Lateral-Movement

A supply chain attack occurs when threat actors compromise a trusted vendor, software provider, or service to gain indirect access to downstream customers. This SECMONS glossary entry explains how supply chain attacks work, common techniques, and how defenders should reduce third-party risk.

Analysis of lateral movement techniques used in 2026, including attacker behaviors, internal spread strategies, and exploitation patterns.

Analysis of post-exploitation techniques in 2026, including lateral movement, privilege escalation, and stealth persistence methods used by attackers.

Practical guide to detecting lateral movement, including behavioral indicators, monitoring strategies, and real-world detection challenges.

In-depth explanation of attack path analysis, how attackers move through environments, and how organizations can identify and reduce exploitable paths.

Detailed explanation of lateral movement, how attackers expand access inside environments, and why it is critical in modern multi-stage attacks.

LockBit is a ransomware-as-a-service (RaaS) ecosystem responsible for widespread double-extortion campaigns targeting enterprise, government, and critical infrastructure organizations. This profile provides structured analysis of LockBit’s operational model, techniques, and defensive implications.

APT29 (also tracked as Cozy Bear and NOBELIUM) is a widely reported espionage-focused threat actor associated with long-term, stealthy intrusion campaigns. This SECMONS profile summarizes publicly documented targeting patterns, techniques, and defensive implications.

FIN7 is a financially motivated intrusion group publicly linked to large-scale payment card theft, enterprise compromise campaigns, and later ransomware operations. This SECMONS profile summarizes verified targeting patterns, techniques, and defensive implications.

Ryuk is a targeted ransomware strain publicly associated with high-impact enterprise intrusions, often deployed following credential theft and lateral movement. This SECMONS profile provides structured analysis of Ryuk’s operational patterns, ecosystem relationships, and defensive implications.

Technical explanation of lateral movement, an attack technique used by threat actors to expand access across enterprise networks after initial compromise.