News | Enterprise Firmware Security | Eclypsium

Featured Coverage

March 10, 2020

These are the most innovative security companies of 2020

This year’s Most Innovative Companies in security ensure the latest data protection technologies are in place across the computing world. Eclypsium was named to the list for launching a platform to protect from firmware attacks.

Read Fast Company article >

February 18, 2020

Hundreds of Millions of PC Components Still Have Hackable Firmware

The lax security of supply chain firmware has been a known concern for years—with precious little progress being made. Eclypsium found that a slew of network cards, trackpads, Wi-Fi adapters, USB hubs, and webcams all had firmware that could be updated with “unsigned” code that lacks any cryptographic verification In other words, it could be rewritten without any security check.

Read article in Wired

November 12, 2019

100 of the world’s most promising start-ups to watch in 2019

Every year, CNBC scans the globe looking for the 100 venture-backed start-ups that have the potential to transform industries and become tomorrow’s household names. Enterprise firmware security leader Eclypsium was named to this year’s list.

Read CNBC article

August 11, 2019

Critical Windows 10 Warning: Millions Of Users At Risk

Eclypsium researchers found a common design flaw within the hardware device drivers from multiple vendors. In total, the number of hardware vendors affected runs to 20 and includes every major BIOS vendor. The nature of the vulnerability has the potential for the widespread compromise of Windows 10 machines.

Read Forbes article

Podcasts and Videos

Decipher podcast: Eclypsium’s Rick Altherr on Perilous Peripherals

February 19, 2020

Hundreds of Millions of Components Still Have Hackable Firmware

February 19, 2020

Eclypsium’s John Loucaides in an RSA pre-show interview

February 19, 2020

Eclypsium’s John Loucaides discussed the unprotected attack surface of the enterprise on Paul’s Security Weekly

February 14, 2020

Why direct-memory attacks on laptops just won’t go away

February 5, 2020

On the Metal: Eclypsium’s Rick Altherr

January 15, 2020

Attack Other People’s Refrigerators

November 21, 2019

October 11, 2019

Yuriy Bulygin – CEO and co-founder, Eclypsium

September 5, 2019

Post Vegas edition, more news than we can handle

August 14, 2019

The CyberWire Daily Podcast

Security Industry Briefings Update – Enterprise Security Weekly #136

RSAC 2019 Recap – Enterprise Security Weekly #129

Supermicro hardware weaknesses let researchers backdoor an IBM cloud server

February 28, 2019

In the News

The 2020 OODA Cybersecurity Watch List – Eclypsium

Securing the stack – a 2020 imperative

Intel Security Gap Hard to Exploit Without Physical Data Center Access

Eclypsium Named to Fast Company’s Annual List of the World’s Most Innovative Companies for 2020

Unfixable flaw in nearly all Intel chips released in the last five years could allow cyber criminals to hijack computers and wreak ‘utter chaos’

5 years of Intel CPUs and chipsets have a concerning flaw that’s unfixable

Rootkit in the Cloud: Hacker Group Breaches AWS Servers

Hundreds of Millions of PC Components Still Have Hackable Firmware

February 20, 2020

Perilous peripherals: Fake firmware warning after 5 years of inaction

February 20, 2020

Eclypsium security report shows unsigned firmware as ongoing headache

February 20, 2020

Unsigned Firmware Puts Windows, Linux Peripherals at Risk

February 20, 2020

Hackable firmware lurks inside Dell, HP and Lenovo computers amid supply chain security efforts

February 19, 2020

Lack of firmware validation for computer peripherals enables highly persistent attacks

February 19, 2020

Failure to sign firmware updates put Windows and Linux devices at risk

February 19, 2020

New research from cybersecurity firm Eclypsium finds that unsigned firmware is a major security problem

February 19, 2020

What does a Lenovo touch pad, an HP camera and Dell Wi-Fi have in common? They’ll swallow any old firmware, legit or saddled with malware

February 19, 2020

Modern Laptops and Network Cards Still Using Unsigned Firmware

February 18, 2020

Millions Of Windows And Linux Systems Are Vulnerable To This ‘Hidden’ Cyber Attack

February 18, 2020

Don’t Trust, Just Verify

February 18, 2020

Lack of firmware validation for computer peripherals enables highly persistent attacks

