403-269-6123|info@auraadvanced.com

Cloud Services & Data Centre
- Infrastructure as a Service (IaaS)
  
  On-demand compute resources, robust security at a predictable cost that meet regulatory requirements.
- Backup as a Service (Baas)
  
  Flexible, reliable and affordable data protection solutions to keep your business running.
- Object Storage as a Service (S3aaS)
  
  Object-based storage provides a cost-effective, scalable, and durable storage solution for substantial amounts of data.
- Colocation Services
  
  Colocation services to comply with your business requirements for space, power, connectivity, and security.
- Azure Cloud Services
  
  Strategize, Design and Optimize your successful journey to the cloud. Take full advantage of the cloud’s agility, scalability, and flexibility.
Data Protection & Security
- Backup and Recovery
  
  Modern data protection is the foundation for business innovation.
- Object Storage
  
  Data is moving to object storage. Make sure you don’t get left behind.
- Cyberstorage Protection
  
  Actively defend your primary file data from ransomware, malicious insiders, and advanced persistent threats in real-time.
Technology Strategy & Advisory
- Cloud Advisory & Digital Transformation
  
  A resilient, agile digital strategy is critical to creating business value and achieving growth objectives.
- Cyber-Resiliency Planning
  
  Be able to anticipate, withstand, recover from and adapt to adverse conditions, stresses, attacks or compromises.
- Business Continuity Planning
  
  Our business continuity and disaster recovery strategies offer a high level of protection against any eventuality – before, during and after it happens.
Business Solutions & Services
- Modern Workplace
  
  Position your business to maintain a competitive edge in an increasingly connected world.
- Internet & Network
  
  Enhance your business operations through secure reliable connections.
- Managed IT Services
  
  Our helpdesk services allow you to focus on your business and improve employee productivity.
- Cyber Security Solutions
  
  Managed Cyber Security solutions prepare for the worst so you can be at your best.

Lateral Movement and the MERCURY Threat

Home » Lateral Movement and the MERCURY Threat

Have you ever heard of lateral movement? If not, it’s important to understand this concept and how it can impact your IT security. Lateral movement occurs when an attacker has compromised one device or system in a network and uses that compromise as a springboard to get into other devices or systems. For example, the MERCURY threat actor recently used lateral movement to spread ransomware throughout a target network.

The MERCURY attack started with the exploitation of the log4j vulnerability, followed by establishing persistence and then a slow spread of lateral movement throughout the network. The attacker used group policy objects to interfere with security tools and then to distribute ransomware via the NETLOGON shares on Active Directory domain controllers. Once they were solidly established in the network, they followed two related plans of attack: one against on-premises resources and one against Azure.

Although Microsoft didn’t say so, it’s hard to escape the conclusion that there was no anti-malware scanning deployed inside the network, and that controls on GPOs (including auditing and monitoring) were relatively weak. To protect against similar attacks, it’s important to ensure that you have adequate protection for your domain controllers and GPOs, audit which accounts have global admin permission in your Microsoft 365 estate, and apply MFA to all privileged accounts. Monitoring for unusual activity on the Azure AD connector and AD DS connector accounts can also help protect your network.

At Aura Advanced Technologies, we offer top-notch IT services and solutions to help secure your IT environment. Don’t wait until it’s too late to protect your organization from lateral movement attacks. Contact us today to learn more about our IT services and solutions and how we can help safeguard your network.

Lateral Movement and the MERCURY Threat

TechSavvyResearcher2023-04-12T11:39:13-06:00April 12, 2023|0 Comments

Have you ever heard of lateral movement? If not, it's important to understand this concept and how it can impact your IT security. Lateral movement occurs when an attacker has compromised one device or system [...]

Benefits of Private and Edge Computing

TechSavvyResearcher2023-04-05T20:02:39-06:00April 5, 2023|0 Comments

The world of computing has evolved significantly over the past few years. With the advent of cloud computing and edge computing, organizations have been able to leverage advanced technologies to boost their productivity, efficiency, and [...]

What Is Infrastructure-As-A-Service and Do You Need It

TechSavvyResearcher2022-11-28T14:06:41-07:00November 24, 2022|0 Comments

As the digital revolution continues to grow and penetrate various parts of a business, many companies, regardless of size, struggle to meet the need for more affordable, secure, and scalable infrastructures. This can seriously affect [...]

Why Should You Backup Your Business Data__ A Guide

TechSavvyResearcher2022-11-21T10:43:15-07:00November 17, 2022|0 Comments

Backing up business data is critical to any organization in order to protect against data loss. In particular, backing up your website is important in case your website crashes or something goes wrong with it. [...]

Infrastructure as a Service & Why Your Business Needs It

TechSavvyResearcher2022-11-28T14:04:58-07:00November 11, 2022|0 Comments

As businesses increasingly move their operations and data online, the need for reliable and scalable infrastructure services has never been greater. Infrastructure as a Service (IaaS) is a type of cloud computing that provides businesses [...]

5 Benefits of Investing in Data Backup and Recovery

TechSavvyResearcher2022-11-04T11:34:28-06:00November 4, 2022|0 Comments

In today's world, data is power. Organizations generate a lot of data, which needs to be protected from loss. Businesses hold critical data which needs to be safeguarded. Without the proper data recovery and backup [...]