eSentire

As your business scales, so do the threats you're facing. Your team needs a partner that can detect threats in seconds and contain them in minutes. At eSentire, our sole mission is to protect your critical data, technology, and people from cyber threats. We combine: ✅ Total Attack Surface Visibility ✅ XDR Cloud Platform Technology ✅ Proprietary Machine Learning Models ✅ 24/7 Threat Hunting The result? eSentire MDR delivers complete Response to stop threats before they become business-disrupting events. Combat-ready and battle-tested, Team eSentire stands guard so you don't have to. An attack on you is an attack on us. Full stop. Get started now: https://bit.ly/3HAc6c8

Key Resilience Indicators (KRIs) are the new standard for measuring the strength of your security program. Traditional KPIs focus on performance—but KRIs take it further by showing how well your organization can withstand and recover from cyber threats. 🔄 KRIs like: 🕵️♂️ Mean Time to Detect (MTTD) 🛠️ Mean Time to Recover (MTTR) 📩 Phishing Click Rate 🔧 Vulnerability Patch Cadence These metrics clearly show how resilient your business is against attacks and help align security efforts with business continuity. Shifting to KRIs helps you track not just risk reduction, but your organization’s ability to adapt and thrive during cyber incidents. 📊 What are your top KRIs for measuring security program success? Share them below! 👇 #KPI #cyberresilience #cybersecurity #securityprogram

Every month, Threat Response Unit (TRU) hosts a live webinar to share new research-driven observations of malware, notable vulnerabilities, threat actor groups, and cyber activity affecting the threat landscape. Join us on September 10, 2024 for our monthly TRU Intelligence Briefing as they review: 🦉 Unpacking Trends Around Windows Installer Packages: An analysis of recent trends observed among our customers and the broader threat landscape, focusing on the misuse of Windows installer packages for malware infections. This discussion will cover MSI, MISX, and Inno Setup packages, how they are abused, recommendations for analysis, and the underground services fueling this trend. 🦉 Tactical Threat Response – App Installer Abuse: An overview of how threat actors utilize application installers to distribute malware, along with best practices for mitigating these risks. 🦉 Threat Landscape: A review of malware recently observed by eSentire’s Security Operation Center (SOC) over the past month including Poseidon Stealer, Go Injector, and Play Ransomware, as well as notable vulnerabilities impacting Versa (CVE-2024-39717), SolarWinds (CVE-2024-28986), and Apache (CVE-2024-38856). 🦉 A brief update on cyberactivity relating to ongoing geopolitical tensions. Register here: https://lnkd.in/g7Uvs5Mu #threatintelligence #threatbriefing

Our latest TRU Weekly Threat Briefing just dropped! 🦉 Here are the three biggest stories that TRU is focusing on: ➡ The Versa Director Zero-Day Exploitation The Chinese state-sponsored APT group Volt Typhoon has been observed exploiting a critical Versa Director zero-day vulnerability in attacks against IT, MSPs, and ISPs. Organizations are urged to apply the relevant security patches as soon as possible to minimize the likelihood of compromise. ➡ CISA #StopRansomware RansomHub The joint advisory from CISA, the FBI, MS-ISAC, and HHS follows the notable attack on Haliburton. RansomHub affiliates make use of tried-and-true tactics as well as known vulnerabilities. ➡ Iran-based Cyber Actors Enabling Ransomware Attacks on U.S. Organizations The joint FBI advisory on Pioneer Kitten highlights the persistent threat posed by Iranian cyber actors, who combine state-sponsored espionage with financially motivated cybercrime. Read the full threat briefing below! #threatbriefing #threatintelligence #versa

Attending the AVANT 2024 Special Forces Summit in Phoenix, AZ? 👋 As the Title Sponsor for this year, we'd love to meet you! Come join us for 2.5 days of power-packed training and connecting with Trusted Advisors! 🤝 Plus, we’ll have our own Erin McLean on the Main Stage Wednesday afternoon, September 11, to explore today’s IT buyer. Be sure to come by and meet our team during the designated Vendor Networking session on Monday, September 9 and Tuesday, September 10 in Valley of the Sun Ballroom. 🌞 Join us at Special Forces Summit 2024! Register here: bit.ly/4dIWbZO

