25th JUl 2018 – Malicious Cyber Activity Targeting ERP Applications (Stay alert!)

 

A consulting firm observe that the abuse of the SAP Invoker Servlet rapidly increase (built-in functionality in SAP NetWeaver Application Server Java systems (SAP Java platforms)). The fact is that customer may not aware or encounter technical difficulties to remediate a former vulnerability. May be a new attack (former vulnerability + Zero day) let the risk happens.

Quick step of remediation in the moment:

1. Scan systems for all known vulnerabilities, such as missing security patches and dangerous system configurations.

2. Analyze systems for malicious or excessive user authorizations.

3. Monitor systems for indicators of compromise resulting from the exploitation of vulnerabilities.

4. Apply threat intelligence on new vulnerabilities to improve the security posture against advanced targeted attacks.

Should you have interest of the report. You can go to this place to download.

https://www.onapsis.com/research/reports/erp-security-threat-report

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.