Stopping lateral movement in enterprise networks is key to preventing breaches. Protect credentials, use MFA, segment networks, and monitor with EDR tools. Learn more in our comprehensive guide: https://redteamnews.com/blue-team/preventing-lateral-movement-in-enterprise-networks-a-comprehensive-guide #Cybersecurity #LateralMovement

Saturday #blueteam pondering -

Are lateral movement and privilege escalation two distinct concepts?

What is lateral movement really?
Have access here.
Want access over there.
Do things to exploit weakness.
Get access over there.
Lateral movement has happened.

This story is access centric.

Except, in common parlance:
. lateral movement is network centric.
. privilege escalation is access centric.

Gestalt for me: trouble comes when:
user account scope-of-access =
network-reach scope-of-access

Trying to illustrate -
What onwards value is domain admin on a member host without effective interactive network-reach to a DC? i.e. effective onwards network-reach scope-of-access is unavailable to other hosts.

In other words, achieving privilege escalation on a member host is little, when onwards network-reach scope-of-access does not include other hosts on the private network.

Scope-of-access is the key conceptual distinction for both account-level and network-level access.

Account scope-of-access is a long used concept, perhaps a little out of favour.

There are degrees of onwards network-reach. Necessary network connections between member hosts and DCs does not immediately equate to material scope-of-access.

I reckon ‘network-reach scope-of-access’ is a handy phrase. Perhaps it explicitly surfaces a concept in common use with graph theory modeling of attack paths?

Thoughts?

#blueteam
#lateralmovement #privelege_escalation
#mitre #mitreattack #mitreattck
#activedirectory
#infosec #cybersecurity

Lateral Movement Analysis: Using Chainsaw, Hayabusa, and LogParser for Cybersecurity Investigations: https://medium.com/@cyberengage.org/lateral-movement-analysis-using-chainsaw-hayabusa-and-logparser-for-cybersecurity-investigations-b927843bd8d4

#lateralmovement #incidentresponse

Hey, ich habe gestern meine erste Windows-Kiste gehackt, habe mir auf drei verschiedene Weisen Adminrechte erschlichen und diese dann auch ausgenutzt, um aus der Ferne einen weiteren Rechner zu kapern.

Tolles Gefühl, die ganzen theoretischen Wissensschnipsel mal zusammenzuführen und "praktisch" einsetzen zu können 😎

(Cooler #PrivilegeEscalation- und #LateralMovement-Workshop. Danke Markus!)

Recently used a new #dfir #incidentresponse tool:

https://github.com/cgosec/Blauhaunt

It's awesome at identifying #lateralmovement

Uptycs provides a practical example of how attackers can exploit RCE vulnerabilities to not only gain unauthorized access to cloud instances but also to move laterally within the environment, amplifying the potential damage. Tools such as Nmap and Metasploit become critical in these exploits, enabling attackers to discover vulnerabilities and execute code that grants them deep access to cloud infrastructure. 🔗 https://www.uptycs.com/blog/remote-code-execution-aws-cloud-security

#cloud #RCE #vulnerability #lateralmovement

How to prevent lateral movement techniques on Google Cloud: https://cloud.google.com/blog/products/identity-security/how-to-prevent-lateral-movement-techniques-on-google-cloud

#gcp #lateralmovement #prevention

Navigating the Cloud: Exploring Lateral Movement Techniques: https://unit42.paloaltonetworks.com/cloud-lateral-movement-techniques/

#cloudsecurity #lateralmovement

Lateral movement is a technique where attackers exploit compromised credentials or vulnerabilities to traverse a network, seeking valuable information and escalating their privileges.

Learn how Microsoft Defender for Identity can help with detection and prevention of lateral movement in my today's blog post https://www.cswrld.com/2024/01/lateral-movement-path-detection-in-microsoft-defender-for-identity/

#cybersecurity #tips #mdi #lateralmovement #privilegeescalation

Lateral Movement and Pivoting - I have just completed this room! Check it out: https://tryhackme.com/room/lateralmovementandpivoting #tryhackme #redteam #lateralmovement #pivoting #windows #pass-the-hash #pass-the-ticket #overpass-the-hash #AD #lateralmovementandpivoting via @RealTryHackMe

𝗗𝗲𝗳𝗲𝗻𝗱𝗶𝗻𝗴 𝗻𝗲𝘄 𝘃𝗲𝗰𝘁𝗼𝗿𝘀: 𝗧𝗵𝗿𝗲𝗮𝘁 𝗮𝗰𝘁𝗼𝗿𝘀 𝗮𝘁𝘁𝗲𝗺𝗽𝘁 𝗦𝗤𝗟 𝗦𝗲𝗿𝘃𝗲𝗿 𝘁𝗼 𝗰𝗹𝗼𝘂𝗱 𝗹𝗮𝘁𝗲𝗿𝗮𝗹 𝗺𝗼𝘃𝗲𝗺𝗲𝗻𝘁

Nice write-up by Microsoft security researchers about new campaign where attackers attempted to move laterally to a cloud environment through a SQL Server instance.

