Blog | LMG Security

Filter Results

Featured Blog

No Exploits Needed: Using Cisco’s Own Features to Extract Credentials

During a routine internal penetration test, we used nothing more than default settings and built-in router functionality to extract the running configuration from a Cisco device—no credentials required. The result? Access to password hashes, SNMP secrets, and infrastructure details that could enable full network compromise. This isn’t a story about zero-days—it’s a warning about what […]

LMG Security Blog

Filter Results

Monthly Newsletter

No Exploits Needed: Using Cisco’s Own Features to Extract Credentials

Beyond Passwords: Transitioning to Passwordless Authentication Solutions

7 Network Segmentation Best Practices That Stop Malware’s Lateral Spread

Top Cybersecurity Control for Q4 2023: Penetration Testing

Double Trouble: Understanding Two Cisco Zero Day Vulnerabilities & Guide to Zero Day Attack Response

Social Engineering Scams: Cross-Tenant Impersonation Attacks, Voice Cloning Risks, and More

M365 Security: Leveraging CIS Standards for Optimal Security and Advanced Threat Mitigation

AWS Security Best Practices Checklist

2023 MGM Breach: A Wake-Up Call for Better Social Engineering Training for Employees

How to Reduce Web App and Cloud Application Security Risks

Governance, Supply Chain, & Risk Management, Oh My! Understanding the New NIST CSF 2.0 Draft Guideline Changes

Understanding Email Authentication Protocols: A Technical Overview of SPF, DKIM and DMARC With Configuration Tips

Planning Your Annual Pentest: A Checklist of Penetration Testing Best Practices