News | Enterprise Device Security

Featured Coverage

July 29, 2020

‘BootHole’ Secure Boot Threat Found In Most Every Linux Distro, Windows 8 And 10

Security researchers at Eclypsium discovered a vulnerability that affects the bootloader used by ‘virtually every’ Linux system, and almost every Windows device using Secure Boot with Microsoft’s standard Unified Extensible Firmware Interface (UEFI) certificate authority.

Read article in Forbes >

March 10, 2020

These are the most innovative security companies of 2020

This year’s Most Innovative Companies in security ensure the latest data protection technologies are in place across the computing world. Eclypsium was named to the list for launching a platform to protect from firmware attacks.

Read Fast Company article >

February 18, 2020

Hundreds of Millions of PC Components Still Have Hackable Firmware

The lax security of supply chain firmware has been a known concern for years—with precious little progress being made. Eclypsium found that a slew of network cards, trackpads, Wi-Fi adapters, USB hubs, and webcams all had firmware that could be updated with “unsigned” code that lacks any cryptographic verification In other words, it could be rewritten without any security check.

Read article in Wired

November 12, 2019

100 of the world’s most promising start-ups to watch in 2019

Every year, CNBC scans the globe looking for the 100 venture-backed start-ups that have the potential to transform industries and become tomorrow’s household names. Enterprise firmware security leader Eclypsium was named to this year’s list.

Read CNBC article

Podcasts and Videos

Vulnerability Research or Computer Fraud & Abuse ?

September 29, 2020

Cracks in the Foundation: Understanding the New Endpoint Challenge

September 14, 2020

ESW interviews John Loucaides on #BootHoleVulnerability

August 6, 2020

Rite Aid Used Facial Recognition Cameras; BootHole Hits GRUB2

August 4, 2020

This Week in Linux 111: Linux 5.8, BootHole & GRUB2 Flaws, Firefox 79, JellyFin, Nitrux, & More

August 4, 2020

There’s a Hole in my Boot!

August 4, 2020

Is BOOTHOLE the WORST Vulnerability We’ve Ever Seen?

August 3, 2020

GNU GRUB2 Vulnerability, ‘BootHole’ Secure Boot Threat, & Garmin Ransomware Hack – PSW #660

July 31, 2020

Consumer VPNs; Tails 4.9; Browser Updates; GRUB2 Vuln; Facial Recognition and Masks

July 30, 2020

BootHole may be tough to patch.

July 30, 2020

Hidden dangers inside Windows and LINUX computers

March 28, 2020

Decipher podcast: Eclypsium’s Rick Altherr on Perilous Peripherals

February 19, 2020

Hundreds of Millions of Components Still Have Hackable Firmware

February 19, 2020

Eclypsium’s John Loucaides in an RSA pre-show interview

February 19, 2020

Eclypsium’s John Loucaides discussed the unprotected attack surface of the enterprise on Paul’s Security Weekly

February 14, 2020

Why direct-memory attacks on laptops just won’t go away

February 5, 2020

On the Metal: Eclypsium’s Rick Altherr

January 15, 2020

Attack Other People’s Refrigerators

November 21, 2019

Orrin Inside

October 11, 2019

Yuriy Bulygin – CEO and co-founder, Eclypsium

September 5, 2019

Post Vegas edition, more news than we can handle

August 14, 2019

The CyberWire Daily Podcast

July 17, 2019

Security Industry Briefings Update – Enterprise Security Weekly #136

May 8, 2019

RSAC 2019 Recap – Enterprise Security Weekly #129

March 15, 2019

Supermicro hardware weaknesses let researchers backdoor an IBM cloud server

February 28, 2019

In the News

Rare Firmware Rootkit Discovered Targeting Diplomats, NGOs

October 8, 2020

Rare case of UEFI hacking hit targets interested in North Korea, Kaspersky says

October 5, 2020

Enterprise Device Security Company Eclypsium Raises $13 Million

October 2, 2020

Oregon Tech Portland cybersecurity startup Eclypsium raises $13 million in new investment

October 1, 2020

Security firm Eclypsium raises $13M

October 1, 2020

Portland-based hardware security startup Eclypsium raises $13M

October 1, 2020

Eclypsium® Awarded Emerging Technology Company of the Year by Technology Association of Oregon

