Atlassian issues advice on how to keep your IT service desk secure... after hundreds of portals found facing the internet amid virus lockdown

Atlassian issues advice on how to keep your IT service desk secure... after hundreds of portals found facing the internet amid virus lockdown

2020-04-07 07:07

Inti De Ceukelaire of bug-bounty platform Intigriti claimed earlier this month hundreds of corporate service portals have been exposed to the internet, a 12 per cent increase since he scanned the internet for them last summer - an increase the COVID-19 crisis may have contributed to.

As a proof of concept, De Ceukelaire targeted a set of corporate Atlassian service desk portals he found facing the internet.

Either way, organizations should absolutely audit their now-public-facing internal portals to determine if they are secure, and whether they can be abused by strangers on the other side of the internet.

"The fix really depends on how you use your service desk," he said, "e.g. you may associate incoming emails from external users with new user accounts, but don't want to give them access to the portal, or you may want to give them access, but only to a few portals and not the internal ones."

Following the publication of De Ceukelaire's findings, Atlassian has issued guidelines for customers on how to secure their service desk portals.

News URL

https://go.theregister.co.uk/feed/www.theregister.co.uk/2020/04/07/servicedesk_security_advisory/

#atlassian #internet #virus

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Atlassian		58	56	291	40	34	421