Inside a C2 Attack: Unraveling SAP System Breaches

9 results

  1. Lessons from Onapsis-Flashpoint Report and Beyond

    In the realm of enterprise resource planning (ERP) systems, security is a constant battleground. Despite the availability of patches for known vulnerabilities, the Onapsis-Flashpoint Ch4tter report sheds light on a worrying trend: increased attack activities on these critical systems.

  2. New Report Reveals Evidence of Increased Cybercriminal Interest in ERP Applications

    Novel research report from Onapsis and Flashpoint details increasing interest and value of ERP security application vulnerabilities for ransomware and data breaches.

  3. cybersecurity

    Protecting SAP Solutions from Cyber Threats with Onapsis

    Reading time: 1 mins

    Recent SAPinsider research highlights that protecting sensitive data in SAP systems is a major concern for SAP customers. Traditional security efforts focused on managing access, but new research by Onapsis and Flashpoint reveals an increase in cyber threats targeting SAP systems. Ransomware incidents have surged by 400%, and discussions about SAP vulnerabilities on various web…

  4. Microsoft Sentinel

    Inside a C2 Attack: Unraveling SAP System Breaches

    Reading time: 2 mins

    As SAP applications store valuable data, they are becoming increasingly attractive targets for threat actors, who exploit vulnerabilities for profit. It is crucial for companies to strengthen cybersecurity measures for SAP to prevent future attacks. A recent research by Onapsis and Flashpoint reveals that discussions about SAP vulnerabilities and exploits have surged significantly, indicating growing…

  5. Artificial Intelligence Exploits Vulnerabilities in Systems with an 87 percent Success Rate

    Based on a newly released paper published by researchers at the University of Illinois, Artificial Intelligence agents can combine large language models with automation software to autonomously analyze and exploit security vulnerabilities. During the research, OpenAI’s GPT-4 large language model was able to successfully exploit 87 percent of vulnerabilities when provided with a CVE advisory…

  6. CH4TTER: How Threat Actors are Targeting SAP for Financial Gain

    Onapsis and Flashpoint released a report detailing the threat of how cybercriminals are increasingly discussing and targeting SAP applications. Watch this video series to learn more.

  7. Securing SAProuter: How to Get More Complete Protection for This Critical SAP Asset

    We’re happy to see more and more organizations responding to this elevated SAP threat landscape by turning their attention to hardening their SAP applications and investing in improving their SAP security postures. This applies not only to “traditional” assets across the SAP tech stack (e.g., ABAP, HANA, JAVA), but also specific applications, such as SAP…

  8. Securing SAProuter: How to Get More Complete Protection for This Critical SAP Asset

    We’ve been raising awareness of rising cyber attacks targeting critical SAP systems for years now. Most recently, we partnered with Flashpoint on a new threat report that detailed alarming increases in ransomware incidents involving compromised SAP systems and proof that unpatched SAP vulnerabilities are actively being exploited for financial gain, espionage and sabotage. What are…

  9. Vulnerabilities Affecting SAP AI Services

    On July 17th, 2024, Hillai Ben-Sasson, a security researcher from the cloud company WIZ released the results of a research focused on SAP Cloud AI services, which was part of a broader research around mainstream AI cloud providers also including Hugging Face and Replicate. The researcher identified a set of weaknesses in the cloud infrastructure…