Social Network For Security Executives: Network, Learn & Collaborate
Recently, HP published their yearly Cyber Risk Report 2015. Having many typical things spotlighted in this report such as growing number of ATM and IOT Security events, we have found some parts that are relevant to business application security, which we are honored to share with our readers, customers and partners.
According to their report, HP Zero Day Initiative were busy coordinating the disclosure and remediation of over…Continue
Added by Alexander Polyakov on June 25, 2015 at 7:41pm — No Comments
On 11th of May, a security headline broke out in the news, it was about an attack on USIS (U.S. Investigations Services) conducted potentially by Chinese state-sponsored hackers via a vulnerability in SAP Software. Hackers broke into third-party software in 2013 to open personal records of federal employees and contractors with access to classified intelligence, according to the government's largest private employee investigation…Continue
Added by Alexander Polyakov on June 25, 2015 at 6:30pm — No Comments
In our previous article we’ve already covered how SAP ABAP Security Storage works. Today’s post is dedicated to SAP HANA Security Storage.
SAP HANA is a recent key product of SAP. It is a software solution based on the in-memory technology, that reduces the time of the data processing significantly.
This product has obviously caused an excitement among large enterprises interested in…Continue
Added by Alexander Polyakov on June 24, 2015 at 4:00pm — No Comments
With this article we are starting new series of posts giving a review of one of the most frequent vulnerability which affects a lot of SAP modules: cross-site scripting, or XSS. XSS is by far one of the most popular vulnerability indeed in all products and a most popular vulnerability in SAP products with total number of 628 vulnerabilities that is almost 22% of all vulnerabilities ever found in SAP during 12 years. You can find this in our latest research…Continue
Added by Alexander Polyakov on June 17, 2015 at 3:45pm — No Comments
April 17, 2015 – As a part of monthly updates Microsoft released security update MS15-034 which closes vulnerability in driver HTTP.sys which enables an attacker to execute arbitrary code on OS remotely.
This update has a critical status as almost every modern version of Microsoft operating systems (Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2) is vulnerable.
Added by Alexander Polyakov on June 17, 2015 at 12:49pm — No Comments
Mobile devices are actively integrated into business processes. Companies have more and more business applications and mobile devices. Employees increasingly bring their own equipment to the workplace (BYOD policy – Bring Your Own Device) and gain access to critical corporate information.
SAP Mobile Platform (or SMP, formerly called Sybase Unwired Platform, or SUP) is a MEAP (Mobile Enterprise Application Platform) solution. SMP is used for monitoring…Continue
Added by Alexander Polyakov on June 17, 2015 at 12:48pm — No Comments