February 18, 2020

Windows, Linux Devices at Risk Due to Unsigned Peripheral Firmware

February 18, 2020

Lack of firmware validation for computer peripherals enables highly persistent attacks

February 18, 2020

Lenovo, HP, Dell Peripherals Face Unpatched Firmware Bugs

February 18, 2020

Five years after the Equation Group HDD hacks, firmware security still sucks

February 18, 2020

Peripherals With Unsigned Firmware Expose Windows, Linux Computers to Attacks

February 18, 2020

Firmware Weaknesses Can Turn Computer Subsystems into Trojans

February 18, 2020

Eclypsium Researchers Explore Perils of Insecure Peripheral Firmware in New Study

February 18, 2020

Unsigned firmware a bonanza for hackers

February 18, 2020

‘Millions’ of Dell, HP, and Lenovo PCs sitting ducks for firmware attacks

February 18, 2020

Is your firmware vulnerable to attack? A report says it might be

February 18, 2020

Daily Briefing – Eclypsium Report

February 18, 2020

Peripherals In Dell, HP, Lenovo PCs Leave Millions Vulnerable To Attack, Research Finds

February 18, 2020

‘Millions’ of Windows, Linux system open to attack due to risky firmware

February 18, 2020

Eclypsium Researchers Demonstrate Direct Memory Attacks

January 31, 2020

Enterprise Hardware Still Vulnerable to Memory Lane Attacks

January 30, 2020

Why direct-memory attacks on laptops just won’t go away

January 30, 2020

Devices Still Vulnerable to DMA Attacks Despite Protections

January 30, 2020

Enterprises ill-prepared for memory lane attacks despite defences

January 30, 2020

Dell, HP Memory-Access Bugs Open Attacker Path to Kernel Privileges

January 30, 2020

Total Eclypsium of the Laptop

January 30, 2020

Enterprise laptops vulnerable to critical direct memory access attack

January 30, 2020

Dell, HP security flaws leave laptops open to dangerous attacks

January 30, 2020

Firmware Vulnerabilities Creating an Expanded Attack Surface

December 5, 2019

Fight back against firmware attacks

December 4, 2019

Flood of New Advisories Expose Massive Gaps in Firmware Security

November 19, 2019

Intel Driver Vulnerability Can Give Attackers Deep Access to a Device

November 13, 2019

Intel Has Fixed Vulnerability That Allows for ‘Near-Omnipotent Control’ of Device

November 13, 2019

Researchers Describe Significant Flaw in Intel’s PMx Driver

November 13, 2019

Intel releases security updates to fix critical vulnerabilities in PMx driver

November 13, 2019

Intel releases updates to plug TPM-FAIL flaws, foil ZombieLoad v2 attacks

November 13, 2019

Researchers Describe Significant Flaw in Intel’s PMx Driver

November 13, 2019

Don’t miss this patch: Bad Intel drivers give hackers a backdoor to the Windows kernel

November 12, 2019

Researchers Disclose New Vulnerabilities in Windows Drivers

November 12, 2019

Intel Warns of Critical Info-Disclosure Bug in Security Engine

November 12, 2019

Flaw in Intel PMx driver gives ‘near-omnipotent control over a victim device’

November 12, 2019

The scariest hacks and vulnerabilities of 2019

October 28, 2019

How FISMA Requirements Relate to Firmware Security

October 3, 2019

Exploit found in Supermicro motherboards could allow for remote hijacking

September 5, 2019

Supermicro fixes BMC software flaws that expose servers to virtual USB attacks

September 5, 2019

Supermicro: New Critical Security Flaw Lets Hackers Take Over Corporate Servers, Exfiltrate Data

September 4, 2019

Over 47K Supermicro servers’ BMCs are prone to USBAnywhere, a remote virtual media vulnerability

September 4, 2019

At least 47,000 servers vulnerable to remote attack

September 3, 2019

Insecure virtual USB feature in Supermicro BMCs exposes servers to attack

September 3, 2019

BMC vulnerabilities in Supermicro servers allow remote takeover, data exfiltration attacks

September 3, 2019

USBAnywhere Bugs in Supermicro Servers Allow Remote USB Access

September 3, 2019

Enjoy the holiday weekend, America? Well-rested? Good. Supermicro server boards can be remotely hijacked

September 3, 2019

Supermicro Bug Could Let “Virtual USBs” Take Over Corporate Servers

September 3, 2019

Over 47K Supermicro Corporate Servers Vulnerable to Attack

September 3, 2019

Supermicro Vulnerability Gives “Virtually Omnipotent Control over a Server and its Contents”

September 3, 2019

Researchers found several flaws, such as weak encryption, in a popular series of servers.

