Security News > 2020 > April > Atlassian issues advice on how to keep your IT service desk secure... after hundreds of portals found facing the internet amid virus lockdown

Atlassian issues advice on how to keep your IT service desk secure... after hundreds of portals found facing the internet amid virus lockdown
2020-04-07 07:07

Inti De Ceukelaire of bug-bounty platform Intigriti claimed earlier this month hundreds of corporate service portals have been exposed to the internet, a 12 per cent increase since he scanned the internet for them last summer - an increase the COVID-19 crisis may have contributed to.

As a proof of concept, De Ceukelaire targeted a set of corporate Atlassian service desk portals he found facing the internet.

Either way, organizations should absolutely audit their now-public-facing internal portals to determine if they are secure, and whether they can be abused by strangers on the other side of the internet.

"The fix really depends on how you use your service desk," he said, "e.g. you may associate incoming emails from external users with new user accounts, but don't want to give them access to the portal, or you may want to give them access, but only to a few portals and not the internal ones."

Following the publication of De Ceukelaire's findings, Atlassian has issued guidelines for customers on how to secure their service desk portals.


News URL

https://go.theregister.co.uk/feed/www.theregister.co.uk/2020/04/07/servicedesk_security_advisory/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Atlassian 58 3 259 104 46 412