Security Best Practice Guidance to Disrupt Lateral MovementCredential harvesting and reuse in the form of lateral movement within a domain is a well-known technique amongst security defenders and hackers alike. Recently, we have seen new threats building on these age old tactics to build new sophisticated multi-threaded pieces of automation that present greater risks to customers once a piece of malware compromises a host on a network. Based on these learnings from these incidents, we want to highlight a few resources to help customers prevent or disrupt credential harvesting and lateral movement. As always, we recommend customers install the latest updates available, but as evidenced in the latest incidents, a defense-in-depth strategy is the best protection against modern malware. Protecting against stealing credentials or re-using active sessions:
Execution of Payloads
|
Security Information | Alliances |