News Room


Eclypsium’s industry-leading firmware threat research has been featured in publications including Wired, Bloomberg, Dark Reading, Threatpost, Politico and Ars Technica.

Featured Coverage

September 3, 2019
Insecure virtual USB feature in Supermicro BMCs exposes servers to attack

Security researchers have found a way to attach virtual USB devices remotely to Supermicro servers, including over the internet, by abusing a feature in their baseband management controller software.

Read CSO Online article

August 11, 2019
Critical Windows 10 Warning: Millions Of Users At Risk

Eclypsium researchers found a common design flaw within the hardware device drivers from multiple vendors. In total, the number of hardware vendors affected runs to 20 and includes every major BIOS vendor. The nature of the vulnerability has the potential for the widespread compromise of Windows 10 machines.

Read Forbes article

July 17, 2019
Gigabyte and Lenovo servers impacted by common BMC firmware flaws

Security researchers from Eclypsium published details about two vulnerabilities that can be used to establish extremely persistent backdoors that can survive even OS reinstalls. Two different bugs, EOLs, and a complex supply chain make patching a nightmare.

Read ZDNet article

Podcasts

Yuriy Bulygin – CEO and co-founder, Eclypsium
September 5, 2019
Post Vegas edition, more news than we can handle
August 14, 2019
The CyberWire Daily Podcast
July 17, 2019
Security Industry Briefings Update – Enterprise Security Weekly #136
May 8, 2019
RSAC 2019 Recap – Enterprise Security Weekly #129
March 15, 2019

