How to Reduce Supply Chain Risk: Lessons from Efforts to Block Huawei

April Firmware Threat Report

| | threat report
Below The Surface is a monthly firmware threat report from the research team at Eclypsium. Each issue contains the latest threat research, insights and advice on enterprise firmware and hardware security ...

Microsoft Windows SMB Server Could Allow for Remote Code Execution (CVE-2020-0796) – Security Advisory

SUBJECT: A Vulnerability in Microsoft Windows SMB Server Could Allow for Remote Code Execution (CVE-2020-0796) OVERVIEW: A vulnerability has been discovered in Microsoft Windows SMB Server that could allow for remote code ...

Microsoft Windows SMB Server Could Allow for Remote Code Execution (CVE-2020-0796) – Security Advisory

SUBJECT: A Vulnerability in Microsoft Windows SMB Server Could Allow for Remote Code Execution (CVE-2020-0796) OVERVIEW: A vulnerability has been discovered in Microsoft Windows SMB Server that could allow for remote code ...
threat report

Threat Report: Cybercriminals Expand Vertical Focus

The annual Threat Report published by BlackBerry Limited finds that while financial services and the retail sector continue to bear the brunt of most cybersecurity attacks, cybercriminals have expanded their targets in ...
Security Boulevard
The Unprotected Attack Surface of the Enterprise - John Loucaides - PSW #639

February Firmware Threat Report

| | threat report
Below The Surface is a monthly firmware threat report from the research team at Eclypsium. Each issue contains the latest threat research, insights and advice on enterprise firmware and hardware security ...
January Threat Report

January Threat Report

| | threat report
Yesterday Eclypsium published new research exposing vulnerabilities to Direct Memory Access (DMA) attacks in laptops from HP and Dell. Eclypsium researchers, Mickey Shkatov and Jesse Michael demonstrated that high speed DMA attacks ...
December Threat Report

December Threat Report

| | threat report
Eclypsium explores the techniques of successful firmware attacks as they apply to stages of a kill chain in this new report designed to help you assess and defend enterprise devices from firmware ...

Why Customers Trust Bromium to Let Malware Run on their Endpoints

Bromium customers enthusiastically choose to let malware keep running in isolated micro-VMs 86% of the time This seemingly counterintuitive approach maximizes threat intelligence, made possible only by virtualization-based security Traditional solutions try ...
Deeper Down the Rabbit Hole: Second-Stage Attack and a Fileless Finale

Deeper Down the Rabbit Hole: Second-Stage Attack and a Fileless Finale

­­In our last blog, “Following a Trail of Confusion: PowerShell in Malicious Office Documents”, we systematically unraveled multiple layers of obfuscation initiated by a weaponized first-stage Microsoft Word document to reveal a ...

CVE-2018-17914

InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2. [...] ...