• Government of Nunavut turns to phishing-resistant YubiKeys after ransomware attack In 2019, the Government of Nunavut was victimized by a phishing attack. Nunavut rebuilt infrastructure and trust using Microsoft’s Azure AD + the YubiKey. Read more government Microsoft 365 Microsoft Azure phishing
• Examining the CISO agenda in 2021 CISOs are paid to worry, and there’s a lot to worry about in 2021. The recent SolarWinds breach, the Capitol break-in, and a series of high-profile hacks are spurring many enterprises to re-examine their security strategies. We discuss what lies ahead with Yubico’s CISO, Chad Thunberg. Q: What’s top of mind for CISOs in 2021? The SolarWinds […] Read more account takeovers phishing
• What is Spear Phising? Spear phishing definition Spear Phishing is an attack that targets an individual, organization or business. Rather than taking the phishing approach of a shotgun blast email to many people at once, spear phishers will first gather personal or specific information. That information is used as bait that might be especially attractive to a particular target. […] Read more phishing spear phishing
• Wrapping up 2020: A year where technology and internet security prevailed Never has the world been more dependent on the internet, and never has it been more attacked than in 2020. In fact, it proved to be a year where trust in many of our systems was challenged. Yet I remain an eternal optimist and believe that we can transform the hard lessons learned in 2020 […] Read more phishing security WebAuthn yubico.com YubiHSM
• What is DNS Spoofing? What is a DNS Server? To start out, a DNS server is a sort of classification system for domains on the internet. If a user is searching for yubico.com, the job of the DNS is to go out and find the IP address for that domain so the user can access the correct site. How […] Read more DNS phishing U2F VPN
• What is a Brute Force Attack? What are the goals of a brute force attack? The ultimate goal of a brute force attack is to steal password and login credentials to gain access to online accounts. After an attacker gains access it doesn’t stop there. They may use accounts to send out spam or phishing messages to other users. Another action […] Read more multifactor authentication phishing security key WebAuthn
• What is Credential Stuffing? What are examples of credential stuffing? Read more passwordless phishing YubiKey
• What is DFARS? DFARS DFARS stands for Defense Federal Acquisition Regulation Supplement. The Department of Defense uses it to protect confidential information. Why is DFARS implemented? Government employees and contractors are likely to be targeted by hackers and nation-states, so authentication solutions need to be resistant to phishing and account takeovers, and comply with federal regulations. DFARS provides a […] Read more cybersecurity dfars phishing
• What is phishing? What is Phishing? Phishing is the fraudulent practice of inducing people to reveal sensitive personal information such as credit card numbers and passwords. Phishing attackers send what appear to be legitimate communications by text, email, or other electronic communication from reputable companies and other trustworthy entities to lure users to phishing websites. These professional-looking sites […] Read more hardware phishing YubiKey
• Enable secure privileged access management Zero account takeovers with the YubiKey  Privileged users are the most highly targeted users by cyber attackers as these users hold higher ‘privileges’ to critical and sensitive applications and data. These could be IT, security, network and database admins, as well as C-suite, HR, finance and marketing employees. Securing privileged users across both IT and business […] Read more account takeovers phishing privileged users