Company

ABOUT ESENTIRE

eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 2000+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.

About Us →

Leadership →

Careers →

Event Calendar →

Newsroom →

Aston Villa Football Club →

EVENT CALENDAR

Apr

RSAC™ 2025 Conference

May

CISO Strategy Virtual Meetings Seattle

May

May TRU Intelligence Briefing

May

Elevate IT Technology Summit Kansas City

May

Cybersecurity Summit Toronto

View Calendar →

LATEST PRESS RELEASE

Mar 06, 2025

eSentire Unleashes AI-Driven Atlas Nexus Network, Empowering Cybersecurity Partners to Build Differentiated Security Services at Scale

View Newsroom →

OUR PARTNERSHIPS

Aston Villa Football Club

AVFC takes its cyber protection to the Next Level with eSentire as its official cybersecurity partner.

Learn More

Partners

PARTNER PROGRAM

We provide sophisticated cybersecurity solutions for Managed Security Service Providers (MSSPs), Managed Service Providers (MSPs), and Value-Added Resellers (VARs). Find out why you should partner with eSentire, the Authority in Managed Detection and Response, today.

LEARN MORE →

Apply to become an e3 ecosystem partner with eSentire today.

APPLY NOW →

Speak With A Security Expert Now

TALK TO AN EXPERT

We are aware of recent activity in the form of specific exploits in the wild targeting Microsoft Windows Vulnerabilities and the potential to exploit the vast majority of Microsoft operating systems. The first vulnerability (CVE-2014-6352) allows threat actors to execute code on a victim’s machine after visiting a maliciously crafted webpage. The second actively targeted vulnerability (CVE-2014-6324) may allow domain users to elevate their privileges to Domain Administrator. The third vulnerability (CVE-2014-6321) has not been actively seen in the wild but has the potential for the greatest impact. Patches for all three of these vulnerabilities should be applied as soon as possible with verification that they have been applied successfully.

What We Know

CVE-2014-6321 AKA WinShock:

Affects major Windows operating systems (all, up to and including Win 8)
PoC has been released no public exploits are available yet
A completely remote attack vector
Remote code execution exploits are expected
PoC released for IIS, RDP, AD
No known workarounds

CVE-2014-6352

Actively attacked in the wild
Requires user intervention to visit a malicious site
Affects most major Windows operating systems
Exploits are available to the public
A workaround is possible with the Enhanced Mitigation Toolkit (EMET)

CVE-2014-6324

Actively attacked in the wild
Requires domain user access
Privilege escalation to domain admin possible
No known workarounds

eSentire Defenses

eSentire features that help protect you:

Continuous Vulnerability Scanning can identify all vulnerable servers.
AMP can stop the communication to known command and control servers.
Behavioral analysis tools can detect anomalous network behavior.
The SOC can quarantine suspected systems in your direction or based on established policy.

Further Protection

How to further protect yourself from these emerging threats:

EMET can help further prevent memory protection bypasses (microsoft.com/emet).
User awareness: infections are occurring from users visiting malicious websites.
Remind users not to visit untrusted websites or follow links provided by unknown or un-trusted sources.
Remind users to be cautious when clicking on links in emails coming from trusted sources.

ESENTIRE SERVICES

Managed Detection and Response

All-In-One MDR Solution →

MDR for Microsoft →

MDR for GenAI →

Digital Forensics and Incident Response

Continuous Threat Exposure Management (CTEM)

PLATFORM, PEOPLE AND RESPONSE

Security Operations Center (SOC)

Extended Detection and Response (XDR)

Technology Integrations

Threat Response Unit (TRU)

Cyber Resilience Team

Response and Remediation

MDR Packages and 24/7 Protection

MDR Pricing and Packages

Atlas Essentials

Atlas Advanced

Atlas Complete

24/7 Coverage

Endpoint

Network

Log

Cloud

Identity

INDUSTRIES

Insurance

Construction

Finance

Legal

Manufacturing

Private Equity

Healthcare

Retail

Food Supply

Government and Education

Automotive Dealerships

USE CASES

Ransomware

Cybersecurity Compliance

Zero Day Attacks

Cloud Misconfiguration

Third-Party Risk

Do More With Less

Cyber Risk

Cyber Insurance

Sensitive Data Security

Security Leadership

Cyber Threat Intelligence

From The Blog

Unlocking New Possibilities for Network Monitoring and Security with…

Sock(et) Puppet: How RansomHub Affiliates Pull the Strings

Phish & Chips: Serving Up Tycoon 2FA’s Secrets

Resources

Case Studies

TRU Intelligence Center

Cybersecurity Tools

Videos

Reports

Webinars

Data Sheets

Real vs. Fake MDR

Compare MDR Vendors

Blogs

Security Advisories

SECURITY ADVISORIES

Maximum Severity SAP Vulnerability Exploited

CrushFTP Authentication Bypass