September 25, 2020

How to stop hacking… before the OS starts up

September 3, 2020

New Report: How Behavioral Analytics Help FIs Block Fraud At The ITM

August 21, 2020

BootHole Shows Need for Greater Scrutiny

August 11, 2020

NSA issues BootHole mitigation guidance

August 5, 2020

The fixes to the Linux BootHole fixes are in

August 4, 2020

NSA and CISA push guidance for BootHole fix

July 31, 2020

Boot-Loading Flaw Affects Linux, Windows Devices

July 31, 2020

THIS WEEK IN SECURITY: TWILIO, POGOTV, AND BOOTHOLE

July 31, 2020

Red Hat’s BootHole Patches Cause Systems to Hang

July 31, 2020

BootHole fixes causing boot problems across multiple Linux distros

July 31, 2020

NSA warns of GRUB2 BootHole vulnerability

July 31, 2020

Dealing with a Hole in Secure Boot

July 31, 2020

Eclypsium researchers find hole in Linux bootloader GRUB2

July 31, 2020

Red Hat Enterprise Linux runs into Boothole patch trouble

July 30, 2020

Microsoft Security Advisory Highlights ‘BootHole’ Vulnerability in Systems with Secure Boot

July 30, 2020

Scary ‘BootHole’ flaw puts Windows, Linux PCs at risk: What to do

July 30, 2020

Servers at risk from “BootHole” bug – what you need to know

July 30, 2020

BootHole and Seven Other Vulnerabilities Patched in GRUB2, Update Your Distros Now

July 30, 2020

Bug in widely used bootloader opens Windows, Linux devices to persistent compromise

July 30, 2020

Billions of Windows and Linux devices at risk of hijacking

July 30, 2020

Companies Respond to ‘BootHole’ Vulnerability

July 30, 2020

BootHole vulnerability puts Windows, Linux systems at risk

July 30, 2020

New ‘BootHole’ security Vulnerability revealed, puts millions of systems at risk including Linux and Windows OS

July 30, 2020

BootHole exposes billions of devices to attack

July 30, 2020

‘BootHole’ Vulnerability Puts Billions Of Windows, Linux Systems At Risk

July 30, 2020

Boothole vulnerability puts billions of Windows and Linux devices at risk

July 30, 2020

Linux distros fix new Boothole bug

July 29, 2020

Linux GRUB2 bootloader flaw breaks Secure Boot on most computers and servers

July 29, 2020

New BootHole Vulnerability Affects Billions of Devices, Compromises GRUB2 Boot-loader

July 29, 2020

Critical GRUB2 Bootloader Bug Affects Billions of Linux and Windows Systems

July 29, 2020

New BootHole Vulnerability Revealed, Impacts Billions of Devices

July 29, 2020

Billions of Devices Impacted by Secure Boot Bypass

July 29, 2020

‘Boothole’ threatens billions of Linux, Windows devices

July 29, 2020

New flaw neuters Secure Boot, but there’s no reason to panic. Here’s why

July 29, 2020

A flaw in the GRUB2 bootloader allows hackers to bypass Secure Boot on billions of systems

July 29, 2020

‘BootHole’ Vulnerability Exposes Secure Boot Devices to Attack

July 29, 2020

GRUB2, you’re getting too bug for your boots: Config file buffer overflow is a boon for malware seeking to drill deeper into a system

July 29, 2020

New bug in PC booting process could take years to fix, researchers say

July 29, 2020

“Boothole” Bootloader Flaw Breaks Security on Most Linux, Windows Devices

July 29, 2020

‘BootHole’ Flaw Allows Installation of Stealthy Malware, Affects Billions of Devices

July 29, 2020

Researchers disclose widespread bootloader vulnerability

July 29, 2020

‘BootHole’ bug puts most Linux, Windows systems in jeopardy

July 29, 2020

BootHole GRUB2 Bootloader Security Exploit Discovered, Affects Billions Of Windows And Linux Devices

