The Unprotected Attack Surface of the Enterprise - John Loucaides - PSW #639

February Firmware Threat Report

| | threat report
Below The Surface is a monthly firmware threat report from the research team at Eclypsium. Each issue contains the latest threat research, insights and advice on enterprise firmware and hardware security ... Read More
Firmware Attack - Intercepting BMC Traffic

Perilous Peripherals: The Hidden Dangers Inside Windows & Linux Computers

| | research
Download the PDF > Join Eclypsium researchers Jesse Michael and Rick Altherr for a question and answer session discussing their research on Friday, Feb 21st. Register now. Unsigned firmware in WiFi adapters, USB hubs, trackpads, laptop cameras and network interface cards provides multiple pathways for malicious attackers to compromise laptops ... Read More
January Threat Report

January Threat Report

| | threat report
Yesterday Eclypsium published new research exposing vulnerabilities to Direct Memory Access (DMA) attacks in laptops from HP and Dell. Eclypsium researchers, Mickey Shkatov and Jesse Michael demonstrated that high speed DMA attacks can bypass hardware protections on enterprise devices. This powerful class of attacks is an industry-wide issue that threatens ... Read More
Direct Memory Access Attacks – A Walk Down Memory Lane

Direct Memory Access Attacks – A Walk Down Memory Lane

| | research
Download the PDF > Join Eclypsium researchers Jesse Michael and Mickey Shkatov for a webinar discussing their research on Wednesday, Feb 5th. High-speed DMA Attacks Bypass Built-In Hardware Protections on Enterprise Devices Eclypsium’s latest research shows that enterprise laptops, servers, and cloud environments continue to be vulnerable to powerful Direct ... Read More
Assessing Enterprise Firmware Security Risk in 2020

Assessing Enterprise Firmware Security Risk in 2020

| | Industry
Attacks in the wild are targeting firmware in order to achieve persistence, evade security controls, and further strategic attacks. With firmware vulnerabilities at an all-time high, this whitepaper outlines 5 questions to evaluate and improve your firmware security posture ... Read More
December Threat Report

December Threat Report

| | threat report
Eclypsium explores the techniques of successful firmware attacks as they apply to stages of a kill chain in this new report designed to help you assess and defend enterprise devices from firmware and hardware threats. Get an inside look at: Attacker motivations Key firmware components and their role in attacks ... Read More
Anatomy of a Firmware Attack

Anatomy of a Firmware Attack

| | Industry
Download the PDF > Attacks against the hardware and firmware of a device stand as some of the highest impact threats facing modern organizations. Firmware retains the highest privileges, allows attackers to bypass traditional controls, and grants a higher level of persistence. The firmware layer has also quickly become one ... Read More
Flood of New Advisories Expose Massive Gaps in Firmware Security

Flood of New Advisories Expose Massive Gaps in Firmware Security

| | Industry
Download the PDF > Last week Intel and Cisco published security advisories revealing dozens of vulnerabilities in firmware and hardware that impact laptops, servers and routers. Intel disclosed an incredible 77 new vulnerabilities across a broad spectrum of components, including Intel CPUs, BMC, CSME, TXT, SGX, AMT, TPM and more ... Read More
Mother of All Drivers – New Vulnerabilities Found in Windows Drivers

Mother of All Drivers – New Vulnerabilities Found in Windows Drivers

| | research
Download the PDF > Eclypsium researchers will present their latest research into design flaws that undermine security during their November 14th Webinar. Windows Kernel Security Mode Enables Attacks As part of our previous research, released in August 2019, Eclypsium researchers detailed how simple design flaws in widely distributed drivers can ... Read More
Eclypsium Named to Coveted CNBC Upstart 100 List

Eclypsium Named to Coveted CNBC Upstart 100 List

| | Press Release
Enterprise Firmware Security Leader Recognized as One of The Most Promising Startups to Watch ... Read More