Cyber risk and advisory programs that identify security gaps and build strategies to address them.
MDR that provides improved detection, 24/7 threat hunting, end-to-end coverage and most of all, complete Response.
Our team delivers the fastest response time in the industry. Threat suppression within just 4 hours of being engaged.
Be protected by the best from Day 1.
24/7 Threat Investigation and Response.
Expert hunting, research and content.
Defend brute force attacks, active intrusions and unauthorized scans.
Safeguard endpoints 24/7 by isolating and remediating threats to prevent lateral spread.
Investigation and enhanced threat detection across multi-cloud or hybrid environments.
Configuration escalations, policy and posture management.
Detects malicious insider behavior leveraging Machine Learning models.
Customer testimonials and case studies.
Stories on cyberattacks, customers, employees, and more.
Cyber incident, analyst, and thought leadership reports.
Demonstrations, seminars and presentations on cybersecurity topics.
Information and solution briefs for our services.
MITRE ATT&CK Framework, Cybersecurity Assessment, SOC Calculator & more
eSentire has identified publicly available Proof-of-Concept (PoC) exploit code, for the critical Microsoft Exchange vulnerability CVE-2021-42321. CVE-2021-42321 was announced as part of Microsoft’s November Patch Tuesday release. Exploitation would allow a remote threat actor, with previous authentication, to execute code on vulnerable servers.
Prior to the patch release, Microsoft confirmed that limited exploitation of CVE-2021-42321 had occurred. The release of PoC exploit code significantly increases the likelihood of widespread exploitation in the near future. Organizations that have not already applied the relevant security patches are recommended to do so immediately.
At the time of this reporting, Microsoft has not shared details relating to the real-world exploitation of CVE-2021-42321. Based on limited public details, it appears that only a small number of attacks have occurred. All attacks to date are believed to have been performed by the same threat actor.
The release of PoC exploit code drastically increases the likelihood that multiple threat actor groups will adopt the exploit and use it in attacks in the near future. Additionally, technical details for CVE-2021-42321 have been released. eSentire has not observed exploitation at this time. It should be noted that in order for an attacker to successfully exploit this vulnerability, they would need to have gained prior authentication via a separate attack/vulnerability.