September 3, 2019

Supermicro BMCs were susceptible to remote attacks, according to firmware security startup

September 3, 2019

USBAnywhere: BMC Flaws Expose Supermicro Servers to Remote Attacks

September 3, 2019

BMC Vulnerabilities Expose Supermicro Servers to Remote USB-Attacks

September 3, 2019

Researchers discover 40+ insecure drivers for Windows

August 13, 2019

What do Windows 10 and Uber or Lyft have in common? One bad driver can really ruin your day. And 40 can totally ruin your month

August 12, 2019

Screwed Drivers’ Report Finds Intel, AMD and Nvidia Vulnerabilities (Among Others)

August 11, 2019

Researchers Find Over 40 Windows Security Flaws In Drivers From AMD, NVIDIA, Intel And Others

August 11, 2019

Vulnerabilities in Device Drivers From 20 Vendors Expose PCs to Persistent Malware

August 11, 2019

Windows 10 Security Alert: Vulnerabilities Found in Over 40 Drivers

August 10, 2019

Drivers from Over 40 Manufacturers Including Intel, NVIDIA, AMD Vulnerable to Privilege Escalation Malware Attacks

August 10, 2019

Driver Disaster: Over 40 Signed Drivers Can’t Pass Security Muster

August 10, 2019

Researchers find security flaws in 40 kernel drivers from 20 vendors

August 10, 2019

CYBER NEWS ROUNDUP: WHAT TO EXPECT AT BLACK HAT AND DEF CON

Intel, Sequretek, Eclypsium and Perception Point Advance Threat Detection Solutions

Firmware Vulnerabilities Show Supply Chain Risks

Vulnerable firmware in enterprise server supply chain

BMC firmware weaknesses put popular servers at risk

BMC Firmware Vulnerabilities Affect Lenovo, Gigabyte Servers

If malware wants to bury deep inside your Lenovo or Gigabyte servers, they can just ask Vertiv’s insecure BMC firmware

Firmware Bugs Plague Server Supply Chain, 7 Vendors Impacted

Gigabyte and Lenovo servers impacted by common BMC firmware flaws

This firmware flaw was bad enough, but then researchers looked at the supply chain

Security Flaws Found in Intel Software, Data Center SSDs

The importance of hardening firmware security

Windows 10 security: Bad bug in our CPU diagnostics app, so patch now, says Intel

Intel Patches High-Severity Flaw in Processor Diagnostic Tool

Why locking down ‘firmware’ has now become the next big cybersecurity challenge

Jolted by Meltdown and Spectre, Intel aims to accelerate patching process

How do I stop old USB drives from infecting my new Windows PC?

Business Briefs: Ubiquity Ventures Announces Its First Portfolio Companies

How Portland-area startups captured attention from 3 heavy-hitting investors

Eclypsium Platform 1.0 now available

Bare-Metal Cloud Firmware Security Fail Isn’t Limited to IBM – by Far

Bare-Metal Cloud Firmware Security Fail Isn’t Limited to IBM – by Far

How one Beaverton security company is fighting to protect firmware

Intel and Partner Ecosystem Offer New Silicon-Enabled Security Solutions

Hottest new cybersecurity products at RSA 2019

February 28, 2019

Supermicro hardware weaknesses let researchers backdoor an IBM cloud server

February 27, 2019

Security team discussed weakness in bare-metal services

February 27, 2019

Bare-metal cloud servers vulnerable to Cloudborne flaw

February 26, 2019

Morning Cybersecurity

February 26, 2019

After IBM SoftLayer fails to scrub bare-metal box firmware of any lurking spies, alarm raised over cloud server security

