Tag: sap
-
Gefährliche Malware ‘Auto-Color” – Linux-Backdoor über SAP-Schwachstelle eingeschleust
First seen on security-insider.de Jump to article: www.security-insider.de/cyberangriff-us-chemieunternehmen-linux-backdoor-auto-color-a-dbe36842f5cd2d3bbe44c2e6384f909d/
-
Black Hat 2025: Latest news and insights
Tags: access, ai, api, attack, ciso, cloud, conference, crowdstrike, cvss, cyber, cybersecurity, data, defense, email, exploit, finance, firmware, flaw, group, hacker, hacking, identity, Internet, LLM, malicious, malware, reverse-engineering, sap, service, threat, tool, training, update, usa, vulnerability, windowsBlack Hat USAAugust 2-7, 2025Las Vegas, NVBlack Hat USA 2025 returns to the Mandalay Bay Convention Center in Las Vegas on August 2-7. The annual event is a perennial magnet for cybersecurity professionals, researchers, vendors and othersThe week kicks off on August 2 with four days of cybersecurity training courses. The courses cover a range…
-
Auto-Color Backdoor Targets U.S. Chemical Firm via CVE-2025-31324
Tags: access, backdoor, cve, cyberattack, cybersecurity, exploit, hacker, linux, malware, sap, vulnerabilityIn a three-day cyberattack this April, hackers exploited a newly disclosed SAP vulnerability to infiltrate a U.S.-based chemicals company, deploying a stealthy Linux malware known as Auto-Color backdoor. Cybersecurity firm Darktrace says the attackers gained access through a critical flaw… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/auto-color-backdoor-cve-2025-31324/
-
Critical SAP flaw exploited to launch Auto-Color Malware attack on U.S. company
Hackers exploited a SAP NetWeaver bug to deploy upgraded Auto-Color Linux malware in an attack on U.S. chemicals firm. Cybersecurity firm Darktrace reported that threat actors exploited a SAP NetWeaver flaw, tracked as CVE-2025-31324, to deploy Auto-Color Linux malware in a U.S. chemicals firm attack. >>In April 2025, Darktrace identified an Auto-Color backdoor malware attack…
-
Hackers Target SAP NetWeaver to Deploy New Auto-Color Linux Malware
Cybersecurity researchers at Darktrace have uncovered a sophisticated attack targeting a US-based chemicals company, marking the first observed instance of threat actors exploiting SAP NetWeaver vulnerabilities to deploy Auto-Color backdoor malware. The incident, which occurred over three days in April 2025, demonstrates an alarming evolution in cyber attack tactics combining enterprise software exploitation with advanced…
-
Hackers Exploit SAP Vulnerability to Breach Linux Systems and Deploy Auto-Color Malware
Threat actors have been observed exploiting a now-patched critical SAP NetWeaver flaw to deliver the Auto-Color backdoor in an attack targeting a U.S.-based chemicals company in April 2025.”Over the course of three days, a threat actor gained access to the customer’s network, attempted to download several suspicious files and communicated with malicious infrastructure linked to…
-
Hackers exploit SAP NetWeaver bug to deploy Linux Auto-Color malware
Hackers were spotted exploiting a critical SAP NetWeaver vulnerability tracked as CVE-2025-31324 to deploy the Auto-Color Linux malware in a cyberattack on a U.S.-based chemicals company. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-sap-netweaver-bug-to-deploy-linux-auto-color-malware/
-
SAP NetWeaver Vulnerability Used in Auto-Color Malware Attack on US Firm
Darktrace uncovers the first exploit of a critical SAP NetWeaver vulnerability (CVE-2025-31324) to deploy Auto-Color backdoor malware. Learn how this evasive Linux RAT targets systems for remote code execution and how AI-powered defence thwarts multi-stage attacks. First seen on hackread.com Jump to article: hackread.com/sap-netweaver-vulnerability-auto-color-malware-us-firm/
-
Auto-Color Backdoor Malware Exploits SAP Vulnerability
Backdoor malware Auto-Color targets Linux systems, exploiting SAP NetWeaver flaw CVE-2025-31324 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/auto-color-backdoor-exploits-sap/
-
Auto-Color RAT targets SAP NetWeaver bug in an advanced cyberattack
