IIS, Drupal, and Oracle WebLogic web technologies experienced increased attacks in Q2 2018. According to a new threat report from eSentire, Inc., the largest pure-play Managed Detection and Response (MDR) provider, IIS attacks showed a 782x increase, from 2,000 to 1.7 million, since last quarter. Analysis of the attacks by eSentire Threat Intelligence revealed that both IIS and WebLogic exploits maintained a consistent number of attacks (about 200) per IP across organizations, with those attacks originating from servers hosting Apache, RDP, SQL, IIS, and HTTP API services.
The Threat Intelligence Team at cyber security company eSentire has observed an increase in successful Emotet infections, coupled with lateral movement after the initial infection. eSentire Threat Intelligence assesses with medium confidence that the prevalence of infections will continue to rise given the current success of lateral movement and ease of delivery. The initial infection vector is Microsoft Word documents downloaded from an embedded link inside fake invoice emails. The trojan can spread through windows SMB file shares and is capable of downloading additional payloads from command & control servers.
eSentire announced the appointment of James Yersh as chief administrative officer (CAO), effective immediately. Yersh will be responsible for the finance functions of the business, as well as human resources, and risk/compliance. Yersh is the latest seasoned executive to join eSentire’s veteran leadership team, with focus on scaling the high-growth company. Over his 20+ year career, Yersh has transformed financial strategies, revenue growth models, and led more than 30 merger and acquisition deals for leading technology and telecommunications companies.