February 26, 2019

Supermicro hardware weaknesses let researchers backdoor an IBM cloud server

February 26, 2019

Hackers Can Slip Invisible Malware into ‘Bare Metal’ Cloud Computers

February 26, 2019

‘Cloudborne’: Bare-Metal Cloud Servers Vulnerable to Attack

February 26, 2019

‘Cloudborne’ IaaS Attack Allows Persistent Backdoors in the Cloud

February 26, 2019

Hackers Can Plant Backdoors on Bare Metal Cloud Servers: Researchers

February 26, 2019

Hackers Backdoor Cloud Servers to Attack Future Customers

February 26, 2019

Security automation on display in 2019 RSAC Innovation Sandbox

February 22, 2019

Innovation and Emerging Technology at the 2019 RSA Conference

February 20, 2019

Eclypsium demonstrates the remote bricking of a server

December 20, 2018

Watch researchers remotely brick a server by corrupting its BMC and UEFI firmware

December 19, 2018

How to Remotely Brick a Server

December 19, 2018

Fed IT security falls short

December 19, 2018

Servers Can Be Bricked Remotely via BMC Attack

December 19, 2018

How BMC and UEFI can be exploited to brick servers and take down your data center

December 19, 2018

Eclypsium raises $8.75M Series A round led by Madrona Venture Group to tackle hardware security

December 4, 2018

If Supermicro boards were so bug-ridden, why would hackers ever need implants?

October 11, 2018

Supermicro servers fixed after insecure firmware updating discovered

September 10, 2018

Supermicro wraps crypto-blanket around server firmware to hide it from malware injectors

September 7, 2018

Vulnerabilities found in the remote management interface of Supermicro servers

September 6, 2018

Intel Xeon workhorses boot evil maids out of the hotel: USB-based spying thwarted by fix

Evil Maid Attack Takes Your PC To The Cleaners With Sub-4 Minute Backdoor Firmware Install

Watch a Hacker Install a Firmware Backdoor on a Laptop in Less Than 5 Minutes

What got breached this week? Ticket portals, DNA sites, and Atlanta’s police cameras

Supermicro is the latest hardware vendor with a security issue

Firmware Vulnerabilities Disclosed in Supermicro Server Products

Spectre chip security vulnerability strikes again; patches incoming

Experts warn new ‘Superspectre’ bug uses the chip flaw to gain access to ‘all the secrets’ stored on a machine

Ex-Intel security expert: This new Spectre attack can even reveal firmware secrets

New Spectre Attack Recovers Data From a CPU’s Protected SMM Mode

Millions of Computers Are at Risk of Hacks That Crack Into Their Core

Intel Capital boosts startup investment, including Portland cybersecurity company

October 19, 2017

Former Intel security researchers launch firmware-targeted startup, land $2M

October 4, 2017

Press Releases

Eclypsium Named to Fast Company’s Annual List of the World’s Most Innovative Companies for 2020

Enterprise firmware security leader also receives Info Security PG’s Global Excellence Award and multiple Cybersecurity Excellence Awards

Eclypsium Named to Coveted CNBC Upstart 100 List

Enterprise Firmware Security Leader Recognized as One of The Most Promising Startups to Watch

Eclypsium Collaborates with Intel to Reduce Firmware Attack Surface

Eclypsium Platform Now Generally Available; Joint Demos Available at RSA Conference

Eclypsium Selected as Finalist for 2019 RSA Conference Innovation Sandbox Contest

Eclypsium recognized for pioneering security that defends the firmware layer of the enterprise from vulnerabilities and threats

Firmware Security Leader Eclypsium Raises $8.75M Series A

Madrona Venture Group, Andreessen Horowitz and Intel Capital Invest in Eclypsium’s Oversubscribed Series A Round.

News Blog

Feature Image

Using Run-Time Hardware Telemetry to Detect Firmwa …

Announcing General Availability of Eclypsium Platf …

Series A Funding and Eclypsium’s Next Chapter

UEFI Attacks in the Wild

Infrastructure Attacks Take Center Stage

Eclypsium at Black Hat USA

Introducing Eclypsium

Media Contact

ZAG Communications for Eclypsium
Kari Walker
kari@zagcommunications.com
+1 (703) 928-9996