Security news aggregator

Latest coverage for Lateral Movement

Lateral movement lets attackers reach more systems after entry; network segmentation, least privilege, and monitoring can limit its impact.

8 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Lateral movement is an attacker’s progress from an initially compromised device or account to other systems, accounts, or network segments. It commonly uses stolen credentials, remote administration services, shared drives, exposed management interfaces, or vulnerabilities. The objective may be to reach higher-value assets, obtain greater privileges, or establish access that supports data theft or disruption. Because these actions can resemble normal administration, a single endpoint compromise can become a broader intrusion without clear perimeter breaches.

The most relevant defenses limit both reach and credential reuse: segment networks and sensitive environments, apply least privilege, require strong authentication for administrative access, and remove unnecessary remote services. Monitor authentication patterns, new administrative relationships, unusual remote execution, and access between systems that rarely communicate; correlate these signals with endpoint and identity telemetry. Rapidly disabling compromised accounts, isolating affected hosts, and rotating exposed credentials can contain movement, while vulnerability management reduces exploitable paths that bypass authentication.

Volume over time

Weekly headline count for the current query.

Showing 8 most recent headlines Filtered view

CISA: Iran-Linked Groups Actively Exploiting OT Exposure Risks, PLC ProgrammersFederal agencies are warning that Iranian-linked actors have begun actively exploiting internet-facing PLCs and misconfigured OT systems across U.S. critical infrastructure, enabling network access, lateral movement and potential disruption amid rising geopolitical tensions.

Series C Funding Round Focuses on Secrets Remediation, Agent Governance ExpansionBacked by a $50 million Series C, GitGuardian plans to accelerate U.S. expansion and enhance secrets detection remediation and non-human identity controls as AI agents multiply across enterprises, increasing exposure to credential abuse and lateral movement.

Bank Info Security 8 months, 1 week ago

Why Microsegmentation Is Just a Dream for Many IT Teams

Audit Issues, Policy Debt and Limited Project Scope Are Hampering AdoptionMicrosegmentation has long been touted as the gold standard for restricting lateral movement by hackers. It helps lock down network traffic and reduces the blast radius of a breach. Vendors say it's transformative, but if you walk into most large enterprises, you'll will find it half-implemented.

CrowdStrike's Adam Meyers on Cybercriminals Moving From Endpoints to Softer TargetsWith EDR making it difficult for cybercriminal to carry out attacks, they are now shifting focus to exploit vulnerabilities in compromised identities and unmanaged devices to move laterally across organizations, said Adam Meyers, senior vice president of counter adversary operations at CrowdStrike.

Bank Info Security 2 years, 3 months ago

Zscaler Buys Airgap Networks to Fuel Segmentation in IoT, OT

Deal Will Thwart Lateral Movement of Malicious Traffic Inside of Corporate NetworksZscaler purchased an agentless segmentation startup founded by longtime Juniper Networks executives to dynamically control access to critical infrastructure based on identity and context. Acquiring Airgap Networks will prevent sophisticated threats from moving laterally within IoT or OT devices.