Tired of seeing the same security issues crop up year after year? In this episode, the team highlights common pentest findings that should have no place in your environment in 2025—and exactly why they’re still showing up.
– Why weak and reused passwords continue to threaten organizations, even with modern controls in place
– Persistent problems with credentials being stored on file shares and tips for mitigating them
– The dangers of legacy protocols (like outdated TLS/SSL and public-facing insecure services) still exposed to the internet
– How external services and third-party signups with corporate emails fuel credential leaks
– The critical importance of deploying EDR on all hosts and why missing coverage can be a game changer for attackers
Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov
Follow Spencer on social ⬇
Spencer’s Links: https://go.spenceralessi.com/mylinks
Work with Us: https://securit360.com