Security Hot Takes: Near-Neighbor TTPs
The Nearest Neighbor Attack is a newly documented Initial Access TTP in which an attacker compromises a physically nearby, unrelated network, activates a Wi-Fi interface on a host within...
The Nearest Neighbor Attack is a novel tactic, technique, and procedure (TTP) in which an attacker gains remote access to a target network without ever directly touching that network's own perimeter defenses. Instead, the attacker first compromises a different organization's network that happens to be in close physical proximity to the real target — for example, a neighboring business, a nearby residential network, or any other network within Wi-Fi range of the target's building.
Once inside that neighboring network, the attacker activates a Wi-Fi interface on a compromised host and uses it to scan for nearby wireless networks. The compromised, physically-adjacent network then acts as a pivot point: because it is within radio range of the actual target, the attacker can wirelessly connect from that pivot host directly into the target's Wi-Fi network, all without needing to be physically present near the target building themselves and without needing valid remote-access credentials to the target's VPN or public-facing infrastructure.
This matters because it sidesteps an entire category of defenses that organizations typically invest in most heavily — perimeter and remote-access con...
Sign in to read this course
A free account unlocks all 514 courses. 20 are readable without one.
What's inside
3 sections- 1 Table of Contents
- 2 Module 1: The Nearest Neighbor Attack
- 3 Summary
More Security Hot Takes & Threat Intel courses
View all 21Hot Takes: Inside a Microsoft Ransomware Attack
The Marks & Spencer incident is a textbook example of how modern ransomware operations succeed by targeting identity infrastructure and virtualization hosts rather than individual endpoin...
IT Security Champion: Cyber Threat Intel and Emerging Threats
Security is everyone's job — not solely the responsibility of the security department. Adopting a security culture and a security mindset is the foundation of being an effective IT securi...
Security Hot Takes: The LastPass Breach
The LastPass breach is actually two distinct but connected security incidents, separated by several months, with confusing and inconsistent public communication from the company throughou...
Sandworm: Application Layer Protocol and Web Emulation
Command and control is the connective tissue of nearly every intrusion that progresses beyond initial access — without it, an attacker cannot issue commands, move laterally, or exfiltrate...
Security Hot Takes: SBOMs
security · hot · takes · sboms · threat · intel · networking · systems · sbom · bills · materials · concept · debate · mandate · software.
Security Hot Takes: The Aliquippa Water Breach
The Aliquippa Water Authority breach is a case study in how a basic, avoidable systems-integration failure — not a sophisticated exploit — can expose critical infrastructure to compromise...
Interested in this course?
Contact us to book it or get a custom training plan for your team.