Eclypsium, Inc.

With a growing number of threats to the digital supply chain, it’s time for security and procurement teams to work together to manage IT product risk. Eclypsium's Tyson Supasatit and Wes Dobry delve into new strategies for risk assessment — from leveraging supply chain intelligence, to incorporating technical product breakdowns, to collaboration techniques — in this pre-recorded webinar. https://hubs.ly/Q02M8fyF0

Learn how to scan Linux systems for firmware-related vulnerabilities from Richard Hughes, lead for the LVFS project, in this 1-minute clip: https://hubs.ly/Q02M8dZq0 Richard appeared on episode 8 of our Below the Surface podcast — full episode here: https://hubs.ly/Q02M8fyt0 #Linux #LVFSproject #BelowtheSurface #podcast

As the cybersecurity landscape continues to evolve, it’s crucial to stay informed and proactive in defending against emerging threats. Our Summer 2024 Below the Surface Threat Report aims to provide you with valuable insights and strategies to enhance your organization’s security posture. The new report highlights some of the recent trends in the threat landscape: 🔒 Attacks against VPN and firewall appliances 🔒 Evolving IoT threats 🔒 Neat hardware hacking 🔒 New attacks against Windows drivers 🔒 Securing the digital supply chain 🚨Get our quarterly threat reports sent directly to your inbox!🚨 Subscribe to Below the Surface now: https://hubs.ly/Q02M8fSZ0 #BelowtheSurface #SupplyChainSecurity #cybersecurity

When so many network appliances are built on Linux OSs, strong & robust firmware security is a must. In our live #webinar with Eclypsium Security Researcher Vladislav Babkin, we give an overview of the network device supply chain & take a deep dive into the latest version of F5 BIG-IP platform, BIG-IP Next. https://hubs.ly/Q02LQRKz0

With OEMs relying on an ever-changing network of component suppliers and downstream sub-suppliers, #cybersecurity risk begins well before a new device ever reaches your hands. Protect your #digitalsupplychain with Eclypsium. We give enterprises the tools to verify the integrity of devices, empowering organizations with detailed insight to hold suppliers accountable. We’d love to show you how ▶️ https://hubs.ly/Q02LG2rP0 #supplychainsecurity

Below-the-surface threats continue to grow. It’s time to start paying attention to the supply chain for your IT infrastructure. Our newly-released Eclypsium Automata automated binary analysis system replicates the knowledge and tooling used by our own expert human security research team to provide a much-needed added layer of defense for organizations. This blog post, by Alex Bazhaniuk and Daniel Gutson, describes the reasons why Automata fills a crucial gap in defenses and how it works to detect previously unknown threats and zero-day vulnerabilities. Read about it now! https://hubs.ly/Q02LBNc70 #supplychainsecurity

In the current era where many network appliances are built on Linux operating systems, strong and robust firmware security is a must. In his #BlackHat2024 talk, Eclypsium Security Researcher Vladislav Babkin gave an overview of the network device supply chain and showed the latest version of F5 BIG-IP platform, BIG-IP Next. If you missed the live session or are just looking for a recap, view the presentation here: https://hubs.ly/Q02Lc2Bv0

Our latest blog post aims to enable penetration testers (internal or external), as well as Red team operators, to discover and exploit weaknesses in IoT and/or network devices. Read it here. https://hubs.ly/Q02Lc1pP0 #cybersecurity #pentesting #IoTsecurity #networksecurity

Navigating the complex landscape of software supply chain compliance is more critical than ever for #supplychainsecurity. But with evolving legislative mandates and stringent requirements, staying compliant can seem daunting. Thursday's webinar is designed to help you cut through the red-tape, providing valuable insights into key legislative requirements and standards to ensure your organization is well-prepared to meet challenges head-on. Speakers include: 🎙️ Paul Asadoorian, Principal Security Evangelist, Eclypsium 🎙️ Andrew Dorminey, GRC Specialist Solutions Engineer, OneTrust 🎙️ Charlie Jones, Director, Product Management, ReversingLabs 🎙️ Brian Fox, CTO, Sonatype Register now: https://hubs.ly/Q02L6Mjn0

According to the AMD advisory, 'Sinkclose' is a vulnerability that enables an elevation of privilege from an OS kernel to System Management Mode, a protected execution area reserved for firmware. Eclypsium has published numerous such issues in the past. Normally, #SMM would be used to perform firmware/hardware events at runtime, such as power management, bug fixes, and manufacturer-specific features. However, SMM is designed to be invisible to hypervisors, OS, apps, and pretty much everything else. Issues that enable attacks from SMM are a kind of holy grail for attackers. They allow control over anything, but leave no trace for cybersecurity tools to detect or stop. This includes every OS-based access control mechanism, as well as persistence mechanisms in a myriad of hidden firmware storage locations. While the statements that operating system access is required to implement a #Sinkclose attack are technically accurate, readers should not dismiss this attack. Common techniques, like bring-your-own-vulnerable-driver (#BYOVD) and living-off-the-land, leverage inherent difficulty in the industry to continually undermine the expected protections that sit between a piece of malware and this higher-level operating system privilege. As a result, attackers are clearly aware of nearly universal mechanisms that often move their level of privilege from any software down to the OS kernel. The Sinkclose technique provides the same thing that brings attackers down to the firmware level (below the OS). An important consideration is the end-user impact of the mitigations released. The firmware and microcode updates required to fix the issue need to be distributed from AMD to manufacturers, and all the manufacturers need to release model-specific updates. This takes time and is prone to oversight. Moreover, even when all these updates are released, end users almost never get automatic updates for firmware and microcode. As a result, attackers are almost guaranteed to find vulnerable machines for many years to come. This is exactly the sort of issue that Eclypsium exists to protect against. The industry desperately needs visibility into these black-box areas of our trusted systems. Every other security mechanism is dependent on things like SMM already being secure. Eclypsium was created to directly inspect and monitor systems for issues like Sinkclose. Right now, it is the only option to handle malware that uses techniques like Sinkclose.