Tags: access, ai, attack, cvss, cyberattack, cybersecurity, detection, dns, flaw, malicious, malware, network, rat, sap, update, vulnerability, zero-trustThe attack stopped in its tracks: Darktrace analysts detected the suspicious ELF download and a flurry of odd DNS and SSL connections to known malicious infrastructure. The British cybersecurity outfit claims its “Autonomous Response” intervened within minutes, restricting the device to its usual, legitimate activities while analysts investigated unusual behavior.Darktrace researchers said the malware stalled…
-
Teil 3: Shared Responsibility – Cybersicherheit für SAP: Tools & Verantwortlichkeiten
First seen on security-insider.de Jump to article: www.security-insider.de/sicherheit-in-sap-systemen-klare-rollenverteilung-und-spezialisierte-tools-a-5b47df5a067a6bd4f8a40c854679131e/
-
Adversary Infrastructure and Indicators Behind the SAP NetWeaver 0-Day Exploitation
On the 27th of March 2025, we’ve seen a previously unknown vulnerability (now tagged as CVE-2025-31324) in SAP NetWeaver Visual Composer being exploited in the First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2025/07/14/adversary-infrastructure-and-indicators-behind-the-sap-netweaver-0-day-exploitation/
-
SAP Patchday Juli 2025 – 6 kritische Schwachstellen beim SAP-Patchday
First seen on security-insider.de Jump to article: www.security-insider.de/kritische-sicherheitsluecken-sap-juli-2025-a-80c3bdf40973d33618541a8764f73bdc/
-
Teil 2: Kernaspekte eines SAP-Cybersicherheitsprogramms – Cybersicherheit für SAP: Umsetzung in der Praxis
First seen on security-insider.de Jump to article: www.security-insider.de/cybersicherheit-fuer-sap-schutz-geschaeftskritische-daten-a-a43f3ff17bd0a3e9efed3c380b33bef1/
-
Microsoft developer ported vector database coded in SAP’s ABAP to the ZX Spectrum
The mighty Z80 processor ran the code at astounding speed, proving retro-tech got a lot of things right First seen on theregister.com Jump to article: www.theregister.com/2025/07/08/sap_abap_db_spectrum_port/
-
July Patch Tuesday: 14 critical Microsoft vulnerabilities, one SAP hole rated at 10 in severity
Tags: access, attack, authentication, business, citrix, computer, control, credentials, cve, cvss, data, email, espionage, exploit, grc, microsoft, monitoring, network, ransomware, remote-code-execution, risk, sap, service, threat, update, vulnerability, windowsNetwork security: Allow PKU2U authentication requests to this computer to use online identities“.Tyler Reguly, Fortra’s associate director of security R&D, told CSO that, based on Microsoft’s presentation of the information, disabling this GPO will mitigate this vulnerability.The second priority is a fix for CVE-2025-49704, a SharePoint Remote Code Execution vulnerability, because it presents a critical risk to a…
-
July Patch Tuesday: 14 critical Microsoft vulnerabilities, one SAP hole rated at 10 in severity
Tags: access, attack, authentication, business, citrix, computer, control, credentials, cve, cvss, data, email, espionage, exploit, grc, microsoft, monitoring, network, ransomware, remote-code-execution, risk, sap, service, threat, update, vulnerability, windowsNetwork security: Allow PKU2U authentication requests to this computer to use online identities“.Tyler Reguly, Fortra’s associate director of security R&D, told CSO that, based on Microsoft’s presentation of the information, disabling this GPO will mitigate this vulnerability.The second priority is a fix for CVE-2025-49704, a SharePoint Remote Code Execution vulnerability, because it presents a critical risk to a…
-
SAP July”¯2025 Patch Day: Fixes for 27 Flaws, Including 7 Critical
SAP released critical security updates on July 8, 2025, addressing 27 vulnerabilities across its enterprise software portfolio, with seven classified as critical-severity flaws. The monthly Security Patch Day also included three updates to previously released security notes, underscoring the ongoing security challenges facing enterprise software environments. The most severe vulnerability, CVE-2025-30012, affects SAP Supplier Relationship Management’s…
-
Has CISO become the least desirable role in business?
