Collaborate Disseminate
More than a million domain names — including many registered by Fortune 100 firms and brand protection companies — are vulnerable to takeover by cybercriminals thanks to authentication weaknesses at a number of large web hosting providers and domain registrars, new research finds. Continue reading Don’t Let Your Domain Name Become a “Sitting Duck”
A vulnerability (CVE-2024-0762) in the Phoenix SecureCore UEFI, which runs on various Intel processors, could be exploited locally to escalate privileges and run arbitrary code within the firmware during runtime. “This type of low-level exploitat… Continue reading Intel-powered computers affected by serious firmware flaw (CVE-2024-0762)
Here’s a look at the most interesting products from the past month, featuring releases from: Abnormal Security, Adaptive Shield, Appdome, AuditBoard, Calix, Cranium, CyberArk, Cybersixgill, Dashlane, Datadog, Detectify, Eclypsium, ExtraHop, FireMon, Fo… Continue reading Infosec products of the month: May 2024
Here’s a look at the most interesting products from the past week, featuring releases from Abnormal Security, AuditBoard, Cranium, Datadog, Eclypsium, ExtraHop, Forcepoint, SentinelOne, Splunk, Sumo Logic, and Trellix. AuditBoard enhances InfoSec Solut… Continue reading New infosec products of the week: May 10, 2024
Eclypsium researchers have published details and PoC exploits for two remotely exploitable injection vulnerabilities (CVE-2024-21793, CVE-2024-26026) affecting F5’s BIG-IP Next Central Manager. About the vulnerabilities BIG-IP Next is “a complete… Continue reading F5 fixes BIG-IP Next Central Manager flaws with public PoCs (CVE-2024-21793, CVE-2024-26026)
Eclypsium announced new GenAI assessment capabilities for its Supply Chain Security Platform. The new capabilities help secure the fundamental layers of the GenAI tech stack through support for NVIDIA hardware and popular GenAI foundation models. As de… Continue reading Eclypsium offers protection for GenAI hardware infrastructure
Eclypsium launches Automata, a new AI-assisted feature for its digital supply chain security platform. Available now, Automata is an automated binary analysis system that replicates the knowledge and tooling of expert security researchers to discover p… Continue reading Eclypsium Automata discovers vulnerabilities in IT infrastructure
In this Help Net Security interview, Nate Warfield, Director of Threat Research and Intelligence at Eclypsium, outlines the crucial tasks for CISOs in protecting supply chains and achieving comprehensive visibility. Warfield also discusses the vital co… Continue reading CISOs’ role in identifying tech components and managing supply chains
Eclypsium launches new threat detection capabilities for network appliances to its Eclypsium supply chain security platform. Over the past summer, ransomware groups including Akira, CACTUS, FIN8, and LockBit have been observed attacking network applian… Continue reading Eclypsium’s threat detection capabilities defend network infrastructure from cybercriminals
Here’s a look at the most interesting products from the past month, featuring releases from: Abnormal Security, Arista Networks, Armorblox, BigID, Binarly, Cofense, Cyera, Cynalytica, D3 Security, Eclypsium, GitGuardian, Guardz, Halo Security, Immuta, … Continue reading Infosec products of the month: April 2023