The Cybellum BLOG

Building A Successful PSIRT from the Ground Up – Part 2: Processes & Technology

This is Part 2 of our blog series about building a Product Security Incident Response Team from the ground up. Continuing from where we left off in Part 1, in this post we will cover the enabling processes and technologies of a PSIRT.

Building A Successful PSIRT from the Ground Up – Part 1: People

This is Part 1 of our blog series about building a Product Security Incident Response Team from the ground up. The Colonial Pipeline cyber security breach in 2021 marked a watershed moment in IT security. Though this attack shut down the largest oil pipeline in the U.S. and resulted in a $4.4 million ransom payment, […]

LTOOD: Eystein Stenberg on Avoiding Post-Production Challenges with Pre-Production Software Update Planning

Cybellum’s Left to Their Own Devices podcast spoke with Northern Tech Co-founder & CEO, Eystein Stenberg who has a unique vantage point in preparing, deploying, and managing over the air (OTA) updates for IoT devices. Developing IoT devices is a growing challenge as markets become increasingly saturated and devices are expected to repeatedly conduct specific […]

Cybellum Announces Critical New Management and Automation Module for PSIRT

Enhanced workflow automation enables advanced cyber threat monitoring, impact assessment, triage and remediation of vulnerabilities for products and devices in the field Tel Aviv, Israel, October 19, 2022 – Cybellum, provider of the Product Security Platform for connected product and device manufacturers, announced today the availability of a new Product Incident Response module to help […]

Anthony Fernando Asensus

Surgical robots, FDA, and cybersecurity with Anthony Fernando

While many in the medical device industry have just started implementing cybersecurity strategies, veteran Anthony Fernando has seen it all. Beyond reimagining how robotic surgery can revolutionize patient experiences and recovery time, Anthony’s experience as President & CEO of Asensus has put a growing focus on the cybersecurity mindset that goes behind these incredible medical […]

Cracking AUTOSAR – A Missing Piece in the Product Security Puzzle

Securing automotive software is crucial to life long product security in the field…. But how can you secure a mystery box? As puzzling as it may be to call an AUTOSAR ECU a ‘mystery box’, this is essentially how many of today’s automotive manufacturers program their ECUs. Over the years, this closed system was enough […]

Delorean Cybellum

Back to the Future Proofing — Shifting Right for Full Product Lifecycle Cybersecurity

Future proofing can feel a bit like Marty Mcfly’s first journey to the future. It’s fast paced and overwhelming. This is somewhat similar for Medical Device Manufacturers (MDM) and automotive manufacturers who are navigating the ever evolving world of cybersecurity to support their software-driven approach. As both industries work hard to implement proper cybersecurity measures, […]

Cybellum Announces Solution for AUTOSAR-Based Components

For the first time, OEMs and their suppliers can have full visibility and manage vulnerabilities for all components within a single platform Detroit, Michigan, September 7, 2022 – Cybellum, a leading provider of the Product Security Platform for automotive manufacturers, announced today at the 6th Annual Auto-ISAC Summit, a first-of-its-kind solution for greater visibility and […]

How We Found CVE-2022-38132 –
Linksys MR8300 Zero Day

Recently, we discovered a new zero-day vulnerability in Linksys MR8300 router, affecting the latest version 1.0 of the router’s firmware. After reporting and disclosing the issue with Linksys, the vulnerability was fixed, and the newer firmware version is no longer vulnerable. As a CVE numbering authority, we also reported this issue, now published as CVE-2022-38132, […]

Subscribe to our blog to stay updated

READY TO TAKE PRODUCT SECURITY TO THE NEXT LEVEL?

Book a demo