News Room


Eclypsium’s industry-leading firmware threat research has been featured in publications including Wired, Bloomberg, Dark Reading, Threatpost, Politico and Ars Technica.

Featured Coverage

July 29, 2020
‘BootHole’ Secure Boot Threat Found In Most Every Linux Distro, Windows 8 And 10

Security researchers at Eclypsium discovered a vulnerability that affects the bootloader used by ‘virtually every’ Linux system, and almost every Windows device using Secure Boot with Microsoft’s standard Unified Extensible Firmware Interface (UEFI) certificate authority.

Read article in Forbes >

March 10, 2020
These are the most innovative security companies of 2020

This year’s Most Innovative Companies in security ensure the latest data protection technologies are in place across the computing world. Eclypsium was named to the list for launching a platform to protect from firmware attacks.

Read Fast Company article >

February 18, 2020
Hundreds of Millions of PC Components Still Have Hackable Firmware

The lax security of supply chain firmware has been a known concern for years—with precious little progress being made. Eclypsium found that a slew of network cards, trackpads, Wi-Fi adapters, USB hubs, and webcams all had firmware that could be updated with “unsigned” code that lacks any cryptographic verification In other words, it could be rewritten without any security check.

Read article in Wired

November 12, 2019
100 of the world’s most promising start-ups to watch in 2019

Every year, CNBC scans the globe looking for the 100 venture-backed start-ups that have the potential to transform industries and become tomorrow’s household names. Enterprise firmware security leader Eclypsium was named to this year’s list.

Read CNBC article

Podcasts and Videos

ESW interviews John Loucaides on #BootHoleVulnerability
August 6, 2020
Rite Aid Used Facial Recognition Cameras; BootHole Hits GRUB2
August 4, 2020
This Week in Linux 111: Linux 5.8, BootHole & GRUB2 Flaws, Firefox 79, JellyFin, Nitrux, & More
August 4, 2020
There’s a Hole in my Boot!
August 4, 2020
Is BOOTHOLE the WORST Vulnerability We’ve Ever Seen?
August 3, 2020
GNU GRUB2 Vulnerability, ‘BootHole’ Secure Boot Threat, & Garmin Ransomware Hack – PSW #660
July 31, 2020
Consumer VPNs; Tails 4.9; Browser Updates; GRUB2 Vuln; Facial Recognition and Masks
July 30, 2020
BootHole may be tough to patch.
July 30, 2020
Hidden dangers inside Windows and LINUX computers
March 28, 2020
Decipher podcast: Eclypsium’s Rick Altherr on Perilous Peripherals
February 19, 2020
Hundreds of Millions of Components Still Have Hackable Firmware
February 19, 2020
Eclypsium’s John Loucaides in an RSA pre-show interview
February 19, 2020
Eclypsium’s John Loucaides discussed the unprotected attack surface of the enterprise on Paul’s Security Weekly
February 14, 2020
Why direct-memory attacks on laptops just won’t go away
February 5, 2020
On the Metal: Eclypsium’s Rick Altherr
January 15, 2020
Attack Other People’s Refrigerators
November 21, 2019
Orrin Inside
October 11, 2019
Yuriy Bulygin – CEO and co-founder, Eclypsium
September 5, 2019
Post Vegas edition, more news than we can handle
August 14, 2019
The CyberWire Daily Podcast
July 17, 2019
Security Industry Briefings Update – Enterprise Security Weekly #136
May 8, 2019
RSAC 2019 Recap – Enterprise Security Weekly #129
March 15, 2019
Supermicro hardware weaknesses let researchers backdoor an IBM cloud server
February 28, 2019