In the News

Exploit found in Supermicro motherboards could allow for remote hijacking
September 5, 2019
Supermicro fixes BMC software flaws that expose servers to virtual USB attacks
September 5, 2019
Supermicro: New Critical Security Flaw Lets Hackers Take Over Corporate Servers, Exfiltrate Data
September 4, 2019
Over 47K Supermicro servers’ BMCs are prone to USBAnywhere, a remote virtual media vulnerability
September 4, 2019
At least 47,000 servers vulnerable to remote attack
September 3, 2019
BMC vulnerabilities in Supermicro servers allow remote takeover, data exfiltration attacks
September 3, 2019
USBAnywhere Bugs in Supermicro Servers Allow Remote USB Access
September 3, 2019
Enjoy the holiday weekend, America? Well-rested? Good. Supermicro server boards can be remotely hijacked
September 3, 2019
Supermicro Bug Could Let “Virtual USBs” Take Over Corporate Servers
September 3, 2019
Over 47K Supermicro Corporate Servers Vulnerable to Attack
September 3, 2019
Supermicro Vulnerability Gives “Virtually Omnipotent Control over a Server and its Contents”
September 3, 2019
Researchers found several flaws, such as weak encryption, in a popular series of servers.
September 3, 2019
Supermicro BMCs were susceptible to remote attacks, according to firmware security startup
September 3, 2019
USBAnywhere: BMC Flaws Expose Supermicro Servers to Remote Attacks
September 3, 2019
BMC Vulnerabilities Expose Supermicro Servers to Remote USB-Attacks
September 3, 2019
Researchers discover 40+ insecure drivers for Windows
August 13, 2019
What do Windows 10 and Uber or Lyft have in common? One bad driver can really ruin your day. And 40 can totally ruin your month
August 12, 2019
Screwed Drivers’ Report Finds Intel, AMD and Nvidia Vulnerabilities (Among Others)
August 11, 2019
Researchers Find Over 40 Windows Security Flaws In Drivers From AMD, NVIDIA, Intel And Others
August 11, 2019
Vulnerabilities in Device Drivers From 20 Vendors Expose PCs to Persistent Malware
August 11, 2019
Windows 10 Security Alert: Vulnerabilities Found in Over 40 Drivers
August 10, 2019
Drivers from Over 40 Manufacturers Including Intel, NVIDIA, AMD Vulnerable to Privilege Escalation Malware Attacks
August 10, 2019
Driver Disaster: Over 40 Signed Drivers Can’t Pass Security Muster
August 10, 2019
Researchers find security flaws in 40 kernel drivers from 20 vendors
August 10, 2019
CYBER NEWS ROUNDUP: WHAT TO EXPECT AT BLACK HAT AND DEF CON
August 2, 2019
Intel, Sequretek, Eclypsium and Perception Point Advance Threat Detection Solutions
July 31, 2019
Firmware Vulnerabilities Show Supply Chain Risks
July 22, 2019
Vulnerable firmware in enterprise server supply chain
July 17, 2019
BMC firmware weaknesses put popular servers at risk
July 17, 2019
BMC Firmware Vulnerabilities Affect Lenovo, Gigabyte Servers
July 17, 2019
If malware wants to bury deep inside your Lenovo or Gigabyte servers, they can just ask Vertiv’s insecure BMC firmware
July 17, 2019
Firmware Bugs Plague Server Supply Chain, 7 Vendors Impacted
July 17, 2019
This firmware flaw was bad enough, but then researchers looked at the supply chain
July 17, 2019
Security Flaws Found in Intel Software, Data Center SSDs
July 11, 2019
The importance of hardening firmware security
July 11, 2019
Windows 10 security: Bad bug in our CPU diagnostics app, so patch now, says Intel
July 10, 2019
Intel Patches High-Severity Flaw in Processor Diagnostic Tool
July 9, 2019
Why locking down ‘firmware’ has now become the next big cybersecurity challenge
June 10, 2019
Jolted by Meltdown and Spectre, Intel aims to accelerate patching process
May 3, 2019
How do I stop old USB drives from infecting my new Windows PC?
April 18, 2019
Business Briefs: Ubiquity Ventures Announces Its First Portfolio Companies
April 6, 2019
How Portland-area startups captured attention from 3 heavy-hitting investors
April 5, 2019
Eclypsium Platform 1.0 now available
March 5, 2019
Bare-Metal Cloud Firmware Security Fail Isn’t Limited to IBM – by Far
March 5, 2019
Bare-Metal Cloud Firmware Security Fail Isn’t Limited to IBM – by Far
March 5, 2019
How one Beaverton security company is fighting to protect firmware
March 4, 2019
Intel and Partner Ecosystem Offer New Silicon-Enabled Security Solutions
March 1, 2019
Hottest new cybersecurity products at RSA 2019
February 28, 2019
Supermicro hardware weaknesses let researchers backdoor an IBM cloud server
February 27, 2019
Security team discussed weakness in bare-metal services
February 27, 2019
Morning Cybersecurity
February 26, 2019
After IBM SoftLayer fails to scrub bare-metal box firmware of any lurking spies, alarm raised over cloud server security
February 26, 2019
Supermicro hardware weaknesses let researchers backdoor an IBM cloud server
February 26, 2019
Hackers Can Slip Invisible Malware into ‘Bare Metal’ Cloud Computers
February 26, 2019
‘Cloudborne’: Bare-Metal Cloud Servers Vulnerable to Attack
February 26, 2019
‘Cloudborne’ IaaS Attack Allows Persistent Backdoors in the Cloud
February 26, 2019
Hackers Can Plant Backdoors on Bare Metal Cloud Servers: Researchers
February 26, 2019
Hackers Backdoor Cloud Servers to Attack Future Customers
February 26, 2019
Security automation on display in 2019 RSAC Innovation Sandbox
February 22, 2019
Innovation and Emerging Technology at the 2019 RSA Conference
February 20, 2019
Eclypsium demonstrates the remote bricking of a server
December 20, 2018
Watch researchers remotely brick a server by corrupting its BMC and UEFI firmware
December 19, 2018
How to Remotely Brick a Server
December 19, 2018
Fed IT security falls short
December 19, 2018
Servers Can Be Bricked Remotely via BMC Attack
December 19, 2018
How BMC and UEFI can be exploited to brick servers and take down your data center
December 19, 2018
Eclypsium raises $8.75M Series A round led by Madrona Venture Group to tackle hardware security
December 4, 2018
If Supermicro boards were so bug-ridden, why would hackers ever need implants?
October 11, 2018
Supermicro servers fixed after insecure firmware updating discovered
September 10, 2018
Supermicro wraps crypto-blanket around server firmware to hide it from malware injectors
September 7, 2018
Vulnerabilities found in the remote management interface of Supermicro servers
September 6, 2018
Intel Xeon workhorses boot evil maids out of the hotel: USB-based spying thwarted by fix
July 25, 2018
Evil Maid Attack Takes Your PC To The Cleaners With Sub-4 Minute Backdoor Firmware Install
July 24, 2018
Watch a Hacker Install a Firmware Backdoor on a Laptop in Less Than 5 Minutes
July 23, 2018
What got breached this week? Ticket portals, DNA sites, and Atlanta’s police cameras
June 9, 2018
Supermicro is the latest hardware vendor with a security issue
June 9, 2018
Firmware Vulnerabilities Disclosed in Supermicro Server Products
June 7, 2018
Spectre chip security vulnerability strikes again; patches incoming
May 22, 2018
Experts warn new ‘Superspectre’ bug uses the chip flaw to gain access to ‘all the secrets’ stored on a machine
May 22, 2018
Ex-Intel security expert: This new Spectre attack can even reveal firmware secrets
May 18, 2018
New Spectre Attack Recovers Data From a CPU’s Protected SMM Mode
May 18, 2018
Millions of Computers Are at Risk of Hacks That Crack Into Their Core
May 17, 2018
Intel Capital boosts startup investment, including Portland cybersecurity company
October 19, 2017
Former Intel security researchers launch firmware-targeted startup, land $2M
October 4, 2017

Press Releases

Eclypsium Collaborates with Intel to Reduce Firmware Attack Surface

Eclypsium Platform Now Generally Available; Joint Demos Available at RSA Conference

Eclypsium Selected as Finalist for 2019 RSA Conference Innovation Sandbox Contest

Eclypsium recognized for pioneering security that defends the firmware layer of the enterprise from vulnerabilities and threats

Firmware Security Leader Eclypsium Raises $8.75M Series A

Madrona Venture Group, Andreessen Horowitz and Intel Capital Invest in Eclypsium’s Oversubscribed Series A Round.

News Blog

Feature Image
Using Run-Time Hardware Telemetry to Detect Firmwa …
Announcing General Availability of Eclypsium Platf …
Series A Funding and Eclypsium’s Next Chapter
UEFI Attacks in the Wild
Infrastructure Attacks Take Center Stage
Eclypsium at Black Hat USA
Introducing Eclypsium

Media Contact

ZAG Communications for Eclypsium
Kari Walker
kari@zagcommunications.com
+1 (703) 928-9996