SAP applications are getting compromised by skilled attackers
Newly provisioned, unprotected SAP applications in cloud environments are getting discovered and compromised in mere hours, Onapsis researchers have found, and vulnerabilities …
SAP security
March 2021 Patch Tuesday: Microsoft fixes yet another actively exploited IE zero-day
As system administrators and security teams around the world are working on ascertaining whether they’ve been breached and compromised via vulnerable Microsoft Exchange …
February 2021 Patch Tuesday: Microsoft and Adobe fix exploited zero-days
On this February 2021 Patch Tuesday: Adobe has fixed a Reader flaw used in limited attacks, as well as delivered security updates for a variety of products, including Acrobat …
January 2021 Patch Tuesday: Microsoft plugs Defender zero-day RCE
On this January 2021 Patch Tuesday: Microsoft has plugged 83 CVEs, including a Microsoft Defender zero-day Adobe has delivered security updates for a variety of products SAP …
A light December 2020 Patch Tuesday for a no-stress end of the year
On this December 2020 Patch Tuesday: Microsoft has plugged 58 CVEs Adobe has delivered security updates for Lightroom, Experience Manager, and Prelude, and has announced that …
November 2020 Patch Tuesday: Microsoft fixes actively exploited Windows Kernel flaw
On this November 2020 Patch Tuesday: Microsoft has plugged 112 security holes, including an actively exploited one Adobe has delivered security updates for Adobe Reader Mobile …
October 2020 Patch Tuesday: Microsoft fixes potentially wormable Windows TCP/IP RCE flaw
On this October 2020 Patch Tuesday: Microsoft has plugged 87 security holes, including critical ones in the Windows TCP/IP stack and Microsoft Outlook and Microsoft 365 Apps …
Intel, SAP, and Citrix release critical security updates
August 2020 Patch Tuesday was expectedly observed by Microsoft and Adobe, but many other software firms decided to push out security updates as well. Apple released iCloud for …
Critical flaw gives attackers control of vulnerable SAP business applications
SAP has issued patches to fix a critical vulnerability (CVE-2020-6287) that can lead to total compromise of vulnerable SAP installations by a remote, unauthenticated attacker. …
The potential impact of SAP security remediation
More than two thirds (68.8%) of SAP users believe their organizations put insufficient focus on IT security during previous SAP implementations, while 53.4% indicated that it …
50,000 companies running SAP installations open to attack via publicly released exploits
Two exploits publicly released in late April at the OPCDE security conference in Dubai could be leveraged to compromise a great number of SAP implementations, Onapsis has …
Several high risk 0-day vulnerabilities affecting SAP HANA found
Onapsis discovered several high risk vulnerabilities affecting SAP HANA platforms. If exploited, these vulnerabilities would allow an attacker, whether inside or outside the …
