Duo's Security Blog

OCTOBER 6, 2023

Threat actors have dramatically escalated their attacks – targeting security controls like multi-factor authentication (MFA), conducting wily social engineering attacks and extorting businesses large and small with ransomware. For strategic guidance and access to hands-on labs, register for one of our free Zero Trust Workshops.

Authentication 144

Authentication Risk Social Engineering InfoSec 144

Security Through Education

JANUARY 21, 2021

The conference centered around training workshops that allow attendees to learn skills from professionals of various fields. Joe Navarro, a former FBI special agent , specializ ing in behavioral assessment , hosted a Nonverbal Communications workshop. Our attendees will have access to all the workshops via an interactive livestream.

Hacking 75

Hacking Social Engineering Engineering Education 75

Troy Hunt

MARCH 1, 2018

My congressional testimony in the US was a very public example of that, less so are the dozens of conversations I've had in all sorts of settings including during conferences, workshops and over coffees and beers.

Government 218

Government Data breaches Passwords Authentication 218

Thales Cloud Protection & Licensing

OCTOBER 5, 2022

This year’s event will host more than 160 partners and 170 workshops. The workshop will focus on the challenges of the constantly evolving threat landscape and the risks that emerge for cryptography from the evolution of quantum technologies. On 26 October , we co-host a workshop on cybersecurity insurance with Infinigate.

Cybersecurity 87

Cybersecurity Digital transformation Mobile Technology 87

Cisco Security

OCTOBER 20, 2022

For example, with Cisco Secure Access by Duo, organizations can provide those connecting to their network with several quick, easy authentication options. This way, they can put in place multi-factor authentication (MFA) that frustrates attackers, not users. Enable seamless, secure access. Expand your zero trust strategy.

Authentication 144

Authentication Technology Architecture VPN 144

Security Affairs

AUGUST 8, 2020

” Experts noticed the lack of authentication between the backend servers and the “Mercedes me” mobile app, which allows users to remotely control multiple functions of the car. . “For accessing the APN networks of backend, one possibility would be using the e-sim of car-parts since the sim account wouldn’t log out automatically.

Hacking 145

Hacking Advertising Mobile Engineering 145

Google Security

MAY 15, 2023

Dongge Liu, Jonathan Metzman and Oliver Chang, Google Open Source Security Team Google’s Open Source Security Team recently sponsored a fuzzing competition as part of ISCE’s Search-Based and Fuzz Testing (SBFT) Workshop. We also want to thank each participant for their hard work.

Software 89

Software Engineering Authentication 89

Pen Test Partners

AUGUST 15, 2024

PTP Presentations : Windows Hello : Our Ceri Coburn (with Outsider Security’s Dirk-Jan Mollema) revealed vulnerabilities in biometric authentication. Workshops : Hands-on sessions learning to pilot large ships in constrained harbours, also teaching aviation security. TL; DR Event Dates : August 8-11, 2024, in Las Vegas.

Authentication 78

Authentication Cyber threats Hacking Risk 78

The Last Watchdog

NOVEMBER 28, 2023

This means ensuring assets are up to date with the latest patches, enforcing multi-factor authentication and locking down endpoint security to rapidly detect and remediate advanced attacks and ensure business continuity. Bisaillon “Cyber crime is a people problem—and better people processes and education are the solution,” said Bisaillon.

Cyber Risk 113

Cyber Risk Risk B2B Education 113

Security Affairs

MARCH 28, 2023

Disinformation: ChatGPT excels at producing authentic sounding text at speed and scale. “The identified use cases that emerged from the workshops Europol carried out with its experts are by no means exhaustive. ” states the report published by Europol.

Artificial Intelligence 98

Artificial Intelligence Social Engineering Cybercrime Engineering 98

Duo's Security Blog

DECEMBER 13, 2023

We also announced Duo’s vision for streamlining the user authentication workflow. Workshops — Customers can take advantage of hands-on instructor-led training courses on a variety of topics such as zero trust and SSO to build their skills and increase their knowledge of Duo features.

Artificial Intelligence 118

Artificial Intelligence Threat Detection Authentication Engineering 118

Thales Cloud Protection & Licensing

SEPTEMBER 27, 2023

You’ll find Thales on stand 152, level Daghilev, and don’t miss our workshop at 3pm on October 11th as Didier Espinet, Chief Information Security Officer, Thales DIS and Laini Cultier, IAM expert at Thales will present a session entitled “Trust and Security: The Keys to Success in the Public Cloud”. Our event booth number is H25-C70.