In the News

NSA issues BootHole mitigation guidance
August 5, 2020
The fixes to the Linux BootHole fixes are in
August 4, 2020
NSA and CISA push guidance for BootHole fix
July 31, 2020
Boot-Loading Flaw Affects Linux, Windows Devices
July 31, 2020
THIS WEEK IN SECURITY: TWILIO, POGOTV, AND BOOTHOLE
July 31, 2020
Red Hat’s BootHole Patches Cause Systems to Hang
July 31, 2020
BootHole fixes causing boot problems across multiple Linux distros
July 31, 2020
NSA warns of GRUB2 BootHole vulnerability
July 31, 2020
Dealing with a Hole in Secure Boot
July 31, 2020
Eclypsium researchers find hole in Linux bootloader GRUB2
July 31, 2020
Red Hat Enterprise Linux runs into Boothole patch trouble
July 30, 2020
Microsoft Security Advisory Highlights ‘BootHole’ Vulnerability in Systems with Secure Boot
July 30, 2020
Scary ‘BootHole’ flaw puts Windows, Linux PCs at risk: What to do
July 30, 2020
Servers at risk from “BootHole” bug – what you need to know
July 30, 2020
BootHole and Seven Other Vulnerabilities Patched in GRUB2, Update Your Distros Now
July 30, 2020
Bug in widely used bootloader opens Windows, Linux devices to persistent compromise
July 30, 2020
Billions of Windows and Linux devices at risk of hijacking
July 30, 2020
Companies Respond to ‘BootHole’ Vulnerability
July 30, 2020
BootHole vulnerability puts Windows, Linux systems at risk
July 30, 2020
New ‘BootHole’ security Vulnerability revealed, puts millions of systems at risk including Linux and Windows OS
July 30, 2020
BootHole exposes billions of devices to attack
July 30, 2020
‘BootHole’ Vulnerability Puts Billions Of Windows, Linux Systems At Risk
July 30, 2020
Boothole vulnerability puts billions of Windows and Linux devices at risk
July 30, 2020
Linux distros fix new Boothole bug
July 29, 2020
Linux GRUB2 bootloader flaw breaks Secure Boot on most computers and servers
July 29, 2020
New BootHole Vulnerability Affects Billions of Devices, Compromises GRUB2 Boot-loader
July 29, 2020
Critical GRUB2 Bootloader Bug Affects Billions of Linux and Windows Systems
July 29, 2020
New BootHole Vulnerability Revealed, Impacts Billions of Devices
July 29, 2020
Billions of Devices Impacted by Secure Boot Bypass
July 29, 2020
‘Boothole’ threatens billions of Linux, Windows devices
July 29, 2020
New flaw neuters Secure Boot, but there’s no reason to panic. Here’s why
July 29, 2020
A flaw in the GRUB2 bootloader allows hackers to bypass Secure Boot on billions of systems
July 29, 2020
‘BootHole’ Vulnerability Exposes Secure Boot Devices to Attack
July 29, 2020
GRUB2, you’re getting too bug for your boots: Config file buffer overflow is a boon for malware seeking to drill deeper into a system
July 29, 2020
New bug in PC booting process could take years to fix, researchers say
July 29, 2020
“Boothole” Bootloader Flaw Breaks Security on Most Linux, Windows Devices
July 29, 2020
‘BootHole’ Flaw Allows Installation of Stealthy Malware, Affects Billions of Devices
July 29, 2020
Researchers disclose widespread bootloader vulnerability
July 29, 2020
‘BootHole’ bug puts most Linux, Windows systems in jeopardy
July 29, 2020
BootHole GRUB2 Bootloader Security Exploit Discovered, Affects Billions Of Windows And Linux Devices
July 29, 2020
BootHole GRUB bootloader bug lets hackers hide malware in Linux, Windows
July 29, 2020
Newly discovered Linux and Windows vulnerability opens the door to hackers
July 29, 2020
Serious BootHole vulnerability puts millions of systems at risk
July 29, 2020
‘BootHole’ attack impacts Windows and Linux systems using GRUB2 and Secure Boot
July 29, 2020
‘BootHole’ Secure Boot Threat Found In Most Every Linux Distro, Windows 8 And 10
July 29, 2020
New BootHole flaw in Secure Boot affects a huge number of Linux and Windows systems
July 29, 2020
Privilege escalation explained: Why these flaws are so valuable to hackers
July 7, 2020
Newly discovered vulnerabilities could allow more persistent and destructive attacks on popular models of ATM and POS devices
July 1, 2020
Faulty Drivers Fuel ATM Hacking Problem, Say Researchers
June 30, 2020
Vulnerable drivers can enable crippling attacks against ATMs and POS systems
June 30, 2020
NOT QUITE A JACKPOT, BUT STILL
June 29, 2020
Driver Vulnerabilities Facilitate Attacks on ATMs, PoS Systems
June 29, 2020
Screwed Drivers Open ATMs to Attack
June 29, 2020
Digital disruption grows attack surface
June 18, 2020
