor activity to identify potential threats and verify compliance, allowing organizations to prioritize where to allocate their efforts.

Firewall 62

Firewall Digital transformation Encryption Risk 62

Thales Cloud Protection & Licensing

MAY 6, 2021

With more employees working remotely than ever before due to COVID-19, businesses are at greater risk from a cyber-attack with workers accessing systems outside of the usual company network. Businesses should be looking to adopt a Zero Trust model in their approach to authenticating users and certifying their authorisation to access data.

Social Engineering 96

Social Engineering Authentication Passwords Technology 96

Thales Cloud Protection & Licensing

FEBRUARY 1, 2023

Data can be vulnerable to risks while in transit or at rest and requires protection to cover both states. This is required to reduce potential risks of incidents migrating from one system to the other and to limit the impact of human error.

Encryption 71

Encryption Data breaches Authentication Risk 71

Thales Cloud Protection & Licensing

APRIL 29, 2024

Entities designated as "essential" or "important" by member states in all sectors of the economy and public services must implement robust security measures, including proactive risk management, incident reporting, and supply chain security. The DSA introduces tiered obligations based on platform size and reach. PCI DSS 4.0

Risk 71

Risk Manufacturing Digital transformation Cyber threats 71

Duo's Security Blog

MAY 10, 2023

Effectively protecting complex networks against sophisticated phishing attacks involves a comprehensive security stack including multi-factor authentication (MFA) , single sign-on (SSO) , and domain name system (DNS) security. Why is layered security essential against phishing? PCI DSS, HIPAA, etc.)

Phishing 59

Phishing DNS Authentication Risk 59

Security Boulevard

APRIL 29, 2024

Entities designated as "essential" or "important" by member states in all sectors of the economy and public services must implement robust security measures, including proactive risk management, incident reporting, and supply chain security. The DSA introduces tiered obligations based on platform size and reach. PCI DSS 4.0

Risk 72

Risk Manufacturing Digital transformation Cybersecurity 72

Malwarebytes

AUGUST 31, 2022

After creating your child’s Apple ID, enable two-factor authentication (2FA) for that added layer of security, ensuring that your child’s account won’t get popped easily even if someone got hold of their password. Set up your child’s own Apple ID. Disable or hide features you deem off-limits or unnecessary.

Accountability 98

Accountability Scams Risk Passwords 98

Security Boulevard

JULY 19, 2022

With increased adoption, heightened risks. The main risks facing Kubernetes production environments can be summarized in the bullets below: Compromised images. Authenticate your K8s clusters with machine identities. API authentication. API authentication covers both humans and clients accessing the API.

Authentication 52

Authentication Digital transformation Risk Engineering 52

Cisco Security

FEBRUARY 14, 2022

That brings up an even higher level of risk. Firms need to ensure seamless remote collaboration, mitigate risk to the network, employees and data, and protect themselves from COVID exposed weaknesses to operations that may have been overlooked previously. Fourth, they should ensure access is authorized, authenticated, and encrypted.

Passwords 123

Passwords Technology Government CISO 123

Security Boulevard

DECEMBER 6, 2021

Here’s how unwrapping digital identity can help you grow your omnichannel revenue: Turn unknown visitors into known customers: Leverage rich information on your customers’ interaction with your brand to personalize and target messaging at the right stage of their shopping journey in order to minimize risk of shopping cart abandonment.

Retail 52

Retail Mobile Authentication Risk 52

Thales Cloud Protection & Licensing

APRIL 21, 2021

I've always flagged surrounding context as the essential ingredient when assessing risk, but I've also had the luxury of working in bigger firms with budget to look up from firefighting to do that. The lion’s share of risk is inside your perimeter, and out in the unguarded wild. It's all dramatically opening up the risk landscape.

Risk 77

Risk Technology Mobile Digital transformation 77

Thales Cloud Protection & Licensing

MARCH 31, 2021

Trust is now a risk. There are two major considerations for us: enhanced authentication security, and user workflow efficiency. “In In the case of user efficiency, now with a full remote workflow for user authentication, all devices are authenticating over an enterprise VPN client. More About This Author >.

Digital transformation 77

Digital transformation VPN Technology Architecture 77

Security Boulevard

OCTOBER 7, 2022

With top PKI security , your business will be able to stand out to customers as a brand that provides unparalleled protection for their safety and identity through reliable encryption and authentication technologies. Reduce risk and achieve compliance. Ensure clean, low-risk audit results. Read the FREE eBook. "> Off.

CISO 52

CISO Risk Cyber Attacks Technology 52

Security Boulevard

JUNE 21, 2021

Other attack tactics include exploiting overprovisioned workforce, supplier, and partner credentials to gain access to ecosystem applications; weak authentication policies; and gaining access through unsecured non-human identities, such as Internet of Things (IoT)-connected devices. This will reduce risks, costs, and time to value. .

Manufacturing 45

Manufacturing IoT CISO Authentication 45

Security Boulevard

JANUARY 16, 2025

It includes expectations for implementing comprehensive security programs, including risk assessments, incident response plans, periodic reporting, and controls like governance frameworks and application security protocols. Multi-Factor Authentication: Asserting the identity of people or systems.

Financial Services 52

Financial Services Encryption Insurance Government 52

CyberSecurity Insiders

APRIL 4, 2023

They change their IP addresses while maintaining a clean state and use multiple domain names to spread their risk, ensuring that they can continue phishing even if one domain is blocked. Additionally, NFTs and eBooks are also suitable for money laundering. It is critical to prevent misuse at the monetization process.

Phishing 67

Phishing Social Engineering Authentication eCommerce 67

Thales Cloud Protection & Licensing

JULY 19, 2018

Advice on how to comply with PCI DSS can be found in our recent eBook, “ PCI Compliance and Data Protection for Dummies ”. The PCI Council worked very closely with banks, merchants, security assessors and the payment vendor community in developing the document with the ultimate goal of reducing risk and ensuring better data protection.

Architecture 54

Architecture Software Authentication Risk 54

Security Boulevard

JUNE 2, 2022

A modification to an IT script such as one responsible for backups could put all this sensitive data at risk. When properly protected, code signing is an effective tool to stop the spread of malware, and nearly every organization relies on code signing to confirm their code is authentic and hasn’t been corrupted with malware.

Software 52

Software Malware Backups Marketing 52

eSecurity Planet

MAY 20, 2024

Without DRM, copyright owners risk widespread distribution of intellectual property without compensation. Additionally, risk of misuse will be decreased which saves further time and legal costs from mistakes. but significantly increases server disruption risks.

Encryption 64

Encryption Architecture Software Technology 64

Thales Cloud Protection & Licensing

JUNE 27, 2022

How to Accelerate Government Transformation by Reducing Risk, Complexity, and Cost. The escalating risk of cyber threat. How to Accelerate Government Transformation by Reducing Risk, Complexity, and Cost. Tue, 06/28/2022 - 05:19. White the White House order may be the most famous, it is not alone.

Government 71

Government Risk Artificial Intelligence Big data 71

Duo's Security Blog

DECEMBER 16, 2024

The dissolution of the traditional security perimeter and the increase in identity-based attacks has come with its fair share of new risks for security practitioners to consider. Reducing help desk tickets Lets begin with the first component: reducing the number of help desk tickets associated with authentication.

Authentication 52

Authentication Accountability Passwords Technology 52