Cisco IOS XE Zero-Day: Network Supply Chain Vulnerabilities Underscore Lack of Threat Detection
40,000 devices compromised and counting: That’s what we’re facing with the zero-day vulnerability in Cisco’s IOS XE software used in its routers, switches, and access points, both physical and virtual. This is still a developing story, but here are the important points: What to know Key takeaways Eclypsium customers can ... Read More
BTS #15 – Reverse Engineering BMCs and Other Firmware – Vladyslav Babkin
Show Notes The post BTS #15 - Reverse Engineering BMCs and Other Firmware - Vladyslav Babkin appeared first on Eclypsium | Supply Chain Security for the Modern Enterprise ... Read More
Spooky Experiments: Building Your Own Security Research Lab
Conducting security experiments can be a thrilling journey that sometimes demands advanced tools like flash readers, and at other times, you might find yourself using tools you’d never expect, such as a humble paper plate. During this event, Paul Asadoorian will share valuable tips and tricks accumulated from years of ... Read More
Network Infrastructure on the Front Line
Threat actors continually develop new strategies and techniques in order to maximize the impact of their attacks while avoiding cybersecurity defenses. Over the past several years, attackers have found a new class of targets that fits the bill on both fronts—enterprise network infrastructure devices. Read More > The post Network ... Read More
BTS #14 – Protecting The Federal Supply Chain – John Loucaides
Show Notes: https://securityweekly.com/bts-14 Watch Subscribe The post BTS #14 - Protecting The Federal Supply Chain - John Loucaides appeared first on Eclypsium | Supply Chain Security for the Modern Enterprise ... Read More
How Healthcare Threats Are Going Low
When it comes to IT and cybersecurity, few industries can compare to Healthcare. A diverse fleet of high-value devices, supporting mission-critical systems, and carrying highly sensitive and regulated data are all just table stakes for most healthcare security teams. And while this has always been the case, the threat landscape ... Read More
Eclypsium’s Supply Chain Security Platform Adds New Capabilities to Protect Network Infrastructure From Compromise
Eclypsium’s new integrity monitoring and threat detection capabilities help organizations protect from ransomware and state-sponsored threat actors using network infrastructure devices to establish initial access and persistence Portland, OR – October 2, 2023 – Eclypsium®, the supply chain security company protecting critical hardware, firmware, and software in enterprise IT infrastructure, ... Read More
A New Approach to Defending Network Infrastructure from Ransomware Groups and APTs
Remember when ransomware was simply getting locked out of your files? Those seem like the good old days compared to today’s nightmare, with entire operations shut down for days or weeks. While security teams have improved their defenses against ransomware, there’s still one gaping weak spot that attackers are targeting ... Read More
The Threat Landscape for Healthcare Organizations
The threat landscape for healthcare organizations has shifted tremendously since the outset of COVID-19. The means, opportunities, and motives for threat actors targeting the sector have all changed in nature and increased in intensity. While the theft of private data andransomware continues to wreak havoc, there has also been a ... Read More
Get the Gist of CJIS
Does your organization access CJIS? If so, the deadline for compliance is October 1st, 2023. In the latest CJIS Security Policy, the FBI is now requiring that IT firmware be verified for integrity and monitored for unauthorized changes. Failure to comply with it can lead to denial of access to ... Read More