The Cyber Threat Perspective (replay) Common Pentest Findings That Shouldn't Exist in 2025
Oct 10, 2025
Tyler Roberts, an offensive security practitioner, sheds light on critical pentest findings still plaguing organizations in 2025. Discussion covers the alarming persistence of weak passwords, risks from corporate emails used for third-party signups, and the dangers of plaintext credentials on file shares. Tyler emphasizes the importance of updating outdated TLS protocols and tackling local admin password reuse. The conversation also highlights vulnerabilities in on-prem Exchange systems and the need for better control over public-facing protocols. This is a must-listen for anyone in IT security!
AI Snips
Chapters
Transcript
Episode notes
Ban Weak And Reused Passwords
- Enforce banned password lists and block known-bad credentials in Entra or AD to stop weak/reused passwords.
- Use Lithnet AD Password Protection or SpecOps for on-prem AD and enable Entra password blacklist for cloud accounts.
Stop Using Corporate Emails For Consumer Apps
- Avoid signing up for third-party consumer services with corporate emails to reduce leaked credentials from unrelated breaches.
- Detect shadow SaaS by scanning email gateways and using Defender for Cloud Apps or content-filtering tools.
Audit File Shares And Enforce Least Privilege
- Regularly audit file shares and enforce least-privilege ACLs using security groups for share access.
- Educate users where to store secrets and remove broad read access to prevent plaintext credentials exposure.