Paul's Security Weekly Subscribe

The BIOS Disconnect – Scott Scheferman – PSW #702

July 15, 2021

Eclypsium researchers identified vulnerabilities affecting the BIOSConnect feature within Dell Client BIOS. This disconnect impacted 129 Dell models of consumer and business laptops, desktops, and tablets, including devices protected by Secure Boot and Dell Secured-core PCs. With cyber-attacks on the rise, firmware security, while often overlooked, might be the next battleground for attackers who continue to target enterprise VPNs and other network devices.

Segment Resources:

https://eclypsium.com/2021/06/24/biosdisconnect/

This segment is sponsored by Eclypsium. Visit https://securityweekly.com/eclypsium to learn more about them!

Sponsored By

Eclypsium

Full episode and show notes

Announcements

Security Weekly Unlocked will be held IN PERSON this December 5-8 at the Hilton Lake Buena Vista! Our Call For Presentations Deadline has been extended through July 23rd at 11:59 pm ET! Visit securityweekly.com/unlocked to submit your presentation!

Guest

Scott Scheferman

Scott Scheferman

Principal Cyber Strategist at Eclypsium

Scott, aka “Shagghie” in the community, is a public speaker, thought leader and cyber strategist. With decades of cyber consulting in both Federal and Commercial domains, he brings strong opinions and insight into any topic covering cyber, privacy, AI/ML, or the intersections of these. Winner of the first defcon badge-hacking contest and a defcon music artist, he currently works to bring urgent awareness to the device and firmware attack surface now being readily exploited.

Hosts

Paul Asadoorian

Paul Asadoorian

Founder at Security Weekly

https://securityweekly.com

Jeff Man

Jeff Man

Sr. InfoSec Consultant – Online Business Systems at Online Business Sytems

https://www.obsglobal.com/

Lee Neely

Lee Neely

Information Assurance APL at Lawrence Livermore National Laboratory

Related

The Company’s Lawyer is Not Your Lawyer – Legal Self Defense – Larry Dietz – CSP #125

June 6, 2023

Joe Sullivan has shown all of us that CISOs are on the front lines when it comes to breaches and their legal aftermath. Unfortunately, most CISOs are not attorneys and may not understand the rules of engagement with law enforcement to the point where they may find themselves in legal jeopardy for ‘doing the right thing’. Join Larry Dietz long time ...

Cybersecurity and the Board, Achieve More with Less, & Authentic Leadership is Hard – BSW #308

June 5, 2023

In the leadership and communications section, Cybersecurity Starts with the Board and C-Suite, How CISOs can achieve more with less during uncertain economic times, Why Authentic Leadership Is So Hard, and more!

New AI Algorithm Regulations Coming: Will Yours Pass Government Scrutiny? – Mike O’Malley – BSW #308

June 5, 2023

The American Data Privacy and Protection Act introduces oversight of how companies handle the data they collect and process from U.S. citizens, including AI algorithms used to uncover insights that can be monetized. Security professionals should prepare now for the legislation by understanding how to audit algorithms and implement compliance proces...