Company

ABOUT ESENTIRE

eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 2000+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.

About Us →

Leadership →

Careers →

Event Calendar →

Newsroom →

Aston Villa Football Club →

EVENT CALENDAR

Apr

FutureCon Minneapolis

Apr

April TRU Intelligence Briefing

Apr

Elevate IT Technology Summit Tampa

Apr

RSAC™ 2025 Conference

Apr

ILTA Evolve

View Calendar →

LATEST PRESS RELEASE

Mar 06, 2025

eSentire Unleashes AI-Driven Atlas Nexus Network, Empowering Cybersecurity Partners to Build Differentiated Security Services at Scale

View Newsroom →

OUR PARTNERSHIPS

Aston Villa Football Club

AVFC takes its cyber protection to the Next Level with eSentire as its official cybersecurity partner.

Learn More

Partners

PARTNER PROGRAM

We provide sophisticated cybersecurity solutions for Managed Security Service Providers (MSSPs), Managed Service Providers (MSPs), and Value-Added Resellers (VARs). Find out why you should partner with eSentire, the Authority in Managed Detection and Response, today.

LEARN MORE →

Apply to become an e3 ecosystem partner with eSentire today.

APPLY NOW →

Speak With A Security Expert Now

TALK TO AN EXPERT

THE THREAT

eSentire is aware of reports relating to the active exploitation of a currently unnamed vulnerability impacting Progress Software’s managed file transfer software MOVEit Transfer. Progress disclosed the vulnerability in an advisory on May 31st, 2023. Exploitation of vulnerability allows threat actors to perform privilege escalation and gain unauthorized access to the environment.

Organizations using MOVEit Transfer need to take immediate actions and apply relevant security patches or the alternative mitigations that are outlined by Progress.

What we’re doing about it

The eSentire Threat Response Unit (TRU) has performed threat hunts across the client base
eSentire Managed Vulnerability Service will add the relevant plugins when they become available
The eSentire Threat Intelligence team is actively tracking this topic for additional details and detection opportunities

What you should do about it

After performing a business impact review, apply relevant security patches
If patching is not immediately possible, apply alternative mitigations provided by Progress (See Additional Information)
Review potentially impacted devices for Indicators of unauthorized access
- Creation of unexpected files, specifically ‘human2[.]aspx’, in the c:\MOVEit Transfer\wwwroot\ folder
- Any unexpected or large file downloads

Additional information

Details on real world exploitation of this vulnerability, have not been publicly disclosed at this time. Based on wording from Progress’ advisory, it is highly probably that exploitation has been ongoing for at least the past 30 days.

The MOVEit Transfer platform is meant to enable secure transfer of sensitive files. Exploitation of this vulnerability may enable the theft of sensitive materials that would then be sold or used in extortion type attacks.

Impacted MOVEit Transfer Versions:

2023.0.0
2022.1.x
2022.0.x
2021.1.x
2021.0.x

Alternative Mitigations [1]:

Disable all HTTP and HTTPs traffic to your MOVEit Transfer environment – Additional support is available via the Progress Technical Support channel
- This mitigation will directly impact MOVEit functionality and access

References:

[1] https://community.progress.com/s/article/MOVEit-Transfer-Critical-Vulnerability-31May2023
[2] https://community.progress.com/s/supportlink-landing

ESENTIRE SERVICES

Managed Detection and Response

All-In-One MDR Solution →

MDR for Microsoft →

MDR for GenAI →

Digital Forensics and Incident Response

Continuous Threat Exposure Management (CTEM)

PLATFORM, PEOPLE AND RESPONSE

Security Operations Center (SOC)

Extended Detection and Response (XDR)

Technology Integrations

Threat Response Unit (TRU)

Cyber Resilience Team

Response and Remediation

MDR Packages and 24/7 Protection

MDR Pricing and Packages

Atlas Essentials

Atlas Advanced

Atlas Complete

24/7 Coverage

Endpoint

Network

Log

Cloud

Identity

INDUSTRIES

Insurance

Construction

Finance

Legal

Manufacturing

Private Equity

Healthcare

Retail

Food Supply

Government and Education

Automotive Dealerships

USE CASES

Ransomware

Cybersecurity Compliance

Zero Day Attacks

Cloud Misconfiguration

Third-Party Risk

Do More With Less

Cyber Risk

Cyber Insurance

Sensitive Data Security

Security Leadership

Cyber Threat Intelligence

From The Blog

The Long and Short(cut) of It: KoiLoader Analysis

From Access to Encryption: Dissecting Hunters International's Latest…

eSentire and Qylis Form Strategic Partnership to Deliver Compliant…

Resources

Case Studies

TRU Intelligence Center

Cybersecurity Tools

Videos

Reports

Webinars

Data Sheets

Real vs. Fake MDR

Compare MDR Vendors

Blogs

Security Advisories

SECURITY ADVISORIES

CrushFTP Authentication Bypass

Critical Next.js Vulnerability (CVE-2025-29927)