Browsing tag
A recent investigation by cyber forensics course specialists has revealed that around 50k companies running SAP company software are more likely to suffer cyberattacks due to the discovery of new methods of exploitation for some old vulnerabilities in these systems that have not been properly corrected. SAP, a leading German software company, mentions that between […]
The company is preparing 11 patches to correct these flaws Last Tuesday the SAP business provider launched 11 different security alerts for its users. According to cybersecurity and ethical hacking specialists from the International Institute of Cyber Security, the company informed its customers about the launch of a series of security patches to correct vulnerabilities […]
For the most part, SAP implementations continue to be affected by vulnerability in the security configuration initially documented in 2005, information security experts warn. Analysts comment that careless security configurations and unintended derivations of previously protected system configurations make SAP implementations vulnerable despite the release of security notes designed to address issues. According to Onapsis information […]
SAP has issued an updated patch for a code-injection vulnerability affecting the TREX search engine integrated into more than a dozen SAP products, including the old NetWeaver application integration platform and the SAP HANA database. The flaw was originally found in 2015 and patched in SAP HANA, the company’s in-memory data analysis and database infrastructure. […]
A remote code execution flaw in the SAP Windows client opens the door for ransomware attacks targeting enterprises that rely on various SAP products to manage and keep track of their business operations. SAP, a German company that makes enterprise software used by over 335,000 customers in 190 countries, has patched the issue last week. […]
A PricewaterhouseCoopers SAP software, the Automated Controls Evaluator (ACE), is affected by a critical security flaw that could be exploited by hackers. A software developed by PricewaterhouseCoopers for SAP systems, the Automated Controls Evaluator (ACE), is affected by a critical security flaw. The vulnerability was discovered by the security firm ESNC who analyzed the tool. The Automated Controls […]
The information about a 0-day SAP vulnerability was published on LinkedIn on October 28, 2016. A researcher disclosed details of the vulnerability in SAP system that he had identified and stated as 0-day. As it turns out, the vulnerability was already patched by SAP on 13th of September by SAP Note 2344524, so technically it’s […]
Onapsis and US-CERT warned about attacks against 36 companies, another security firm begs to differ. The impact of a five-year-old security issue affecting SAP customers that has recently resurfaced has been greatly underestimated, says a team of researchers who revealed that the number of affected companies is actually fifteen times larger. At the start of the […]