In this post, I’m going to discuss common misconfigurations that I’ve seen in environments that deployed Cisco phones. Since the pandemic made us shift to working from home, many of our common man-in-the-middle (MitM) attacks were neutralized due to a lack of adjacent clients. Usually, the first task of an Internal Penetration Test is to try and gain access to a low-privileged account.
Instead of designing and troubleshooting networks, now I get to break into them to test their strength. I did, however, get to see my share of networks that used Cisco phone systems.
My work wasn’t directly with the phone systems, but it was usually in an adjacent field like route/switch and security. I spent my early IT career working for a Cisco partner that specialized in Cisco phone systems.
By Justin Bollinger in Penetration Testing, Red Team Adversarial Attack Simulation, Security Testing & Analysis, Social Engineering 1.1 Intro
0 kommentar(er)
