lateral movement

File Integrity Monitoring (FIM): Your Friendly Network Detective Control

| | APT, File Integrity Monitoring, File Integrity Monitoring (FIM), intrusion detection, lateral movement
Lateral movement is one of the most consequential types of network activity for which organizations need to be on the lookout. After arriving at the network, the attacker keeps ongoing access by ...
The State of Security

Red Flag Alert: Service Accounts Performing Interactive Logins

| | Active Directory, black hat, Credential Compromise, insider threat, lateral movement, passwords, Privileged Accounts, Stealthy Admin
In the world of account security, we often focus on end user accounts as the weak vector vulnerable to attackers. On the contrary, we at Preempt see something that happens just as ...
Preempt Blog

What State-Sponsored Attacks Can Teach Us About Conditional Access

| | Attack Tools, Conditional Access, Credential Compromise, Hacking, lateral movement, NTLM, Privileged Accounts, Ransomware
People often think that state-sponsored attacks from groups like Lazarus (North Korea), Fancy Bear (Russia) or menuPass (China) only target public federal organizations in Western nations like the U.S. This is simply ...
Preempt Blog
What is the MITRE ATT&CK™ Framework?

The MITRE ATT&CK Framework: Lateral Movement

| | ATT&CK, Featured Articles, lateral movement, MITRE, MITRE Framework
It will be rare that an attacker exploits a single system and does not attempt any lateral movement within the network. Even ransomware that typically targets a single system at a time ...
The State of Security
Highly Targeted Ransomware SamSam Earned Its Creator $6 Million

Highly Targeted Ransomware SamSam Earned Its Creator $6 Million

| | Data encryption, lateral movement, ransom payment, Ransomware, samsam, Targeted Attack
A ransomware threat called SamSam that’s known for crippling IT systems in hospitals, schools and government organizations has made many more victims than previously believed. Security researchers from Sophos worked with cryptocurrency ...
Security Boulevard
Fake WhatsApp on Google Play Shows How Easy Users Can Be Tricked

Fake WhatsApp on Google Play Shows How Easy Users Can Be Tricked

| | adware, android malware, Cridex, Emotet, fake application, information stealer, information theft, keylogging, lateral movement, Malware, Qakbot, Qbot, rogue app, trojan, WhatsApp
Google removed a rogue version of the WhatsApp Messenger application from Google Play that had been installed by more than 1 million people. A subsequent search by users and researchers revealed that ...
New Trojan 'Silence' Uses Stealth to Attack Banks

New Trojan ‘Silence’ Uses Stealth to Attack Banks

| | activity monitoring, bank, business email compromise, Carbanak, financial organization, infrastructure compromise, lateral movement, Malware, Silence, trojan
Security researchers have discovered a new attack against financial organizations, in which hackers break into their infrastructure and stay lurking for months to learn their internal procedures before starting to steal money ...
Bad Rabbit Ransomware Highlights Perils of Poor Network Management

Bad Rabbit Ransomware Highlights Perils of Poor Network Management

| | Bad Rabbit, Equation, kaspersky, lateral movement, network management, NotPetya, nsa, Ransomware, smb
Companies in Russia and Eastern Europe have been battling a new ransomware outbreak since Tuesday that security researchers have dubbed Bad Rabbit. The malware can spread to Windows systems over local networks ...