Eclypsium, Author at Security Boulevard

Eclypsium Named Finalist in Black Unicorn Awards for 2021

| | Press Release
Leading enterprise firmware security company recognized as Baby Black Unicorn, having potential of being valued at $1b in near future ... Read More
Scott Scheferman’s July “Below the Surface” Hot-Take

July Firmware Threat Report

| | threat report
Check out Scott’s hot-take video for this month’s Threat Report. July came in hot. Really hot. Not more than a few hundred miles from our Portland, OR headquarters, the Bootleg fire continues to burn as the nation’s largest wildfire and the 3rd largest in Oregon’s history. Panning out, there’s an ... Read More
Eclypsium Detects Severe Vulns in Accellion FTA Devices

Eclypsium Detects Severe Vulns in Accellion FTA Devices

| | Industry
Since February 2021, Accellion File Transfer Appliance (FTA) servers have been hammered by an announced zero-day that opened the door to data theft and extortion campaigns orchestrated by UNC2546 UNC2582 cybercrime groups. Various organizations–ranging from grocery giant Kroger to Royal Dutch Shell, The Washington State Auditor’s Office, The University of ... Read More

NIST Kicks the Can: Why We Need to Address Firmware Security Now

| | Industry
Register for our July 14 webinar and learn how you can get ahead of fast-growing firmware attacks today. Sometimes you just need to stop, stretch, and pick up the can. Earlier this month we did an analysis of the President’s Executive Order on Improving the Nation’s Cybersecurity (You Can’t Unsee ... Read More
June Firmware Threat Report

June Firmware Threat Report

| | threat report
Not just one, but four. That’s how many vulnerabilities Eclypsium researchers discovered in Dell’s BIOSConnect feature. Taken together, this chain of vulnerabilities has a CVSS score of 8.3 (High) because it allows a privileged network adversary to impersonate Dell.com and gain arbitrary code execution at the BIOS/UEFI level. As readers ... Read More
Eclypsium Discovers Multiple Vulnerabilities Affecting 128 Dell Models via Dell Remote OS Recovery and Firmware Update Capabilities

Eclypsium Discovers Multiple Vulnerabilities Affecting 128 Dell Models via Dell Remote OS Recovery and Firmware Update Capabilities

| | research
BIOS Disconnect – Vendor Update Tools Pose Significant Risks to the Integrity of Dell Devices Join Eclypsium’s John Loucaides for a webinar on June 30th discussing the risks these vulnerabilities pose to enterprise security and steps for mitigation. Download the PDF > Introduction Eclypsium researchers have identified multiple vulnerabilities affecting ... Read More

Eclypsium and Securecraft Now Offer Enterprise Device Integrity Platform to Singapore and Malaysian Markets

| | Press Release
Eclypsium, the enterprise device integrity company, announced it has partnered with Securecraft PTE. Ltd, an authorized Singapore-based IT distributor ... Read More
All Our Devices Aren't Belong 2 Us - Scott Scheferman - RSA21

May Firmware Threat Report

| | threat report
Sometimes it takes a thunderstorm before seeing positive outcomes and real change: Cyber May Flowers, if you will. The SolarWinds and related supply chain attacks put our government through the crucible of painful incident response and restoration efforts. The events also became a watershed moment, one in which cyber risk ... Read More
You Can’t Unsee the Rabbit:  Perspectives on the 2021 Cybersecurity Executive Order

You Can’t Unsee the Rabbit: Perspectives on the 2021 Cybersecurity Executive Order

| | Industry
Visual illusions are fascinating. As entertainment, they can astound us and surprise us. As learning tools, they make us rethink our assumptions. At their best, they give us new perspectives that can change our actual behavior forever.   In one of my favorites illusions, the image below was presented in the ... Read More

Eclypsium Enhances Platform to Extend Deep Visibility and Security to Network and Unmanaged Devices

| | Press Release
Portland, OR – May 17, 2021 – Eclypsium® today announced a major new extension to their enterprise device integrity platform, which lets organizations easily extend visibility and security beyond their traditional endpoints to now include network and unmanaged devices that can impact overall security posture. These include traditional network gear ... Read More