Attackers always seek the easiest path to get into our systems and compromise data. System misconfigurations and insecure default settings are often the criminals’ favorite vectors since these errors allow them easy access to critical systems and data.
Source: Tripwire – The State of Security