Authentication 83

Authentication Data privacy Education Technology 83

NetSpi Technical

JULY 16, 2024

Our chatbot allows users to interact with it through prompts and queries without any need for authentication, presenting a potential security risk in and of itself. Additionally, there is no authentication mechanism in place that would prevent an attacker from submitting prompts to the chatbot.

Penetration Testing 122

Penetration Testing Authentication Architecture Risk 122

Thales Cloud Protection & Licensing

APRIL 7, 2022

You may be able to start shifting your users away from passwords by embarking on the passwordless authentication journey. STA is an access management and authentication service supporting Single Sign On (SSO), adaptive authentication and a broad range of Multi Factor Authentication (MFA) methods and form factors.

Passwords 71

Passwords Password Management Authentication Social Engineering 71

SecureWorld News

AUGUST 7, 2024

The annual Black Hat conference, happening this week in Las Vegas, is renowned not only for its cutting-edge presentations and workshops but also for its robust cybersecurity measures that protect the large event from malicious threat actors.

Firewall 115

Firewall Cybersecurity Threat Detection Cyber threats 115

Malwarebytes

MARCH 27, 2023

The report aims to provide an overview of the key results from a series of expert workshops on potential misuse of ChatGPT held with subject matter experts at Europol. ChatGPT was selected as the LLM to be examined in these workshops because it is the highest-profile and most commonly used LLM currently available to the public.

Phishing 90

Phishing Authentication Ransomware Malware 90

Centraleyes

MARCH 13, 2025

Multi-factor authentication (MFA) and role-based access controls are your best friends here. Consider incorporating interactive workshops, simulations, and updates on the latest regulatory changes to keep the training engaging and effective. Access Controls Whos got the keys to the kingdom?

Cybersecurity 52

Cybersecurity Financial Services Risk Encryption 52

CyberSecurity Insiders

MARCH 25, 2021

Although this does take time, with training and upskilling programs , insightful workshops, and “Hacker Fridays” (where employees can try to hack a specific smart device), team members will become more capable of dealing with the new diagnostics support work, as well as any general IoT problems. 5 Be aware of your operating landscape.

IoT 100

IoT Authentication Passwords Data collection 100

Duo's Security Blog

JUNE 28, 2021

I reviewed early prototypes for what would become the Universal Prompt and found that we used a range of words and phrases to talk about authenticating — from two-factor authentication to login session and login request. Authentication by many different names Next, I read out those findings to the Engineering team.

Engineering 98

Engineering Mobile Authentication Accountability 98

SecureWorld News

OCTOBER 3, 2023

Commonly, this involves using scare tactics in an attempt to bypass the user's rational mind and emotionally manipulate them into action without them second-guessing the authenticity of the request. Multi-factor authentication (MFA): If an employee receives a suspicious request, MFA can save the day if used correctly.

Social Engineering 108

Social Engineering Phishing Engineering Technology 108

Troy Hunt

MARCH 2, 2020

I built and launched the authenticated API and payment process (I really should have doe this earlier, I'm so happy with it!) A Lot Happens in 11 Months I onboarded 5 new governments onto HIBP: Austria, Ireland, Norway, Switzerland and Denmark (and a 6th one about to be announced any day now). I loaded 77 new data breaches comprising of 1.7B

Data breaches 354

Data breaches Marketing Cyber Insurance InfoSec 354

Troy Hunt

NOVEMBER 25, 2020

Every time one of the kids asks Alexa a question, a TLS connection is established to Amazon's services and they get the benefit of confidentiality, integrity and authenticity. on one of my switches) would be able to observe the traffic (no confidentiality), modify it (no integrity) or redirect it (no authenticity).

IoT 362

IoT Firmware Risk Manufacturing 362

eSecurity Planet

APRIL 12, 2024

Employ Authentication Methods for All Users & Devices A zero trust approach rejects any sort of inherent trust and requires continual verification of all users and devices. Implement stringent access rules, multi-factor authentication, and continuous monitoring to authenticate all access attempts, regardless of prior trust status.

Backups 134

Backups Encryption Data breaches Risk 134

CyberSecurity Insiders

JUNE 17, 2023

This understanding demands continuous authentication, leaving no room for unauthorized use of identity data. Multi-factor Authentication Complementing least privilege access and micro-segmentation is the multi-factor authentication mechanism.

