About Us

Newly Discovered Dell BIOS Bugs Impact 129 Models around 30 Million PCs

After uncovering various vulnerabilities that might allow attackers to execute arbitrary code in Dell PC’s BIOS, security researchers have warned that 129 models and at least 30 million Dell PCs could be at risk.

Eclypsium Discovered the security flaw in the BIOS system and they stated “Eclypsium researchers have identified multiple vulnerabilities affecting the BIOSConnect feature within Dell Client BIOS. This chain of vulnerabilities has a cumulative CVSS score of 8.3 (High) because it allows a privileged network adversary to impersonate Dell.com and gain arbitrary code execution at the BIOS/UEFI level of the affected device. Such an attack would enable adversaries to control the device’s boot process and subvert the operating system and higher-layer security controls.”

“The Eclypsium team has coordinated with Dell PSIRT throughout the disclosure process. Dell has issued a Dell Security Advisory and is scheduling BIOS/UEFI updates for affected systems and updates to affected executables from Dell.com” mentioned Eclypsium.

“These vulnerabilities enable an attacker to remotely execute code in the pre-boot environment. Such code may alter the initial state of an operating system, violating common assumptions on the hardware/firmware layers and breaking OS-level security controls. As attackers increasingly shift their focus to vendor supply chains and system firmware, it is more important than ever that organizations have independent visibility and control over the integrity of their devices,” said Eclypsium.

Dell Technologies Capital Invests in Calamu for Next-Gen Data Protection

Calamu, a cybersecurity startup that provides enterprises with next-generation resilience and near-impenetrable data protection, announced that Dell Technologies Capital has invested in the firm.

“Dell Technologies Capital brings a deep understanding of enterprise IT, and they recognize the urgent need to better safeguard data from ransomware and data breaches,” said Paul Lewis, Founder & CEO, Calamu. “We are excited to collaborate with Dell Technologies Capital as we protect the world from this surging threat.”

Cyber criminals continue to exploit several data protection measures, resulting in record-breaking ransom payments and lengthy periods of company disruption. Many recent high-profile ransomware attacks have used the “double extortion” ransomware strategy, in which data is stolen first before the local environment is encrypted, providing the attacker two points of leverage to demand payment. Calamu has developed an innovative product that protects sensitive data from ransomware assaults, including complex double-extortion ransomware. The multi-patented system removes the downtime, financial fines, and reputational harm that a ransomware attack or data breach can cause.

“Calamu has the potential to revolutionize how enterprise data is stored, managed, and secured,” said Raman Khanna, Managing Director, Dell Technologies Capital. “Their unique data protection technology brings a powerful solution to the ongoing fight against ransomware and other cybersecurity threats.”