SAP Cyber Threat Intelligence report – July 2018
The SAP threat landscape is always expanding thus putting organizations of all sizes and industries at risk of cyber attacks. The idea behind the monthly SAP Cyber Threat Intelligence report is to provide an insight into the latest security vulnerabilities and threats. Key takeaways This month, the vendor releases a ... Read More
SAP Cyber Threat Intelligence report – June 2018
The SAP threat landscape is always expanding thus putting organizations of all sizes and industries at risk of cyber attacks. The idea behind the monthly SAP Cyber Threat Intelligence report is to provide an insight into the latest security vulnerabilities and threats. Key takeaways June’s set of SAP Security Notes ... Read More
Native Structured Query Language
One of the ways to interact with a database in SAP systems is Native Structured Query Language (SQL). It allows developers to use specific database statements in their ABAP programs. In this section, we will discuss a few critical statements that relate to Native SQL. Potential Backdoor using CLIENT SPECIFIED ... Read More
SAP Cyber Threat Intelligence report – May 2018
The SAP threat landscape is always expanding thus putting organizations of all sizes and industries at risk of cyber attacks. The idea behind the monthly SAP Cyber Threat Intelligence report is to provide an insight into the latest SAP security vulnerabilities and threats. Key takeaways This set of SAP Security ... Read More
Dynamic Code Execution
This short article continues the discussion on the second section of Secure ABAP Development Guide called ‘Critical Calls’. Dynamic code execution in ABAP is possible via ASSIGN, PERFORM or CREATE OBJECT statements. These statements may contain a potentially harmful variable input from variable content leading to full system compromise which ... Read More
Analyzing Oracle Security – Critical Patch Update for April 2018
Today Oracle has released its quarterly patch update. Oracle warns that if customers fail to apply available patches, attackers become successful in their attempts to maliciously exploit vulnerabilities. April’s CPU fixes a total of 254 security vulnerabilities. The main highlights are listed below. April’s CPU contains 153 vulnerabilities in business-critical ... Read More
SAP Cyber Threat Intelligence report – April 2018
The SAP threat landscape is always expanding thus putting organizations of all sizes and industries at risk of cyber attacks. The idea behind the monthly SAP Cyber Threat Intelligence report is to provide an insight into the latest security vulnerabilities and threats. Key takeaways This set of SAP Security Notes ... Read More
What is SAP S/4HANA? – Business Introduction
SAP S/4HANA is a shortened version of SAP Business Suite 4 SAP HANA. Basically, it is a new generation of SAP Business Suite. But before we dive into details, let’s start from the beginning. SAP S/4HANA history Where does SAP S/4HANA come from? It is not a secret that business ... Read More
Oracle EBS Penetration testing tool
Nobody will argue that IT security is vital in our modern world, particularly for businesses. Cybercrime is getting worse and systems become more vulnerable with time, making organizations more susceptible to cyberattacks and financial losses. That’s why the topic of cybercrime demands more attention and cyber-awareness. ERP security is a ... Read More
Dynamic ABAP Calls
With this article, we start the second section of Secure ABAP Development Guide called ‘Critical Calls’. Not only injection vulnerabilities are able to harm the systems but also some statements in ABAP. In this category, most of them (not all!) are not so severe as injections but the inadvertent operation ... Read More
