Episode 107: How To Defend Against Lateral Movement

In this episode, Spencer and Brad dive into lateral movement, discussing various techniques like RDP, RATs, Impacket tools, PsExec, PTH, PTT, and PowerShell Remoting. They explain how attackers use these methods to gain unauthorized access, evade detection, and enable malicious activities. They also discuss precursors to lateral movement and strategies to restrict it, such as least privilege access, network segmentation, and monitoring. The podcast emphasizes the importance of understanding lateral movement and implementing comprehensive security measures to mitigate these threats.

Resources

• https://www.reddit.com/r/cybersecurity/comments/1ellylu/what_lateral_attacks_have_you_been_seeing/
• The DFIR Report
• Lateral Movement, Tactic TA0008 - Enterprise | MITRE ATT&CK®

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Follow Spencer on social ⬇
Spencer's Links: https://go.spenceralessi.com/mylinks

Work with Us: https://securit360.com