Common Flaws Discovered in Penetration Tests Persist

Brute forcing accounts with weak and guessable passwords, and exploitation using the EternalBlue vulnerability remain among the top 10 findings in penetration tests.

According to research by Lares, the most frequently encountered vulnerabilities and attack vectors during engagements in the past six months have remained exactly the same as in it's previous report, which came out in July last year.

Its latest report analyzed the similarities between hundreds of engagements throughout 2019 and the following list represents the most frequently observed penetration test findings encountered:

Brute forcing accounts with weak and guessable passwords
Kerberoasting
Excessive file system permissions
WannaCry/EternalBlue
WMI lateral movement
Inadequate network segmentation
Inappropriate access control
Post-exercise defensive control tuning
Malicious multi-factor enrolment or MFA bypass
Phish-in-the-Middle (PiTM)

In an email to Infosecurity, Lares COO Andrew Hay said that a mix of the top findings are seen in “nearly every engagement.” He said: “Our analysis concludes that regardless of industry or vertical, these findings are evident in most environments we assess.”

Hay also confirmed that the top five findings are still prevalent, whilst implementations of the bottom five were described as “inadequate, inappropriate and ineffective.” Hay added that “those controls were either partially implemented but not tuned correctly, improperly implemented and not correctly hardened during initial deployment, or insufficiently monitored when the control capability exists.”

The fourth finding was unpatched instances of MS17-010, which enabled the WannaCry and NotPetya attacks of 2017. Lares said that despite this v ..

Support the originator by clicking the read the rest link below.