A CMMC Approach to Address Firmware Vulnerabilities and Ensure Device Integrity
June 16, 2020
Thunderbolt Flaws Expose Millions of PCs to Hands-On Hacking
May 11, 2020
Eclypsium Named a Cool Vendor in the May 2020 Gartner Cool Vendors in Security Operations and Threat Intelligence Report
May 11, 2020
Eclypsium Delivers Essential, Comprehensive Solutions for Protecting the Enterprise from Firmware Threats
May 5, 2020
The 2020 OODA Cybersecurity Watch List – Eclypsium
March 11, 2020
Securing the stack – a 2020 imperative
March 11, 2020
Intel Security Gap Hard to Exploit Without Physical Data Center Access
March 11, 2020
Eclypsium Named to Fast Company’s Annual List of the World’s Most Innovative Companies for 2020
March 10, 2020
Unfixable flaw in nearly all Intel chips released in the last five years could allow cyber criminals to hijack computers and wreak ‘utter chaos’
March 6, 2020
5 years of Intel CPUs and chipsets have a concerning flaw that’s unfixable
March 5, 2020
Rootkit in the Cloud: Hacker Group Breaches AWS Servers
March 4, 2020
Hundreds of Millions of PC Components Still Have Hackable Firmware
February 20, 2020
Perilous peripherals: Fake firmware warning after 5 years of inaction
February 20, 2020
Eclypsium security report shows unsigned firmware as ongoing headache
February 20, 2020
Unsigned Firmware Puts Windows, Linux Peripherals at Risk
February 20, 2020
Hackable firmware lurks inside Dell, HP and Lenovo computers amid supply chain security efforts
February 19, 2020
Lack of firmware validation for computer peripherals enables highly persistent attacks
February 19, 2020
Failure to sign firmware updates put Windows and Linux devices at risk
February 19, 2020
New research from cybersecurity firm Eclypsium finds that unsigned firmware is a major security problem
February 19, 2020
What does a Lenovo touch pad, an HP camera and Dell Wi-Fi have in common? They’ll swallow any old firmware, legit or saddled with malware
February 19, 2020
Modern Laptops and Network Cards Still Using Unsigned Firmware
February 18, 2020
Millions Of Windows And Linux Systems Are Vulnerable To This ‘Hidden’ Cyber Attack
February 18, 2020
Lack of firmware validation for computer peripherals enables highly persistent attacks
February 18, 2020
Don’t Trust, Just Verify
February 18, 2020
Windows, Linux Devices at Risk Due to Unsigned Peripheral Firmware
February 18, 2020
Lack of firmware validation for computer peripherals enables highly persistent attacks
February 18, 2020
Lenovo, HP, Dell Peripherals Face Unpatched Firmware Bugs
February 18, 2020
Five years after the Equation Group HDD hacks, firmware security still sucks
February 18, 2020
Peripherals With Unsigned Firmware Expose Windows, Linux Computers to Attacks
February 18, 2020
Firmware Weaknesses Can Turn Computer Subsystems into Trojans
February 18, 2020
Eclypsium Researchers Explore Perils of Insecure Peripheral Firmware in New Study
February 18, 2020
Unsigned firmware a bonanza for hackers
February 18, 2020
‘Millions’ of Dell, HP, and Lenovo PCs sitting ducks for firmware attacks
February 18, 2020
Is your firmware vulnerable to attack? A report says it might be
February 18, 2020
Daily Briefing – Eclypsium Report
February 18, 2020
Peripherals In Dell, HP, Lenovo PCs Leave Millions Vulnerable To Attack, Research Finds
February 18, 2020
‘Millions’ of Windows, Linux system open to attack due to risky firmware
February 18, 2020
Eclypsium Researchers Demonstrate Direct Memory Attacks
January 31, 2020
Enterprise Hardware Still Vulnerable to Memory Lane Attacks
January 30, 2020
Why direct-memory attacks on laptops just won’t go away
January 30, 2020
Devices Still Vulnerable to DMA Attacks Despite Protections
January 30, 2020
Enterprises ill-prepared for memory lane attacks despite defences
January 30, 2020
Dell, HP Memory-Access Bugs Open Attacker Path to Kernel Privileges
January 30, 2020
Total Eclypsium of the Laptop
January 30, 2020
Enterprise laptops vulnerable to critical direct memory access attack
January 30, 2020
Dell, HP security flaws leave laptops open to dangerous attacks
January 30, 2020
Firmware Vulnerabilities Creating an Expanded Attack Surface
December 5, 2019
Fight back against firmware attacks
December 4, 2019
Flood of New Advisories Expose Massive Gaps in Firmware Security
November 19, 2019
Intel Driver Vulnerability Can Give Attackers Deep Access to a Device