July 29, 2020

BootHole GRUB bootloader bug lets hackers hide malware in Linux, Windows

July 29, 2020

Newly discovered Linux and Windows vulnerability opens the door to hackers

July 29, 2020

Serious BootHole vulnerability puts millions of systems at risk

July 29, 2020

‘BootHole’ attack impacts Windows and Linux systems using GRUB2 and Secure Boot

July 29, 2020

‘BootHole’ Secure Boot Threat Found In Most Every Linux Distro, Windows 8 And 10

July 29, 2020

New BootHole flaw in Secure Boot affects a huge number of Linux and Windows systems

July 29, 2020

Privilege escalation explained: Why these flaws are so valuable to hackers

July 7, 2020

Newly discovered vulnerabilities could allow more persistent and destructive attacks on popular models of ATM and POS devices

July 1, 2020

Faulty Drivers Fuel ATM Hacking Problem, Say Researchers

June 30, 2020

Vulnerable drivers can enable crippling attacks against ATMs and POS systems

June 30, 2020

NOT QUITE A JACKPOT, BUT STILL

June 29, 2020

Driver Vulnerabilities Facilitate Attacks on ATMs, PoS Systems

June 29, 2020

Screwed Drivers Open ATMs to Attack

June 29, 2020

Digital disruption grows attack surface

June 18, 2020

A CMMC Approach to Address Firmware Vulnerabilities and Ensure Device Integrity

June 16, 2020

Thunderbolt Flaws Expose Millions of PCs to Hands-On Hacking

May 11, 2020

Eclypsium Named a Cool Vendor in the May 2020 Gartner Cool Vendors in Security Operations and Threat Intelligence Report

May 11, 2020

Eclypsium Delivers Essential, Comprehensive Solutions for Protecting the Enterprise from Firmware Threats

May 5, 2020

The 2020 OODA Cybersecurity Watch List – Eclypsium

March 11, 2020

Securing the stack – a 2020 imperative

March 11, 2020

Intel Security Gap Hard to Exploit Without Physical Data Center Access

March 11, 2020

Eclypsium Named to Fast Company’s Annual List of the World’s Most Innovative Companies for 2020

March 10, 2020

Unfixable flaw in nearly all Intel chips released in the last five years could allow cyber criminals to hijack computers and wreak ‘utter chaos’

March 6, 2020

5 years of Intel CPUs and chipsets have a concerning flaw that’s unfixable

March 5, 2020

Rootkit in the Cloud: Hacker Group Breaches AWS Servers

March 4, 2020

Hundreds of Millions of PC Components Still Have Hackable Firmware

February 20, 2020

Perilous peripherals: Fake firmware warning after 5 years of inaction

February 20, 2020

Eclypsium security report shows unsigned firmware as ongoing headache

February 20, 2020

Unsigned Firmware Puts Windows, Linux Peripherals at Risk

February 20, 2020

Hackable firmware lurks inside Dell, HP and Lenovo computers amid supply chain security efforts

February 19, 2020

Lack of firmware validation for computer peripherals enables highly persistent attacks

February 19, 2020

Failure to sign firmware updates put Windows and Linux devices at risk

February 19, 2020

New research from cybersecurity firm Eclypsium finds that unsigned firmware is a major security problem

February 19, 2020

What does a Lenovo touch pad, an HP camera and Dell Wi-Fi have in common? They’ll swallow any old firmware, legit or saddled with malware

February 19, 2020

Modern Laptops and Network Cards Still Using Unsigned Firmware

February 18, 2020

Millions Of Windows And Linux Systems Are Vulnerable To This ‘Hidden’ Cyber Attack

February 18, 2020

Lack of firmware validation for computer peripherals enables highly persistent attacks

February 18, 2020

Don’t Trust, Just Verify

February 18, 2020

Windows, Linux Devices at Risk Due to Unsigned Peripheral Firmware

February 18, 2020

Lack of firmware validation for computer peripherals enables highly persistent attacks

February 18, 2020

Lenovo, HP, Dell Peripherals Face Unpatched Firmware Bugs

February 18, 2020

Five years after the Equation Group HDD hacks, firmware security still sucks

February 18, 2020

Peripherals With Unsigned Firmware Expose Windows, Linux Computers to Attacks

February 18, 2020

Firmware Weaknesses Can Turn Computer Subsystems into Trojans

February 18, 2020

Eclypsium Researchers Explore Perils of Insecure Peripheral Firmware in New Study

