Cyberside Chats: Cybersecurity Insights from the Experts
 

Cyberside Chats: Cybersecurity Insights from the Experts

https://www.chatcyberside.com/feed.xml

643

Downloads

22

Episodes

Stay ahead of the latest cybersecurity trends with Cyberside Chats—your go-to cybersecurity podcast for breaking news, emerging threats, and actionable solutions. Whether you’re a cybersecurity pro or an executive who wants to understand how to protect your organization, cybersecurity experts Sherri Davidoff and Matt Durrin will help you understand and proactively prepare for today’s top cybersecurity threats, AI-driven attack and defense strategies, and more!

Episodes

How Hackers Get In: Penetration Testing Secrets from the Front Line

4 days ago

4 days ago

Think your network is locked down? Think again. In this episode of Cyberside Chats, we’re joined by Tom Pohl, LMG Security’s head of penetration testing, whose team routinely gains domain admin access in over 90% of their engagements. How do they do it—and more importantly, how can you stop real attackers from doing the same? 

Tom shares the most common weak points his team exploits, from insecure default Active Directory settings to overlooked misconfigurations that persist in even the most mature environments. We’ll break down how features like SMB signing, legacy broadcast protocols, and other out-of-the-box settings designed for ease, not security, can quietly open the door for attackers—and what security leaders can do today to shut those doors for good. 

Whether you're preparing for your next pentest or hardening your infrastructure against advanced threats, this is a must-watch for CISOs, IT leaders, and anyone responsible for securing Windows networks. 

 

Takeaways: 

  1. Eliminate Default Credentials: Regularly audit and replace default logins on network-connected devices, including UPS units, printers, cameras, and other infrastructure. 
  2. Harden AD Certificate Services: Review certificate template permissions and AD CS configurations to block known exploitation paths that enable privilege escalation. 
  3. Enforce SMB Signing Everywhere: Enable and enforce both client and server SMB signing via Group Policy to prevent authentication relay attacks. 
  4. Clean Up File Shares: Scan internal shares for exposed passwords, scripts, and sensitive data, then implement role-based access control by locking down permissions and eliminating unnecessary access.  
  5. Disable Legacy Protocols: Turn off LLMNR, NetBIOS, and similar legacy protocols to reduce the risk of spoofing and name service poisoning attacks. 

 

References: 

“Critical Windows Server 2025 DMSA Vulnerability Exposes Enterprises to Domain Compromise” (The Hacker News) 

https://thehackernews.com/2025/05/critical-windows-server-2025-dmsa.html 

“Russian GRU Cyber Actors Targeting Western Logistics Entities and Tech Companies” (CISA Alert) 

https://www.cisa.gov/news-events/alerts/2025/05/21/russian-gru-cyber-actors-targeting-western-logistics-entities-and-tech-companies 

LMG Security – Penetration Testing Services (Identify weaknesses before attackers do) 

https://www.lmgsecurity.com/services/penetration-testing/ 

Comment (0)

No comments yet. Be the first to say something!

Copyright 2024 All rights reserved.

Version: 20241125