Building an in-house SOC might seem like the best way to protect your organization. But when you consider the costs, the numbers tell a different story. For an organization with 1,000 employees, the first-year expenses of building and maintaining a SOC can exceed $2.2M. This estimate includes the costs of technology, personnel, training, and continuous upgrades—an investment that might be prohibitive for many companies. Outsourcing to a managed SOC provider offers a cost-effective alternative. It reduces financial burden and delivers 24/7 threat detection, access to specialized cybersecurity expertise, and scalability that adapts to your evolving needs. Not only that, managed SOC providers enable you to focus on strategic initiatives while ensuring your organization is protected by a team of experts. It’s not just about cutting costs—it’s about enhancing your overall security posture and operational efficiency. Considering the financial and strategic benefits, outsourcing your SOC could be the smarter choice for long-term resilience and growth. #Cybersecurity #SOC #MDR #SecurityOperations #RiskManagement #CISO #BusinessStrategy

⚠️ eSentire TRU has identified a potent phishing attack leading to 0bj3ctivity Stealer malware. In this case, the user clicked on a deceptive Discord CDN link containing malicious JavaScript. The file contained instructions to retrieve and execute additional payloads, including Ande Loader and 0bj3ctivity Stealer. This attack underscores the sophistication of multi-layered malware delivery mechanisms. 🛡️ TRU Recommendations: - Implement advanced detection tools and continuous monitoring to identify and mitigate threats. - Prioritize regular and comprehensive cybersecurity training for all team members to recognize and respond effectively to phishing attempts. - Keep systems updated with the latest security patches and follow best practices for endpoint security. 🔗 Read the full TRU Positive here: https://bit.ly/3ystote #Cybersecurity #Phishing #Malware #ThreatIntelligence #ManagedDetectionResponse

Can your cybersecurity program actually fuel business growth? 🤨 In the latest episode of Cyber Talks, Erin McLean chats with Mark Benaquista, Managing Director at THL Partners. Mark reveals how aligning cybersecurity with business objectives isn’t just about protection—it’s a strategic advantage. 🫰 Key takeaways: 🔹 From JPMorgan to tech leadership: Mark’s career evolution 🔹 How Merck taught him the power of aligning IT with business goals 🔹 Strategies for managing cybersecurity across a diverse portfolio 🔹 The importance of integrating cyber risk into everyday business conversations 🎧 Listen now: Spotify: https://spoti.fi/3Z6SLeO Apple: https://apple.co/3Z3nN7e

We've been monitoring D3F@ck Malware-as-a-Service Loader, analyzing its delivery methods and impact on organizations. The latest eSentire Threat Response Unit (TRU) analysis unveils the orchestrator of D3F@ck Loader, who is aliased "Sergei Panteleevich". 🔍 How TRU Responded: - We identified various tactics including malicious use of EV certificates to bypass security. - We extensively mapped the network of malicious operations, uncovering clear indicators of compromise. 🛡️ Our Recommendations: - Be proactive with threat detections and incorporate machine-learning tools like BlueSteel to counteract malicious PowerShell executions. - Implement rules for detecting behaviors specific to D3F@ck Loader and similar threats. - Regularly update your defenses based on the latest threat intelligence. Discover how the D3F@CK Loader operates, its connection to other malware strains, and how you can level up your defenses in the full TRU Positive: https://bit.ly/3AH1b2q #TRUPositive #malware #ransomware

More attackers are targeting smaller and midsized organizations that have less sophisticated cybersecurity teams. 😵 Businesses need help securing their environments and technology alone cannot fill the gap, and they are looking to trusted partners for support. Now, MDR has emerged as the solution, combining best-in-class technology with best-in-class processes. 🛡️ On Thursday, September 12 at 1:00PM ET, join channel expert, influencer, and analyst Jay McBain of Canalys, Bob Layton, Chief Channel Officer, eSentire, and Meredith Caram, Ecosystem Expert, JS Group for a discussion about the cybersecurity opportunity and how to level up your security practice with eSentire MDR. In this webinar you'll learn: ➡️ How channel partners are leading global sales of cybersecurity ➡️ How MDR has emerged as the solution to securing customer environments ➡️ How to identify the right MDR provider for your practice ➡️ How to go to market with your MDR partner Register now: https://bit.ly/4g5Nf27