Minimizing risks, Cognizant hit with ransomware, and more chatter from MSPs on Reddit

It’s another roundup of discussions happening this week on the MSP subreddit.


Okay, this is a long one. But when you’re talking about a culture shift around security, it warrants a lengthy post if others can benefit from it. And in this case, it looks like they can. The Redditor behind the post spelled out the problem: How do you allow legitimate Agent N <> Central traffic, but limit exposure of your login pages from the public internet?

“If you read the N-Central support literature, they say you need at a minimum TCP ports open: 22, 80, 443, 10000. We were never comfortable with that and after seeing a Solarwinds support engineer defeat our MFA with a single SQL update command over SSH – our fears were validated.

“Our goal was to transition from this culture of ‘just allow everything – it’ll all be fine’ that vendors insist upon to ‘what is absolutely required and let’s just allow that.'”

This step by step guide for adding a suit of armour around your login pages is a good example of “the rising tide lifts all boats”.

How we used a free Cloudflare plan to hide our N-Central instance and improve security from r/msp


The Maze ransomware is at it again, this time targeting one of the largest tech and consulting firms in the Fortune 500 – Cognizant. The Maze operators denied responsibility for the cyber attack, according to BleepingComputer.

IT services giant Cognizant allegedly got hit with a cyber attack by the Maze Ransomware from r/msp


 

 

Teams Expiration Policies from r/msp

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Alex Coop
Alex Coophttp://www.itwc.ca
Former Editorial Director for IT World Canada and its sister publications.

Related Tech News

Featured Tech Jobs

 

CDN in your inbox

CDN delivers a critical analysis of the competitive landscape detailing both the challenges and opportunities facing solution providers. CDN's email newsletter details the most important news and commentary from the channel.