November 13, 2019
Intel Has Fixed Vulnerability That Allows for ‘Near-Omnipotent Control’ of Device
November 13, 2019
Researchers Describe Significant Flaw in Intel’s PMx Driver
November 13, 2019
Intel releases security updates to fix critical vulnerabilities in PMx driver
November 13, 2019
Intel releases updates to plug TPM-FAIL flaws, foil ZombieLoad v2 attacks
November 13, 2019
Researchers Describe Significant Flaw in Intel’s PMx Driver
November 13, 2019
Don’t miss this patch: Bad Intel drivers give hackers a backdoor to the Windows kernel
November 12, 2019
Researchers Disclose New Vulnerabilities in Windows Drivers
November 12, 2019
Intel Warns of Critical Info-Disclosure Bug in Security Engine
November 12, 2019
Flaw in Intel PMx driver gives ‘near-omnipotent control over a victim device’
November 12, 2019
The scariest hacks and vulnerabilities of 2019
October 28, 2019
How FISMA Requirements Relate to Firmware Security
October 3, 2019
Exploit found in Supermicro motherboards could allow for remote hijacking
September 5, 2019
Supermicro fixes BMC software flaws that expose servers to virtual USB attacks
September 5, 2019
Supermicro: New Critical Security Flaw Lets Hackers Take Over Corporate Servers, Exfiltrate Data
September 4, 2019
Over 47K Supermicro servers’ BMCs are prone to USBAnywhere, a remote virtual media vulnerability
September 4, 2019
At least 47,000 servers vulnerable to remote attack
September 3, 2019
Insecure virtual USB feature in Supermicro BMCs exposes servers to attack
September 3, 2019
BMC vulnerabilities in Supermicro servers allow remote takeover, data exfiltration attacks
September 3, 2019
USBAnywhere Bugs in Supermicro Servers Allow Remote USB Access
September 3, 2019
Enjoy the holiday weekend, America? Well-rested? Good. Supermicro server boards can be remotely hijacked
September 3, 2019
Supermicro Bug Could Let “Virtual USBs” Take Over Corporate Servers
September 3, 2019
Over 47K Supermicro Corporate Servers Vulnerable to Attack
September 3, 2019
Supermicro Vulnerability Gives “Virtually Omnipotent Control over a Server and its Contents”
September 3, 2019
Researchers found several flaws, such as weak encryption, in a popular series of servers.
September 3, 2019
Supermicro BMCs were susceptible to remote attacks, according to firmware security startup
September 3, 2019
USBAnywhere: BMC Flaws Expose Supermicro Servers to Remote Attacks
September 3, 2019
BMC Vulnerabilities Expose Supermicro Servers to Remote USB-Attacks
September 3, 2019
Researchers discover 40+ insecure drivers for Windows
August 13, 2019
What do Windows 10 and Uber or Lyft have in common? One bad driver can really ruin your day. And 40 can totally ruin your month
August 12, 2019
Screwed Drivers’ Report Finds Intel, AMD and Nvidia Vulnerabilities (Among Others)
August 11, 2019
Critical Windows 10 Warning: Millions Of Users At Risk
August 11, 2019
Researchers Find Over 40 Windows Security Flaws In Drivers From AMD, NVIDIA, Intel And Others
August 11, 2019
Vulnerabilities in Device Drivers From 20 Vendors Expose PCs to Persistent Malware
August 11, 2019
Windows 10 Security Alert: Vulnerabilities Found in Over 40 Drivers
August 10, 2019
Drivers from Over 40 Manufacturers Including Intel, NVIDIA, AMD Vulnerable to Privilege Escalation Malware Attacks
August 10, 2019
Driver Disaster: Over 40 Signed Drivers Can’t Pass Security Muster
August 10, 2019
Researchers find security flaws in 40 kernel drivers from 20 vendors
August 10, 2019
CYBER NEWS ROUNDUP: WHAT TO EXPECT AT BLACK HAT AND DEF CON
August 2, 2019
Intel, Sequretek, Eclypsium and Perception Point Advance Threat Detection Solutions
July 31, 2019
Firmware Vulnerabilities Show Supply Chain Risks
July 22, 2019
Vulnerable firmware in enterprise server supply chain
July 17, 2019
BMC firmware weaknesses put popular servers at risk
July 17, 2019
BMC Firmware Vulnerabilities Affect Lenovo, Gigabyte Servers
July 17, 2019
If malware wants to bury deep inside your Lenovo or Gigabyte servers, they can just ask Vertiv’s insecure BMC firmware
July 17, 2019
Firmware Bugs Plague Server Supply Chain, 7 Vendors Impacted
July 17, 2019
Gigabyte and Lenovo servers impacted by common BMC firmware flaws
July 17, 2019
This firmware flaw was bad enough, but then researchers looked at the supply chain
July 17, 2019
Security Flaws Found in Intel Software, Data Center SSDs
