It’s another roundup of discussions happening this week on the MSP subreddit.
Okay, this is a long one. But when you’re talking about a culture shift around security, it warrants a lengthy post if others can benefit from it. And in this case, it looks like they can. The Redditor behind the post spelled out the problem: How do you allow legitimate Agent N <> Central traffic, but limit exposure of your login pages from the public internet?
“If you read the N-Central support literature, they say you need at a minimum TCP ports open: 22, 80, 443, 10000. We were never comfortable with that and after seeing a Solarwinds support engineer defeat our MFA with a single SQL update command over SSH – our fears were validated.
“Our goal was to transition from this culture of ‘just allow everything – it’ll all be fine’ that vendors insist upon to ‘what is absolutely required and let’s just allow that.'”
This step by step guide for adding a suit of armour around your login pages is a good example of “the rising tide lifts all boats”.
How we used a free Cloudflare plan to hide our N-Central instance and improve security from r/msp
The Maze ransomware is at it again, this time targeting one of the largest tech and consulting firms in the Fortune 500 – Cognizant. The Maze operators denied responsibility for the cyber attack, according to BleepingComputer.
IT services giant Cognizant allegedly got hit with a cyber attack by the Maze Ransomware from r/msp