Attackers are now attempting to move laterally into cloud environments via SQL Server instances—a method previously seen in VMs and Kubernetes clusters but not in SQL Server.

https://www.microsoft.com/en-us/security/blog/2023/10/03/defending-new-vectors-threat-actors-attempt-sql-server-to-cloud-lateral-movement/

#microsoft #microsoftsecurity #securityresearch #azure #SQL #cloudlateralmovement #lateralmovement #cloudsecurity #cloudnative #cybersecurity #soc #defenderforcloud #defenderforendpoint #mde #xdr #edr #defenderforsql #soc

ALL about OSCP Pivoting| AD Lateral Movement | ligolo-ng, chisel, sshuttle: https://systemweakness.com/everything-about-pivoting-oscp-active-directory-lateral-movement-6ed34faa08a2

#oscp #osep #lateralmovement #pivoting #tunnelling

Lateral movement: A conceptual overview: https://diablohorn.com/2023/08/22/lateral-movement-a-conceptual-overview/

#lateralmovement #cybersecurity #offensivesecurity

Explanation on RBCD attack: https://www.r-tec.net/r-tec-blog-resource-based-constrained-delegation.html

#activedirectory #lateralmovement #privilegeescalation

#SIMswapping is still a very real thing. Now, it's being used to bypass defense and detection methods within #Azure to gain full #administrative access for #Windows #VirtualMachines. This is pretty advanced, but it's still a big danger. #UNC3944 https://www.scmagazine.com/news/cloud-security/threat-actor-bypasses-detection-protections-in-microsoft-azure-serial-console?external_id=HBwZ-n4B490LDY0Z-dKj&external_id_source=mrkto&mkt_tok=MTg4LVVOWi02NjAAAAGLzUgAlV_uPRm28W067Sf5RayoZQN17Xrk53YEG17z3Gl_7qKsu2bjdUUW2CRUpserJQgXmMB46ieb_G5KrSlLHQGWs_K0TtXaXsrlmIPgkg

#Hacking #ThreatIntelligence #InitialAccess #LateralMovement #Persistence #Cloud #CloudAttackSurface

Maximizing Your Security: Utilizing Windows Firewall to Reduce Risk

#cyber #exploit #firewall #incident #lateralmovement #malware #password #protect #vpn

https://redbeardsec.com/maximizing-your-security-utilizing-windows-firewall-to-reduce-risk

A rich #training #offer at BSides Milano we have top-notch trainings, in some case for the first time in #Italy! All #in-person! The #event will be held from 4 to 8 July 2023. From 4 to 7 we will be focus on #learnitall on the 8 we will deep dive in our #amazing #conference. Ticket will be available from tonight for the trainings. We have an early bird rate until 30th April.
Are you ready? We are!! join our group SecurityBsidesItalia #linkedin or on #discord https://lnkd.in/dBu7wkJG for detailed info! #cyber #threatintelligence #threatintel #cloud #redteaming #redteam #blueteam #threathunting #exploitation #secureboot #TTE #multicloud #hybridcloud #voip #Linux #Windows #LTE #baseband #deception #detection #evasion #edr #BSML23 #AWS #Azure #AzureAD #GCP #devops #cicd #RTOS #FalseFlag #HoneyNet #IDAPro #Python #reverseengineering #Ghidra #network #MITRE #TTPs #persistence #commandandcontrol #lateralmovement #osint #obfuscation #malware #malwareanalysis .
Reserve your your spot!! https://lnkd.in/dZf-yyPv

PonyFinal Ransomware Targets Enterprise Servers Then Bides Its Time - Microsoft has warned on a new breed of patient ransomware attacks that lurk in networks for weeks ... more: https://threatpost.com/ponyfinal-ransomware-enterprise-servers/156083/ #enterpriseservers #vulnerabilities #credentialtheft #lateralmovement #malwareanalysis #humanoperated #websecurity #ransomware #ponyfinal #malware

Some SSH port forwarding tool using native PowerShell (can be used with Empire) https://github.com/fridgehead/Powershell-SSHTools #redteam #windows #lateralmovement