July 11, 2019
The importance of hardening firmware security
July 11, 2019
Windows 10 security: Bad bug in our CPU diagnostics app, so patch now, says Intel
July 10, 2019
Intel Patches High-Severity Flaw in Processor Diagnostic Tool
July 9, 2019
Why locking down ‘firmware’ has now become the next big cybersecurity challenge
June 10, 2019
Jolted by Meltdown and Spectre, Intel aims to accelerate patching process
May 3, 2019
How do I stop old USB drives from infecting my new Windows PC?
April 18, 2019
Business Briefs: Ubiquity Ventures Announces Its First Portfolio Companies
April 6, 2019
How Portland-area startups captured attention from 3 heavy-hitting investors
April 5, 2019
Eclypsium Platform 1.0 now available
March 5, 2019
Bare-Metal Cloud Firmware Security Fail Isn’t Limited to IBM – by Far
March 5, 2019
Bare-Metal Cloud Firmware Security Fail Isn’t Limited to IBM – by Far
March 5, 2019
How one Beaverton security company is fighting to protect firmware
March 4, 2019
Intel and Partner Ecosystem Offer New Silicon-Enabled Security Solutions
March 1, 2019
Hottest new cybersecurity products at RSA 2019
February 28, 2019
Supermicro hardware weaknesses let researchers backdoor an IBM cloud server
February 27, 2019
Security team discussed weakness in bare-metal services
February 27, 2019
Bare-metal cloud servers vulnerable to Cloudborne flaw
February 26, 2019
Morning Cybersecurity
February 26, 2019
After IBM SoftLayer fails to scrub bare-metal box firmware of any lurking spies, alarm raised over cloud server security
February 26, 2019
Supermicro hardware weaknesses let researchers backdoor an IBM cloud server
February 26, 2019
Hackers Can Slip Invisible Malware into ‘Bare Metal’ Cloud Computers
February 26, 2019
‘Cloudborne’: Bare-Metal Cloud Servers Vulnerable to Attack
February 26, 2019
‘Cloudborne’ IaaS Attack Allows Persistent Backdoors in the Cloud
February 26, 2019
Hackers Can Plant Backdoors on Bare Metal Cloud Servers: Researchers
February 26, 2019
Hackers Backdoor Cloud Servers to Attack Future Customers
February 26, 2019
Security automation on display in 2019 RSAC Innovation Sandbox
February 22, 2019
Innovation and Emerging Technology at the 2019 RSA Conference
February 20, 2019
Eclypsium demonstrates the remote bricking of a server
December 20, 2018
Watch researchers remotely brick a server by corrupting its BMC and UEFI firmware
December 19, 2018
How to Remotely Brick a Server
December 19, 2018
Fed IT security falls short
December 19, 2018
Servers Can Be Bricked Remotely via BMC Attack
December 19, 2018
How BMC and UEFI can be exploited to brick servers and take down your data center
December 19, 2018
Eclypsium raises $8.75M Series A round led by Madrona Venture Group to tackle hardware security
December 4, 2018
If Supermicro boards were so bug-ridden, why would hackers ever need implants?
October 11, 2018
Supermicro servers fixed after insecure firmware updating discovered
September 10, 2018
Supermicro wraps crypto-blanket around server firmware to hide it from malware injectors
September 7, 2018
Vulnerabilities found in the remote management interface of Supermicro servers
September 6, 2018
Intel Xeon workhorses boot evil maids out of the hotel: USB-based spying thwarted by fix
July 25, 2018
Evil Maid Attack Takes Your PC To The Cleaners With Sub-4 Minute Backdoor Firmware Install
July 24, 2018
Watch a Hacker Install a Firmware Backdoor on a Laptop in Less Than 5 Minutes
July 23, 2018
What got breached this week? Ticket portals, DNA sites, and Atlanta’s police cameras
June 9, 2018
Supermicro is the latest hardware vendor with a security issue
June 9, 2018
Firmware Vulnerabilities Disclosed in Supermicro Server Products
June 7, 2018
Spectre chip security vulnerability strikes again; patches incoming
May 22, 2018
Experts warn new ‘Superspectre’ bug uses the chip flaw to gain access to ‘all the secrets’ stored on a machine
May 22, 2018
Ex-Intel security expert: This new Spectre attack can even reveal firmware secrets
May 18, 2018
New Spectre Attack Recovers Data From a CPU’s Protected SMM Mode
May 18, 2018
Millions of Computers Are at Risk of Hacks That Crack Into Their Core
May 17, 2018
Intel Capital boosts startup investment, including Portland cybersecurity company
October 19, 2017
Former Intel security researchers launch firmware-targeted startup, land $2M
October 4, 2017

