Below the Surface (Audio) - The Supply Chain Security Podcast

In this episode, we explore the security vulnerabilities of low-cost IP-based KVMs, including firmware flaws, default credentials, and insecure update mechanisms. Two Eclypsium researchers, Paul and Rey, discovered the vulnerabilities and shared the details and behind-the-scenes details! We also discuss real-world testing, vendor responses, and best practices for securing remote management devices in enterprise environments. Chapters 00:00 Introduction to KVM Vulnerabilities 03:00 Research Background and Team Introduction 05:57 Exploring GLINet and Initial Findings 09:03 Firmware Analysis and...

Below the Surface (Audio) - The Supply Chain Security Podcast

In this episode of Below the Surface, Paul Asadoorian, Vlad Babkin, and Adrian Sanabria discuss the ongoing vulnerabilities in network edge devices, the implications of legacy systems like Avanti, and the strategies employed by threat actors. They explore the importance of monitoring and detection in cybersecurity, as well as innovative deception techniques to enhance security measures against exploitation. In this conversation, the speakers delve into various aspects of cybersecurity, including innovative strategies to enhance security, the challenges posed by vendor cooperation, the...

Below the Surface (Audio) - The Supply Chain Security Podcast

In this episode, the hosts discuss various cybersecurity threats, including Russian cyber attacks on critical infrastructure, the vulnerabilities in firewalls and VPNs, and the implications of AI in cybersecurity. They explore the increasing trend of using Python for malicious purposes and the challenges posed by gaming anti-cheat drivers. The conversation also touches on the escalation of cyber warfare and the confused deputy problem in AI, highlighting the need for better security measures and awareness in the industry. Chapters   00:00 Introduction to Cybersecurity Threats 02:52...

Below the Surface (Audio) - The Supply Chain Security Podcast

In this episode, the hosts discuss various cybersecurity topics, including the challenges of BIOS password cracking, the implications of AMD's Stack Warp vulnerability, and the importance of up-to-date secure boot certificates. They also explore the risks associated with network security appliances, the costs of cybersecurity, and the role of marketing in raising awareness. Additionally, they share insights from an X-ray analysis of USB cables, highlighting the differences between quality and counterfeit products.   BIOS password cracking can be complex and time-consuming. Physical...

Below the Surface (Audio) - The Supply Chain Security Podcast

In this episode of Below the Surface, host Paul Asadoorian is joined by co-hosts Larry Pesci, Joshua Marpet, and Vlad Babkin to delve into the complexities of hardware supply chain security. The discussion is sparked by a presentation from Andrew 'Bunny' Wong at Black Hat Asia, which raised critical questions about how we can trust the silicon in our devices. The conversation explores the challenges of validating hardware components, the potential for backdoors in devices, and the implications of counterfeit components in the supply chain. The hosts share anecdotes and insights about their...

Below the Surface (Audio) - The Supply Chain Security Podcast

Summary In this episode, special guest Matt Brown joins us to discuss the integration of AI in firmware analysis, exploring its benefits and challenges. We delve into the transition from traditional methods to AI-driven approaches, emphasizing the importance of prompt specificity for effective vulnerability discovery. The conversation also covers the role of open-source components, the need for guardrails in AI use, and the implications of AI-generated reports in cybersecurity. Additionally, they touch on man-in-the-middle techniques and the future of AI in firmware development, highlighting...

Below the Surface (Audio) - The Supply Chain Security Podcast

Summary In this episode, the hosts discuss various cybersecurity topics, including recent vulnerabilities in Fortinet products, the implications of supply chain breaches, the evolving role of AI in cybersecurity, and updates to the OWASP Top 10 list. They emphasize the importance of firmware security and the need for better visibility and standards in the industry. The conversation highlights the challenges faced by defenders in a rapidly changing threat landscape and the necessity for proactive measures to secure systems. Takeaways Fortinet vulnerabilities are critical and require immediate...

Below the Surface (Audio) - The Supply Chain Security Podcast

Summary   In this episode of Below the Surface, Paul Asadoorian and Chase Snyder delve into various cybersecurity topics, including the use of Raspberry Pi in cyber attacks, the implications of the F5 breach, and the emergence of Polar Edge malware targeting QNAP devices. They also discuss the innovative Two-Face Rust binary technique, the critical nature of authentication bypass vulnerabilities, and the evolving landscape of air-gapped systems. The conversation highlights the increasing risk posed by old vulnerabilities and the need for improved security measures in the face of advancing...

Below the Surface (Audio) - The Supply Chain Security Podcast

In this episode, the hosts discuss the recent F5 breach, exploring the implications of the attack, the tactics used by threat actors, and the importance of vulnerability disclosure. They delve into the complexities of securing network edge devices, the challenges posed by Linux security, and the need for standardization in security practices. The conversation also touches on the future of firmware security and the necessity for proactive measures in incident response. We also close out the show taking about the recent Framework UEFI shell vulnerability. Chapters   00:00 Introduction to F5...

Below the Surface (Audio) - The Supply Chain Security Podcast

In this episode of Below the Surface, the hosts discuss various cybersecurity topics, including the Red November campaign targeting network edge devices, the implications of the Cisco SNMP vulnerability, and the recent vulnerabilities associated with Cisco ASA devices. They also delve into the hybrid Petya ransomware and its connection to supply chain security, emphasizing the need for better visibility and security measures in network devices. Chapters: 00:00 Introduction and Overview of Cybersecurity Trends 02:09 Red November Campaign: Targeting Network Edge Devices 11:06 The Shift in Attack...