When it comes to cybersecurity incidents, one rarely sees just a single computer getting compromised. These days, most threat actors focus on networks and big companies instead of standalone computers and home users. So, how do bad actors compromise large networks of computers?
Typically, once threat actors acquire an initial foothold to a target network—via an RDP brute force attack, exploiting public-facing application, or by luring an employee with an effective phishing email—they try to move. Essentially, they move laterally.
In this whitepaper, which is a continuation of Belkasoft's Digital Incident Response series, we will review the most common technique adversaries use for lateral movement and show you how Belkasoft Evidence Center X (Belkasoft X) helps incident responders in uncovering them.