THE THREAT
eSentire has identified publicly available Proof-of-Concept (PoC) exploit code, for the critical Microsoft Exchange vulnerability CVE-2021-42321. CVE-2021-42321 was announced as part of Microsoft’s November Patch Tuesday release. Exploitation would allow a remote threat actor, with previous authentication, to execute code on vulnerable servers.
Prior to the patch release, Microsoft…
Read More
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 1000+ organizations in 70+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
Telarus and eSentire Expand Partnership to Safeguard Enterprises Globally Against Business Disrupting Ransomware and Zero-Day Attacks
London, UK and Sydney, Australia– Oct. 28, 2021 - eSentire, recognized globally as the Authority in Managed Detection and Response (MDR), today announces the expansion of its partnership with Telarus, the largest privately-held distributor of business cloud infrastructure and contact centre services. Building on their mutual success across North America, Telarus will bring eSentire’s Managed…
Read More
Our award-winning partner program offers financial rewards, sales and marketing tools and personalized training. Accelerate your business and grow your revenue by offering our world-class Managed Detection and Response (MDR) services.
Mark Sangster, Vice President, Industry Security Strategies at eSentire, appeared on CBC News to speak about the top-tier Conti ransomware gang and their alleged targeting of Canadian critical infrastructure with the recent attack on the Newfoundland and Labrador health network.
During the CBC News interview, Mark addresses:
Why it’s likely that the Conti ransomware gang is behind the cyber attack based on research conducted by eSentire’s Threat Response Unit (TRU),
How ransomware gangs resemble sophisticated Fortune 500 companies in the way they manage their operations and generate revenue,
The tactics, techniques, and procedures (TTPs) utilized by the ransomware gangs to deploy their cyber attacks,
Why Conti targets critical infrastructure organizations, and more.
Watch the full interview below to learn more.
According to the Cybersecurity & Infrastructure Security Agency (CISA), there are “16 critical infrastructure sectors whose assets, systems, and networks are considered so vital that their incapacitation or destruction would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof”. Cyber attacks against critical infrastructure, including healthcare institutions, have become high-value targets for ransomware gangs looking to cause systemic disruption and societal chaos.
Conti, also known as Ryuk, has increased its focus on targeting Canadian companies following the shutdown of the REvil/Sodinokibi ransomware gang at the hands of the U.S. law enforcement agencies. The Conti group uses the “double extortion” ransomware tactic against its victims. They not only encrypt the victim’s data but also threaten to sell it to other threat actors if they don’t get paid the ransom demand. Recently Conti’s affiliate program appears to have pivoted from publishing and selling its victim’s stolen files to selling access to many of the organizations it has hacked.
Currently, over 50% of eSentire customers operate within the critical infrastructure segments recognized by CISA. To learn more about how we protect the critical data and applications of these firms with 24/7 multi-signal Managed Detection and Response and Incident Response services, book a meeting with a security specialist today.
eSentire is the Authority in Managed Detection and Response, protecting the critical data and applications of 1000+ organizations in 70+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events. Combining cutting-edge machine learning XDR technology, 24/7 Threat Hunting, and proven security operations leadership, eSentire mitigates business risk, and enables security at scale. The Team eSentire difference means enterprises are protected by the best in the business with a named Cyber Risk Advisor, 24/7 access to SOC Cyber Analysts & Elite Threat Hunters, and industry-leading threat intelligence research from eSentire’s Threat Response Unit (TRU). eSentire provides Managed Risk, Managed Detection and Response and Incident Response services. For more information, visit www.esentire.com and follow @eSentire.
Are you experiencing a security incident or have you been breached? Call us now.
