SEARCH
All Articles
More Than Half of Android Phones Vulnerable to Encryption Bypass Attacks
The security research team at Duo Security, Duo Labs analyzed our dataset of Android phones to find out how many were vulnerable to the latest Android encryption bypass attacks, patched in the May 2016 update.
That Big Symantec Antivirus Bug
A Duo Labs analysis of the recent critical vulnerability found in Symantec’s Antivirus Decomposer engine, used in Symantec Endpoint Protection and other Symantec and Norton security products, and discovered by Tavis Ormandy.
Thirty Percent of Android Devices Susceptible to 24 Critical Vulnerabilities
It has been nine months since Google began these monthly updates, and we at Duo Labs are interested in how this change in security policy has impacted the masses. The following were some of the key findings from our data analysis...
A Security Analysis of Signature Edition Laptops
Are Signature Edition laptops really more secure than other laptops? Duo's security research team, Duo Labs compared Signature Edition models with others to find out the answer.
Out-of-Box Exploitation: A Security Analysis of OEM Updaters
Today, Duo Labs is publishing our take on the OOBE; Out-of-Box Exploitation: A Security Analysis of OEM Updaters. OEM software is making us vulnerable and invading our privacy - with that in mind, Duo Labs decided to dig in to see how ugly things can get.
Duo Labs Answers: Is Public Wi-Fi Safe?
From coffee shops to airports to hotels and work conferences, free public Wi-Fi is everywhere, easy and accessible. But is it safe to use?
Bring Your Own Dilemma: OEM Laptops and Windows 10 Security
Security research team, Duo Labs, dissects OEM laptops to find out how secure they are - learn more about the privacy and security issues they found with laptop default settings, data collection and more.
DROWN Provides Another Reminder to Disable SSLv2 (and 3, while you’re at it)
A newly discovered vulnerability in crypto protocols breaks connections and reminds us all that it's long past time to move on from SSLv2.
OpenSSL Provides Another Reminder to Disable SSLv2 (and 3, while you’re at it)
A newly discovered vulnerability in OpenSSL reveals private keys and reminds us all that it's long past time to move on from SSLv2.
Critical Vulnerability Affecting Glibc: Patch Immediately
The Glibc Project has announced a critical vulnerability affecting systems using the glibc DNS client-side resolver, that could, under certain conditions, lead to remote code execution on a system using glibc.
Microsoft Drops Support for Internet Explorer: Just How Big of Deal is This?
Microsoft will soon drop support for Internet Explorer versions 8, 9 and 10 - that means no more security updates. We took a look at our user data to determine the impact on IE users. Here’s what we found…
Debunking Myths: Do Terrorists Use Game Consoles to Communicate With Each Other?
Watch as Duo’s Creative Director Pete Baker and Duo Labs’ Mark Loveless and Steve Manzuik debunk the myths that terrorists were using PlayStation networks and the popular Call of Duty game to communicate with each other.
Dude, You Got Dell’d: Publishing Your Privates
While working on a larger research project, Duo Labs security researchers found sketchy certificates on a brand-new Dell Inspiron 14 laptop. Read on for more about Superfish 2: eDellRoot Boogaloo.
Strengthening the Signal in the Noise: IoT Security and Stunt Hacking
The whole Internet of Things (IoT) phenomenon has really gained momentum amongst security professionals as a hot topic of discussion. More than a few people are calling for self-examination...