August Firmware Threat Report
In the cybersecurity industry, we hear about “the root of trust”(RoT) quite a bit. It’s the most important thing after all, right? Yet, very seldom do SecOPs, risk management, or board level conversations revolve around the topic or action the enterprise or mission to directly address it. Why is that? ... Read More
Report: Financial Institutions Are Overwhelmed When Facing Growing Firmware Security and Supply Chain Threats
New research report reveals financial organizations are failing to act despite majority experiencing a firmware-related breach ... Read More
One Bootloader to Load Them All
As part of our continuing research into vulnerable and malicious bootloaders, we have identified three new bootloader vulnerabilities which affect the vast majority of devices released over the past 10 years including x86-64 and ARM-based devices. These vulnerabilities could be used by an attacker to easily evade Secure Boot protections ... Read More
A Brief History of How Iron Sharpens Iron in Firmware Security
Firmware security has undergone an incredible transformation over the past several years. What was once an often forgotten and overlooked part of the technology stack has become one of the most active battlegrounds between cybersecurity attackers and defenders. And at a high level, it is easy to see why. Firmware ... Read More
Yet Another Uefi Bootkit Discovered: Meet CosmicStrand
As far back as the spring of 2017, UEFI bootkits began to appear in the wild. The first such implant was named “Spy Shadow Trojan”, and was discovered by the Qihoo360 research group based out of China. Someone had purchased a laptop off of a marketplace and the device kept ... Read More
July Firmware Threat Report
On the heels of RSA comes this month’s Below the Surface Threat Report. Our theme this month is, simply, “Time”. In the context of cyber warfare, cyber criminal attacks, and long-running espionage campaigns, it is time that serves as the ultimate advantage (or disadvantage) over an adversary ... Read More
DHS CISA Expands the Continuous Diagnostics and Mitigation Approved Product List to Secure Firmware Supply Chain, A First for the Agency
Eclypsium selected as the first company to help fortify the supply chain of hardware and firmware in government networks and systems ... Read More
SP 800-53 Makes Supply Chain and Firmware a Priority – But Are You Listening?
NIST Special Publication 800-53, Security and Privacy Controls for Information Systems and Organizations, is easily one of the most foundational documents in modern cybersecurity. While many security frameworks define high-level goals and requirements, SP 800-53 defines the specific controls to deliver on those goals ... Read More
Enter Through the Gift Shop: Door Controls, Phones & Rootkits
In modern computing, organizations are constantly barraged with new threats, risks, and vulnerabilities. Security staff are frequently in short supply and overworked, and priority and budget are allocated to systems like client desktops, servers, networking equipment, and cloud deployments. Yet, what recent research shows is that what is being protected ... Read More
HIGH OpenSSL Vulnerability Causes Stir
On 21 June 2022, OpenSSL version 3.0.4 introduced a severe bug (CVE-2022-2274) in the RSA implementation for X86_64 CPUs supporting AVX512IFMA instructions. This allowed for memory corruption on RSA implementations running 2048-bit private keys. An attacker could then perform RCE (Remote Code Execution) over the network against SSL/TLS and other ... Read More