Posted on

SAP and Onapsis Warn of Ongoing Attacks Exploiting Vulnerabilities in Mission-Critical SAP Applications

Six cybersecurity vulnerabilities in mission-critical SAP applications are being actively exploited by threat actors according to cybersecurity firm Onapsis. Exploitation of the flaws could result in the theft of sensitive data, financial fraud, and disruption of mission-critical systems, including malware and ransomware attacks. Researchers at Onapsis have recorded more than 300 successful attacks exploiting the flaws from mid-2020 until April 2021.

SAP systems are used by many organizations for managing critical business processes, including product lifecycle management, customer relationship management, enterprise resource planning, and supply chain management. SAP issued a warning to organizations using SAP systems on April 6, 2021 in coordination with Onapsis to alert them to the risk of attack.

Posted on

How To Make a Windows Keylogger By Yourself

light up keyboard

Why Does an IT Security Specialist Need These Skills? 

Hacker world can be contingently divided into three groups: the so-called “skids” (script kiddies), “buyers”, and “black hat coders”. The first group includes beginners who use well-known codes and utilities to create something resembling simple malicious software. Buyers are teenagers and other thrill-seekers who buy such malware on the Net and use it to collect and sell personal and financial data from target devices.

The last group called “black hat coders” includes programming gurus writing the codes in a notebook and developing new exploits from scratch. Can anybody with good programming skills become one of the “black hat coders”? I doubt it but I believe any IT security specialist should know several concepts that are used to create malicious software. Always know your enemy:)

Posted on

The Next ‘WannaCry’ Is Here (But so, too, Is a Patch)

If you don't want me to infect your Windows OS, install the patch from Microsoft. It really is that easy. I am hungry, though, so maybe you shouldn't...

Since mid-May, Microsoft has been warning Windows admins of a potentially catastrophic vulnerability: Now known as BlueKeep, this "critical" vulnerability exists within the Remote Desktop Protocol used by older Windows operating systems, including 2000, Vista, XP, 7, Server 2003 (including R2), and Server 2008 (including R2).

As the company explained in a security update guide last month: