We analyzed the security of several third-party AWS S3 tools to find out why so many S3 buckets with sensitive information have been made public, seemingly unintentionally. Here's what we found.
The top malware infection vector is our age-old friend, phishing, while stolen credentials are popular for lateral movement - see more insights from Symantec's latest Internet Security Threat Report.
On the journey toward IT modernization, what kind of security technology can make agency life a lot easier as they move forward? Here's our recommendations to enable agency agility, as well as better management and security.
Microcontroller Firmware Recovery Using Invasive Analysis Duo Labs / Featured Article
Duo Labs security researchers show how to bypass microcontroller interfaces used for internet of things (IoT) devices - these invasive attacks require physical access to typical microcontrollers.
The latest technical alert warns the energy and critical infrastructure sectors about a multi-stage intrusion campaign, reportedly said to be conducted by Russian government threat actors.
What went on behind the scenes of that hyped-up Decipher.sc promotional video - details on the dark aesthetic, maker diversity, free-running, street art, the trials and tribulations of a technically-challenging monolith, why we shot scenes in Detroit, and much more.
In February, Duo released CloudMapper, an AWS environment visualization tool, to the developer community. In this blog post, we explore several potential misconfigurations that can lead to security problems.
Duo Labs performed an analysis of Objective-C binaries running on managed macOS endpoints in enterprise environments, using the Interactive Disassembler (IDA Pro) to perform disassembly and decompilation of the binaries.
What's hot at RSAC this year? Wendy Nather talks BeyondCorp, identity, passwordless authentication, security system UX, software security maturity and more.
In the spirit of transparency, we want to provide insight into an issue with Duo Mobile's usage analytics data collection, and what we're doing to enhance our focus on privacy through future feature and product releases.
Introducing: CloudTracker, an AWS CloudTrail Log Analyzer Engineering / Featured Article
Today we are pleased to announce a new open-source tool from Duo Security for easily analyzing CloudTrail logs from Amazon Web Services (AWS)!
Decipher: Ushering in a New Era of InfoSec Reporting Press and Events / Featured Article
A letter from Dug Song and Jon Oberheide, Duo Security co-founders, on why we're launching a new infosec media site to cut through the FUD (fear, distrust and doubt) - Decipher.sc.
Duo Partners With DrFirst to Help Meet EPCS Requirements Product Updates / Featured Article
Duo now provides a native MFA integration with DrFirst EPCS Gold, an e-prescribing solution, to provide seamless, secure access for physicians and easy deployment for administrators.
SXSW 2018 is just around the corner, and we're headed to Austin to participate in some talks, networking events and parties. Get the vital information in our schedule, and we hope to see you there!
Duo Security is heading to the leading health IT conference, the Healthcare Information and Management Systems Society (HIMSS) 2018, March 5-9 at Sands Expo in Las Vegas - visit us at booth #12649!