Eclypsium, Inc.

What if you were playing a game but couldn't see the enemies? ?? With Supply Chain Invaders, that's just the kind of attack you face. Supply chain invaders aren’t coming; they’re already here. The invasion starts before your devices are even assembled, taking advantage of a huge, unprotected attack surface. Ready player one? ??????? https://hubs.ly/Q02Yn12M0

Our Below The Surface Podcast is live! Join Paul Asadoorian, Vladislav Babkin and Chase Snyder to talk about the latest AMI BMC vulnerability we discovered (CVE-2024-54085). This vulnerability received a CVSS score of 10, indicating a high level of risk. Watch the live stream or check out the recording later on. What does this mean for datacenters and IT Infrastructure supply chains? When something like a BMC, which is foundational in the IT infrastructure supply chain, has a vulnerability, the urgency of patching it goes way up. The breadth of impact is potentially enormous, since AMI provides Baseboard Management Controllers for numerous vendors. This vulnerability is likely present in many datacenters and other IT infrastructure providers. Fortunately, AMI was fantastic to work with in the disclosure process for these vulnerabilities, and they have issued patches to their customers, who can deploy the patches for their own customers. https://lnkd.in/g_GxA_qT

The Eclypsium research team has discovered a previously unknown remotely exploitable #vulnerability in #AMI’s #MegaRAC software that allows attackers to bypass authentication remotely. #BMC vulnerabilities like this one pose a significant risk to the technology supply chain that underlies cloud computing. Read the details of the research — and how you can bolster your defenses — in our latest blog post: https://hubs.ly/Q03ch-HQ0 #Redfish #VulnerabilityAlert #CloudSecurity #FirmwareSecurity #SupplyChainSecurity

In Dark Reading last week, Rob Wright da covered how Mandiant researchers discovered that US carrier-grade Juniper MX routers of several organizations were hacked by China-backed UNC3886, infecting them with a custom backdoor known as TinyShell. The threat group targeted network and edge devices, which typically lack security monitoring tools like EDR agents. The research suggests ISPs and telecom carriers are at risk. Eclypsium has developed, and is developing, ways of analyzing proprietary network devices — including those from Juniper, Cisco, Citrix, and other commonly attacked vendors — to help protect enterprises and governments from these vulnerabilities. As the only IT supply chain security company offering continuous baselining of firmware against network infrastructure devices, we are striving to eliminate this attack surface that is increasingly targeted by nation state adversaries and empower organizations to defend their critical networks against these attacks. https://hubs.ly/Q03c8z550 #UNC3886 #TinyShell #Mandiant #Juniper #telecom #criticalinfrastructure #networkdevices #networksecurity #cybersecurity #SupplyChainSecurity #Eclypsium

We're proud to share that the Eclypsium Supply Chain Security Platform is a Gold winner for Software Supply Chain Security in the 2025 #Globee Awards! The Eclypsium platform scans #hardware, #firmware, and #software components in your IT infrastructure to deliver inventory, vulnerability management, and threat detection at the component level. Learn how we can help defend the foundation of your enterprise: https://hubs.ly/Q03bXm450 #GlobeeAwards #CybersecurityAwards #Innovation #Cybersecurity #SupplyChainSecurity #Eclypsium

We posted earlier in the week that recent intelligence from Microsoft Threat Intelligence revealed Silk Typhoon, a Chinese espionage group, is actively expanding its attack surface by targeting common IT solutions for initial access, including Ivanti appliances. This includes exploitation of CVE-2025-0282, a critical vulnerability in Ivanti Connect Secure. These latest Silk Typhoon revelations are just the most recent in a torrent of headlines about advanced persistent threat (APT) groups targeting global telecommunications companies, IoT devices, firmware and software supply chains, and critical infrastructure. Our latest blog post dives into the latest attacks, worrisome trends in the targeting of network infrastructure, and what you can do to protect your organization from evolving threats. Read it here: https://hubs.ly/Q03bRyH70 #Cybersecurity #ThreatIntelligence #Ivanti #SilkTyphoon #APT #telecommunications #IoT #firmware #software #CriticalInfrastructure #SupplyChainSecurity

In light of the recent supply chain attacks involving certain radio devices with batteries, it’s worth taking a closer look at these devices and the technologies they depend on. Our blog post aims to help separate truth from fiction and provide a better understanding of how these devices work, their related risks, and what you can do to mitigate those risks. Read it here ?? https://hubs.ly/Q036BcmK0 #batterysafety #supplychainattack #supplychainsecurity

Hardware and firmware security weaknesses are increasingly critical to address. The National Institute of Standards and Technology enumerated 98 potential failure scenarios in which these weaknesses could be exploited by an adversary, and what kind of damage could be done. Our blog post offers a cheat sheet for the key points in the comprehensive #NIST report. https://hubs.ly/Q0305ZQb0 #CWE #hardwaresecurity #firmwaresecurity #supplychainsecurity

Network appliances like VPNs, firewalls, load balancers, and routers must be connected to the open internet. They do not support EDR and have deep access to resources inside the perimeter. For these reasons, it’s no surprise that nation-state and criminal groups have increased their targeting of network devices, with devastating results. Unfortunately, the situation is unlikely to get better anytime soon. Join Eclypsium VP of Solution Engineering, Wes Dobry, as he explains the motivations, tactics, and techniques behind these attacks in our on-demand #webinar covering: ?? Why #networkdevices are vulnerable and a prime target for attackers ?? Techniques attackers use to compromise and evade #detection on network devices ?? Hardening and detection strategies for defenders of network devices Watch it now: https://hubs.ly/Q030-KZ90

Microsoft Threat Intelligence has identified a shift in tactics by Silk Typhoon, a Chinese espionage group, now targeting common IT solutions for initial access. Silk Typhoon exploits unpatched applications, abuses stolen API keys and credentials, and targets remote access solutions. Ivanti appliances were targeted with exploits for CVE-2025-0282, a remotely exploitable stack-based buffer overflow in Ivanti Connect Secure. Eclypsium's supply chain security platform can help detect initial exploitation of Ivanti devices by Silk Typhoon, providing detection of unauthorized changes or malicious implants and visibility into device configurations and vulnerabilities. Don't let your organization become the next victim — strengthen your defenses with Eclypsium's advanced protection against supply chain attacks. Read more about Silk Typhoon in Infosecurity Magazine here: https://hubs.ly/Q03b7XZH0 #Ivanti #Microsoft #ThreatIntelligence #SilkTyphoon #China #SupplyChainSecurity #Eclypsium