February 18, 2020

Unsigned firmware a bonanza for hackers

February 18, 2020

‘Millions’ of Dell, HP, and Lenovo PCs sitting ducks for firmware attacks

February 18, 2020

Is your firmware vulnerable to attack? A report says it might be

February 18, 2020

Daily Briefing – Eclypsium Report

February 18, 2020

Peripherals In Dell, HP, Lenovo PCs Leave Millions Vulnerable To Attack, Research Finds

February 18, 2020

‘Millions’ of Windows, Linux system open to attack due to risky firmware

February 18, 2020

Eclypsium Researchers Demonstrate Direct Memory Attacks

January 31, 2020

Enterprise Hardware Still Vulnerable to Memory Lane Attacks

January 30, 2020

Why direct-memory attacks on laptops just won’t go away

January 30, 2020

Devices Still Vulnerable to DMA Attacks Despite Protections

January 30, 2020

Enterprises ill-prepared for memory lane attacks despite defences

January 30, 2020

Dell, HP Memory-Access Bugs Open Attacker Path to Kernel Privileges

January 30, 2020

Total Eclypsium of the Laptop

January 30, 2020

Enterprise laptops vulnerable to critical direct memory access attack

January 30, 2020

Dell, HP security flaws leave laptops open to dangerous attacks

January 30, 2020

Firmware Vulnerabilities Creating an Expanded Attack Surface

December 5, 2019

Fight back against firmware attacks

December 4, 2019

Flood of New Advisories Expose Massive Gaps in Firmware Security

November 19, 2019

Intel Driver Vulnerability Can Give Attackers Deep Access to a Device

November 13, 2019

Intel Has Fixed Vulnerability That Allows for ‘Near-Omnipotent Control’ of Device

November 13, 2019

Researchers Describe Significant Flaw in Intel’s PMx Driver

November 13, 2019

Intel releases security updates to fix critical vulnerabilities in PMx driver

November 13, 2019

Intel releases updates to plug TPM-FAIL flaws, foil ZombieLoad v2 attacks

November 13, 2019

Researchers Describe Significant Flaw in Intel’s PMx Driver

November 13, 2019

Don’t miss this patch: Bad Intel drivers give hackers a backdoor to the Windows kernel

November 12, 2019

Researchers Disclose New Vulnerabilities in Windows Drivers

November 12, 2019

Intel Warns of Critical Info-Disclosure Bug in Security Engine

November 12, 2019

Flaw in Intel PMx driver gives ‘near-omnipotent control over a victim device’

November 12, 2019

The scariest hacks and vulnerabilities of 2019

October 28, 2019

How FISMA Requirements Relate to Firmware Security

October 3, 2019

Exploit found in Supermicro motherboards could allow for remote hijacking

September 5, 2019

Supermicro fixes BMC software flaws that expose servers to virtual USB attacks

September 5, 2019

Supermicro: New Critical Security Flaw Lets Hackers Take Over Corporate Servers, Exfiltrate Data

September 4, 2019

Over 47K Supermicro servers’ BMCs are prone to USBAnywhere, a remote virtual media vulnerability

September 4, 2019

At least 47,000 servers vulnerable to remote attack

September 3, 2019

Insecure virtual USB feature in Supermicro BMCs exposes servers to attack

September 3, 2019

BMC vulnerabilities in Supermicro servers allow remote takeover, data exfiltration attacks

September 3, 2019

USBAnywhere Bugs in Supermicro Servers Allow Remote USB Access

September 3, 2019

Enjoy the holiday weekend, America? Well-rested? Good. Supermicro server boards can be remotely hijacked

September 3, 2019

Supermicro Bug Could Let “Virtual USBs” Take Over Corporate Servers

September 3, 2019

Over 47K Supermicro Corporate Servers Vulnerable to Attack

September 3, 2019

Supermicro Vulnerability Gives “Virtually Omnipotent Control over a Server and its Contents”

September 3, 2019

Researchers found several flaws, such as weak encryption, in a popular series of servers.

