Our Threat Response Unit (TRU) publishes security advisories, blogs, reports, industry publications and webinars based on its original research and the insights driven through proactive threat hunts.
Increased Activity in Google Ads Distributing Information Stealers
THE THREAT
On January 18th, 2023, eSentire Threat Intelligence identified multiple reports, both externally and internally, containing information on an ongoing increase in Google advertisements…
Read More
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 1500+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
eSentire Named First Managed Detection and Response Partner by Global Insurance Provider Coalition
Waterloo, ON – December 13, 2022 – eSentire, Inc., the Authority in Managed Detection and Response (MDR), today announced it has been named the first global MDR partner by Coalition, the world’s first Active Insurance provider designed to prevent digital risk before it strikes. Like Coalition, eSentire is committed to putting their customers’ businesses ahead of disruption by improving their…
Read More
We provide sophisticated cybersecurity solutions for Managed Security Service Providers (MSSPs), Managed Service Providers (MSPs), and Value-Added Resellers (VARs). Find out why you should partner with eSentire, the Authority in Managed Detection and Response, today.
Mark Sangster, Vice President, Industry Security Strategies at eSentire, appeared on CBC News to speak about the top-tier Conti ransomware gang and their alleged targeting of Canadian critical infrastructure with the recent attack on the Newfoundland and Labrador health network.
During the CBC News interview, Mark addresses:
Why it’s likely that the Conti ransomware gang is behind the cyber attack based on research conducted by eSentire’s Threat Response Unit (TRU),
How ransomware gangs resemble sophisticated Fortune 500 companies in the way they manage their operations and generate revenue,
The tactics, techniques, and procedures (TTPs) utilized by the ransomware gangs to deploy their cyber attacks,
Why Conti targets critical infrastructure organizations, and more.
Watch the full interview below to learn more.
According to the Cybersecurity & Infrastructure Security Agency (CISA), there are “16 critical infrastructure sectors whose assets, systems, and networks are considered so vital that their incapacitation or destruction would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof”. Cyber attacks against critical infrastructure, including healthcare institutions, have become high-value targets for ransomware gangs looking to cause systemic disruption and societal chaos.
Conti, also known as Ryuk, has increased its focus on targeting Canadian companies following the shutdown of the REvil/Sodinokibi ransomware gang at the hands of the U.S. law enforcement agencies. The Conti group uses the “double extortion” ransomware tactic against its victims. They not only encrypt the victim’s data but also threaten to sell it to other threat actors if they don’t get paid the ransom demand. Recently Conti’s affiliate program appears to have pivoted from publishing and selling its victim’s stolen files to selling access to many of the organizations it has hacked.
Currently, over 50% of eSentire customers operate within the critical infrastructure segments recognized by CISA. To learn more about how we protect the critical data and applications of these firms with 24/7 multi-signal Managed Detection and Response and Incident Response services, book a meeting with a security specialist today.
eSentire is the Authority in Managed Detection and Response, protecting the critical data and applications of 1500+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events. Combining cutting-edge machine learning XDR technology, 24/7 Threat Hunting, and proven security operations leadership, eSentire mitigates business risk, and enables security at scale. The Team eSentire difference means enterprises are protected by the best in the business with a named Cyber Risk Advisor, 24/7 access to SOC Cyber Analysts & Elite Threat Hunters, and industry-leading threat intelligence research from eSentire’s Threat Response Unit (TRU). eSentire provides Managed Risk, Managed Detection and Response and Incident Response services. For more information, visit www.esentire.com and follow @eSentire.
Cookies allow us to deliver the best possible experience for you on our website - by continuing to use our website or by closing this box, you are consenting to our use of cookies. Visit our Privacy Policy to learn more.