Identity Theft 59

Identity Theft Authentication Architecture Mobile 59

eSecurity Planet

APRIL 9, 2024

This framework guarantees that appropriate authentication measures, encryption techniques, data retention policies, and backup procedures are in place. Questions to Answer Consider these questions to verify your organization’s data security and threat detection strategies: Are multi-factor authentication techniques required for user access?

Risk 109

Risk Threat Detection Data breaches Encryption 109

Troy Hunt

JANUARY 10, 2018

Much of this is simply due to lack of awareness; I must have taught 50 security workshops where the vast majority of attendees had simply never heard of CSP before. But getting onto the title of this section, the page in question is the E-Aadhaar authentication page (also geo-blocked). Again, see comments above re why this is odd.

Hacking 279

Hacking Government Encryption Risk 279

BH Consulting

AUGUST 16, 2023

They will present a half-day workshop about the book at IAPP’s European Data Protection Congress in Brussels on 14 November. These include new phishing techniques that bypass multi-factor authentication, and social engineering techniques found in attacks like Emotet and SocGolish.

Social Engineering 52

Social Engineering Cybercrime Data privacy Engineering 52

Privacy and Cybersecurity Law

DECEMBER 13, 2017

Following feedback NIST received in December 2015 from a Request for Information , and comments from attendees at the Cybersecurity Framework Workshop in 2016 held at the NIST campus in Maryland, NIST released a draft update to the Cyber Framework in January 2017 called Version 1.1.

Cybersecurity 40

Cybersecurity Risk Technology Government 40

Security Through Education

APRIL 26, 2021

From there, our attendees left to jump into their workshops’ respective virtual spaces. We split the conference into tracks, with workshops held by experts in their respective fields. Ian’s workshop, How to Make Minds Go Wrong, taught the attendees how to use their minds as immensely powerful, pattern-seeking, problem-solving machines.

Hacking 52

Hacking Social Engineering Engineering Phishing 52

BH Consulting

AUGUST 9, 2022

Many professionals agree multi-factor authentication (MFA) can improve security, but a recent discovery showed that it’s no panacea either. The two-year part-time course will mainly be delivered through distance learning, with occasional one-day workshops on campus. To MFA or not to MFA, that is the question.

Cybercrime 52

Cybercrime Accountability Phishing Authentication 52

Thales Cloud Protection & Licensing

JULY 4, 2024

such as stricter authentication requirements, broader use of encryption, and more flexible compliance demonstrations. Next, a gap analysis compares this status against the new requirements, pinpointing areas that need attention, such as authentication, encryption, and monitoring.

Education 62

Education Encryption Technology Authentication 62

The Last Watchdog

FEBRUARY 28, 2021

•Single Sign-on (SSO) and Multi-factor Authentication (MFA) mechanisms are implemented to protect against keylogging. •In Employees are aware of the cybersecurity best practices, and regular security awareness workshops are conducted.

Cyber threats 113

Cyber threats Computers and Electronics Adware Spyware 113

CyberSecurity Insiders

JANUARY 31, 2021

Single Sign-on (SSO) and Multi-factor Authentication (MFA) mechanisms are implemented to protect against keylogging. Employees are aware of the cybersecurity best practices, and regular security awareness workshops are conducted.

Malware 107

Malware Computers and Electronics Adware Spyware 107

Security Boulevard

JANUARY 7, 2025

Sample To demonstrate the Sub-Operation category, we will investigate a sample that Jonathan Johnson wrote for our Malware Morphology workshop. The slides and labs are available in the linked GitHub repository, and a video recording of the workshop lecture is available on NorthSecs YouTubechannel. Rubeus then calls secur32!LsaCallAuthenticationPackage

Authentication 52

Authentication Engineering Malware Accountability 52

CyberSecurity Insiders

JANUARY 5, 2022

Over the last three years, the NIST–Tetrate conference has featured dialogues and workshops from the world’s most esteemed service mesh and cybersecurity experts,” said Varun Talwar, co-founder of Tetrate.

Architecture 52

Architecture Computers and Electronics Engineering Technology 52

eSecurity Planet

APRIL 14, 2023

The solution should differentiate between bots and humans accurately and provide mechanisms for users to prove their identity and authenticity quickly. See the Top Deception Tools Two-Factor Authentication (2FA) 2FA is a proven security measure that can help protect against a wide range of cyber threats, including bot attacks.

Software 110

Software DDOS Accountability Firewall 110

CyberSecurity Insiders

MARCH 13, 2021

Through offering workshops, Ella’s goal is to empower women in similar positions with the skills and training necessary to excel in their work.

Technology 52

Technology Engineering Education Authentication 52