Press Releases

Eclypsium Named a Cool Vendor in the May 2020 Gartner Cool Vendors in Security Operations and Threat Intelligence Report

Portland, OR – May 11, 2020 – Eclypsium, an innovator in enterprise device security, has been recognized as one of four vendors in Gartner’s recent report Cool Vendors in Security Operations and Threat Intelligence. In the report, Gartner notes that “Security and risk management leaders responsible for security operations should evaluate creative approaches to improve […]

Eclypsium Named to Fast Company’s Annual List of the World’s Most Innovative Companies for 2020

Enterprise firmware security leader also receives Info Security PG’s Global Excellence Award and multiple Cybersecurity Excellence Awards

Eclypsium Named to Coveted CNBC Upstart 100 List

Enterprise Firmware Security Leader Recognized as One of The Most Promising Startups to Watch

Eclypsium Collaborates with Intel to Reduce Firmware Attack Surface

Eclypsium Platform Now Generally Available; Joint Demos Available at RSA Conference

Eclypsium Selected as Finalist for 2019 RSA Conference Innovation Sandbox Contest

Eclypsium recognized for pioneering security that defends the firmware layer of the enterprise from vulnerabilities and threats

Firmware Security Leader Eclypsium Raises $8.75M Series A

Madrona Venture Group, Andreessen Horowitz and Intel Capital Invest in Eclypsium’s Oversubscribed Series A Round.

News Blog

Feature Image
Using Run-Time Hardware Telemetry to Detect Firmwa …
Announcing General Availability of Eclypsium Platf …
Series A Funding and Eclypsium’s Next Chapter
UEFI Attacks in the Wild
Infrastructure Attacks Take Center Stage
Eclypsium at Black Hat USA
Introducing Eclypsium

Media Contact

ZAG Communications for Eclypsium
Kari Walker
kari@zagcommunications.com
+1 (703) 928-9996