September 3, 2019

Supermicro BMCs were susceptible to remote attacks, according to firmware security startup

September 3, 2019

USBAnywhere: BMC Flaws Expose Supermicro Servers to Remote Attacks

September 3, 2019

BMC Vulnerabilities Expose Supermicro Servers to Remote USB-Attacks

September 3, 2019

Researchers discover 40+ insecure drivers for Windows

August 13, 2019

What do Windows 10 and Uber or Lyft have in common? One bad driver can really ruin your day. And 40 can totally ruin your month

August 12, 2019

Screwed Drivers’ Report Finds Intel, AMD and Nvidia Vulnerabilities (Among Others)

August 11, 2019

Critical Windows 10 Warning: Millions Of Users At Risk

August 11, 2019

Researchers Find Over 40 Windows Security Flaws In Drivers From AMD, NVIDIA, Intel And Others

August 11, 2019

Vulnerabilities in Device Drivers From 20 Vendors Expose PCs to Persistent Malware

August 11, 2019

Windows 10 Security Alert: Vulnerabilities Found in Over 40 Drivers

August 10, 2019

Drivers from Over 40 Manufacturers Including Intel, NVIDIA, AMD Vulnerable to Privilege Escalation Malware Attacks

August 10, 2019

Driver Disaster: Over 40 Signed Drivers Can’t Pass Security Muster

August 10, 2019

Researchers find security flaws in 40 kernel drivers from 20 vendors

August 10, 2019

CYBER NEWS ROUNDUP: WHAT TO EXPECT AT BLACK HAT AND DEF CON

August 2, 2019

Intel, Sequretek, Eclypsium and Perception Point Advance Threat Detection Solutions

July 31, 2019

Firmware Vulnerabilities Show Supply Chain Risks

July 22, 2019

Vulnerable firmware in enterprise server supply chain

July 17, 2019

BMC firmware weaknesses put popular servers at risk

July 17, 2019

BMC Firmware Vulnerabilities Affect Lenovo, Gigabyte Servers

July 17, 2019

If malware wants to bury deep inside your Lenovo or Gigabyte servers, they can just ask Vertiv’s insecure BMC firmware

July 17, 2019

Firmware Bugs Plague Server Supply Chain, 7 Vendors Impacted

July 17, 2019

Gigabyte and Lenovo servers impacted by common BMC firmware flaws

July 17, 2019

This firmware flaw was bad enough, but then researchers looked at the supply chain

July 17, 2019

Security Flaws Found in Intel Software, Data Center SSDs

July 11, 2019

The importance of hardening firmware security

July 11, 2019

Windows 10 security: Bad bug in our CPU diagnostics app, so patch now, says Intel

July 10, 2019

Intel Patches High-Severity Flaw in Processor Diagnostic Tool

July 9, 2019

Why locking down ‘firmware’ has now become the next big cybersecurity challenge

June 10, 2019

Jolted by Meltdown and Spectre, Intel aims to accelerate patching process

May 3, 2019

How do I stop old USB drives from infecting my new Windows PC?

April 18, 2019

Business Briefs: Ubiquity Ventures Announces Its First Portfolio Companies

April 6, 2019

How Portland-area startups captured attention from 3 heavy-hitting investors

April 5, 2019

Eclypsium Platform 1.0 now available

March 5, 2019

Bare-Metal Cloud Firmware Security Fail Isn’t Limited to IBM – by Far

March 5, 2019

Bare-Metal Cloud Firmware Security Fail Isn’t Limited to IBM – by Far

March 5, 2019

How one Beaverton security company is fighting to protect firmware

March 4, 2019

Intel and Partner Ecosystem Offer New Silicon-Enabled Security Solutions

March 1, 2019

Hottest new cybersecurity products at RSA 2019

February 28, 2019

Supermicro hardware weaknesses let researchers backdoor an IBM cloud server

February 27, 2019

Security team discussed weakness in bare-metal services

February 27, 2019

Bare-metal cloud servers vulnerable to Cloudborne flaw

February 26, 2019

Morning Cybersecurity

February 26, 2019

After IBM SoftLayer fails to scrub bare-metal box firmware of any lurking spies, alarm raised over cloud server security