Tags: advisory, ai, business, cio, ciso, control, corporate, cybersecurity, data, dora, finance, governance, international, jobs, network, office, regulation, resilience, risk, sap, skills, startup, threatGeorge Gerchow, CSO, Bedrock Security George Gerchow / Bedrock Security”I’ll never report to a CTO or CFO again. I have to have seat at the table,” he says emphatically. Otherwise, he says, you become frustrated “because you’re not in control of your own destiny. You’re parsing everything to this other person who’s a leader in…
-
Teil 1: Häufigste Sicherheitslücken und typische Angriffe – Cybersicherheit für SAP: Grundlagen & Best Practices
First seen on security-insider.de Jump to article: www.security-insider.de/sap-sicherheit-herausforderungen-best-practices-a-1201b8b36ac5604dd37822c6a593cdb7/
-
Breach Roundup: UK NHS Links Patient Death to Ransomware Attack
Also, O Canada, Oh Brother and More Probable Chinese Hacking. This week, ransomware kills, Salt Typhoon hit Canada, Russian backdoors, SAP and Citrix patches, China hackers in the oil and energy sector. Brother printers have an unfixable flaw. Ransomware hit a U.S. dairy cooperative. Hackers in Albania and Oxford. European lawmakers heard cybersecurity advice. First…
-
SAP-Schwachstellen gefährden Windows-Nutzerdaten
Tags: access, compliance, cve, cvss, cyberattack, encryption, fortinet, GDPR, PCI, phishing, risk, sap, spear-phishing, update, vulnerability, windowsSchwachstellen in SAP GUI geben sensible Daten durch schwache oder fehlende Verschlüsselung preis.Die Forscher Jonathan Stross von Pathlock, und Julian Petersohn von Fortinet warnen vor zwei neuen Sicherheitslücken in einer Funktion von SAP GUI, die für die Speicherung der Benutzereingaben in den Windows- (CVE-2025-0055) und Java-Versionen (CVE-2025-0056) zuständig ist .Dadurch werden sensible Informationen wie Benutzernamen,…
-
Citrix Bleed 2 Flaw Enables Token Theft; SAP GUI Flaws Risk Sensitive Data Exposure
Cybersecurity researchers have detailed two now-patched security flaws in SAP Graphical User Interface (GUI) for Windows and Java that, if successfully exploited, could have enabled attackers to access sensitive information under certain conditions.The vulnerabilities, tracked as CVE-2025-0055 and CVE-2025-0056 (CVSS scores: 6.0), were patched by SAP as part of its monthly updates for January First…
-
SAP GUI flaws expose sensitive data via weak or no encryption
Tags: attack, breach, cve, data, encryption, exploit, flaw, phishing, sap, spear-phishing, threat, update, vulnerability, windowsThe impact could be much greater: Dani noted that a breach through these vulnerabilities can facilitate further targeted attacks. “Not undermining the fact that this extracted data provides attackers with enough gunpowder for reconnaissance activities, a threat actor could comprehend organizational structure, usage patterns, and system configurations from the exploitation of these vulnerabilities and weaponize…
-
XOR Marks the Flaw in SAP GUI
The company has patched two vulnerabilities in its Graphical User Interface that would have allowed attackers to grab data from a user’s input history feature. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/xor-flaw-sap-gui
-
SAP GUI Input History Found Vulnerable to Weak Encryption
Two SAP GUI vulnerabilities have been identified exposing sensitive data due to weak encryption in input history features First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/sap-gui-vulnerable-weak-encryption/
-
Unternehmen mit Neuausrichtung ihrer SAP-Strategie – Ausreichend Spielraum trotz Cloud als Priorität
First seen on security-insider.de Jump to article: www.security-insider.de/ausreichend-spielraum-trotz-cloud-als-prioritaet-a-3f24477954dab9170972590515cff9a2/
-
Europe’s cloud datacenter ambition ‘completely crazy’ says SAP CEO
Christian Klein sees little benefit from trying to compete with the dominant hyperscalers First seen on theregister.com Jump to article: www.theregister.com/2025/06/09/europes_cloud_datacenter_ambition/
-
SAP June 2025 Security Patch Day fixed critical NetWeaver bug
SAP fixed a critical NetWeaver flaw that let attackers bypass authorization and escalate privileges. Patch released in June 2025 Security Patch. SAP June 2025 Security Patch addressed a critical NetWeaver vulnerability, tracked as CVE-2025-42989 (CVSS score of 9.6), allowing threat actors to bypass authorization checks and escalate their privileges. >>RFC inbound processing does not perform…
-
SAP NetWeaver Vulnerability Allows Attackers to Escalate Privileges
A critical vulnerability in the SAP NetWeaver Application Server AS ABAP has been disclosed under SAP Security Note #3600840, carrying a near-maximum CVSS score of 9.6. This flaw, rooted in a Missing Authorization Check within the Remote Function Call (RFC) framework, poses a severe risk to system integrity and availability. Authenticated attackers can exploit this…