Are you guilty of any of these mistakes in your pen-tests? Maybe you've never done these before and now you'll forever remember these as things to avoid when running any future penetration tests.
1. Improperly disposed network gear
It’s surprising how often there are still configurations on network gear after disposal. This is putting your company at risk beyond their lifespan.
2. Devices with easily guessed SNMP community strings
Easily guessable SNMP community strings hive bad actors the ability to manipulate networks at the most fundamental level.
3. IT person debris
Issues arise when VMs aren’t properly managed or retired. Therefore, one can find default credentials and more, to access the database.
4. Multi-function printers
Oftentimes, the vendors who install these machines don’t coordinate with internal IT members. The result is being left with easily Googleable default credentials and access to privileged account information.