CVE-2022-26923 - Active Directory Domain Services Elevation of Privilege Vulnerability
THE THREAT
Microsoft has disclosed a new vulnerability impacting Active Directory Certificate Services (ADCS) tracked as CVE-2022-26923 (Active Directory Domain Services Elevation of Privilege Vulnerability). If exploited successfully, an authenticated attacker can escalate privileges in environments where ADCS is running on the domain. eSentire is aware of technical details and tooling [2] for…
Read More
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 1200+ organizations in 75+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
Cybersecurity Leader eSentire Continues Its Commitment to Rigorous Security Standards Earning PCI DSS Certification
Waterloo, ON, May 17, 2022 — eSentire, the Authority in Managed Detection and Response (MDR), maintains one of the most secure and robust IT environments of any MDR provider in the industry. To that end, eSentire today announced that it has received the Payment Card Industry Data Security Standard (PCI DSS) certification, considered one of the most stringent and comprehensive payment card…
Read More
We provide sophisticated cybersecurity solutions for Managed Security Service Providers (MSSPs), Managed Service Providers (MSPs), and Value-Added Resellers (VARs). Find out why you should partner with eSentire, the Authority in Managed Detection and Response, today.
Mark Sangster, Vice President, Industry Security Strategies at eSentire, appeared on CBC News to speak about the top-tier Conti ransomware gang and their alleged targeting of Canadian critical infrastructure with the recent attack on the Newfoundland and Labrador health network.
During the CBC News interview, Mark addresses:
Why it’s likely that the Conti ransomware gang is behind the cyber attack based on research conducted by eSentire’s Threat Response Unit (TRU),
How ransomware gangs resemble sophisticated Fortune 500 companies in the way they manage their operations and generate revenue,
The tactics, techniques, and procedures (TTPs) utilized by the ransomware gangs to deploy their cyber attacks,
Why Conti targets critical infrastructure organizations, and more.
Watch the full interview below to learn more.
According to the Cybersecurity & Infrastructure Security Agency (CISA), there are “16 critical infrastructure sectors whose assets, systems, and networks are considered so vital that their incapacitation or destruction would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof”. Cyber attacks against critical infrastructure, including healthcare institutions, have become high-value targets for ransomware gangs looking to cause systemic disruption and societal chaos.
Conti, also known as Ryuk, has increased its focus on targeting Canadian companies following the shutdown of the REvil/Sodinokibi ransomware gang at the hands of the U.S. law enforcement agencies. The Conti group uses the “double extortion” ransomware tactic against its victims. They not only encrypt the victim’s data but also threaten to sell it to other threat actors if they don’t get paid the ransom demand. Recently Conti’s affiliate program appears to have pivoted from publishing and selling its victim’s stolen files to selling access to many of the organizations it has hacked.
Currently, over 50% of eSentire customers operate within the critical infrastructure segments recognized by CISA. To learn more about how we protect the critical data and applications of these firms with 24/7 multi-signal Managed Detection and Response and Incident Response services, book a meeting with a security specialist today.
eSentire is the Authority in Managed Detection and Response, protecting the critical data and applications of 1200+ organizations in 75+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events. Combining cutting-edge machine learning XDR technology, 24/7 Threat Hunting, and proven security operations leadership, eSentire mitigates business risk, and enables security at scale. The Team eSentire difference means enterprises are protected by the best in the business with a named Cyber Risk Advisor, 24/7 access to SOC Cyber Analysts & Elite Threat Hunters, and industry-leading threat intelligence research from eSentire’s Threat Response Unit (TRU). eSentire provides Managed Risk, Managed Detection and Response and Incident Response services. For more information, visit www.esentire.com and follow @eSentire.
Cookies allow us to deliver the best possible experience for you on our website - by continuing to use our website or by closing this box, you are consenting to our use of cookies. Visit our Privacy Policy to learn more.
