Many routers that are offered for resale contain sensitive corporate information and allow third-party connections to corporate networks
Did you mistakenly sell access to your network when you sold a decommissioned router? Recently, ESET researchers purchased several used core routers to set up a test environment, only to find that, in many cases, the previously used configurations had not been wiped and that the devices still contained trivially accessible sensitive corporate information. The researchers went on to carry out a more extensive test and eventually described their findings in a research paper that was published this week and will also be presented at the upcoming RSA Conference.
Watch the video to find out more. The team’s findings are also available here: Discarded, not destroyed: Old routers reveal corporate secrets