February 26, 2019

Supermicro hardware weaknesses let researchers backdoor an IBM cloud server

February 26, 2019

Hackers Can Slip Invisible Malware into ‘Bare Metal’ Cloud Computers

February 26, 2019

‘Cloudborne’: Bare-Metal Cloud Servers Vulnerable to Attack

February 26, 2019

‘Cloudborne’ IaaS Attack Allows Persistent Backdoors in the Cloud

February 26, 2019

Hackers Can Plant Backdoors on Bare Metal Cloud Servers: Researchers

February 26, 2019

Hackers Backdoor Cloud Servers to Attack Future Customers

February 26, 2019

Security automation on display in 2019 RSAC Innovation Sandbox

February 22, 2019

Innovation and Emerging Technology at the 2019 RSA Conference

February 20, 2019

Eclypsium demonstrates the remote bricking of a server

December 20, 2018

Watch researchers remotely brick a server by corrupting its BMC and UEFI firmware

December 19, 2018

How to Remotely Brick a Server

December 19, 2018

Fed IT security falls short

December 19, 2018

Servers Can Be Bricked Remotely via BMC Attack

December 19, 2018

How BMC and UEFI can be exploited to brick servers and take down your data center

December 19, 2018

Eclypsium raises $8.75M Series A round led by Madrona Venture Group to tackle hardware security

December 4, 2018

If Supermicro boards were so bug-ridden, why would hackers ever need implants?

October 11, 2018

Supermicro servers fixed after insecure firmware updating discovered

September 10, 2018

Supermicro wraps crypto-blanket around server firmware to hide it from malware injectors

September 7, 2018

Vulnerabilities found in the remote management interface of Supermicro servers

September 6, 2018

Intel Xeon workhorses boot evil maids out of the hotel: USB-based spying thwarted by fix

July 25, 2018

Evil Maid Attack Takes Your PC To The Cleaners With Sub-4 Minute Backdoor Firmware Install

July 24, 2018

Watch a Hacker Install a Firmware Backdoor on a Laptop in Less Than 5 Minutes

July 23, 2018

What got breached this week? Ticket portals, DNA sites, and Atlanta’s police cameras

June 9, 2018

Supermicro is the latest hardware vendor with a security issue

June 9, 2018

Firmware Vulnerabilities Disclosed in Supermicro Server Products

June 7, 2018

Spectre chip security vulnerability strikes again; patches incoming

May 22, 2018

Experts warn new ‘Superspectre’ bug uses the chip flaw to gain access to ‘all the secrets’ stored on a machine

May 22, 2018

Ex-Intel security expert: This new Spectre attack can even reveal firmware secrets

May 18, 2018

New Spectre Attack Recovers Data From a CPU’s Protected SMM Mode

May 18, 2018

Millions of Computers Are at Risk of Hacks That Crack Into Their Core

May 17, 2018

Intel Capital boosts startup investment, including Portland cybersecurity company

October 19, 2017

Former Intel security researchers launch firmware-targeted startup, land $2M

October 4, 2017

Press Releases

Eclypsium Announces $13M Funding Round

Financing Accelerates Company Growth to Address Massive Device Security Gap

Eclypsium® Awarded Emerging Technology Company of the Year by Technology Association of Oregon

Eclypsium has been recognized as the Emerging Technology Company of the Year by the Technology Association or Oregon.

Eclypsium Named 2021 TAG Cyber Distinguished Vendor

Eclypsium today announced its selection by TAG Cyber as a Distinguished Vendor in the 2021 Security Annual.

Eclypsium Named a Cool Vendor in the May 2020 Gartner Cool Vendors in Security Operations and Threat Intelligence Report

Eclypsium, an innovator in enterprise device security, has been recognized as one of four vendors in Gartner’s recent report Cool Vendors in Security Operations and Threat Intelligence.

Eclypsium Named to Fast Company’s Annual List of the World’s Most Innovative Companies for 2020

Enterprise firmware security leader also receives Info Security PG’s Global Excellence Award and multiple Cybersecurity Excellence Awards

Eclypsium Named to Coveted CNBC Upstart 100 List

Enterprise Firmware Security Leader Recognized as One of The Most Promising Startups to Watch