2024 Wrapped: Most Viewed Blogs
It’s hard to believe that 2024 is over and we’re helping our customers plan their 2025 SAP security strategies. As we continue to see an increase in threat activity targeting ERP applications, we know taking a look back can help us plan for the future. In light of this, we have pulled together our most viewed blogs from 2024 below to help you prepare for the new year:
Securing SAP Remote Function Calls: The Crucial Role of S_ICF Authorization
This article explores a crucial yet often overlooked security measure for SAP systems: the S_ICF authorization object. This object plays a key role in safeguarding Remote Function Calls (RFC) on the client side by restricting access to RFC destinations. With RFC hopping being a known tactic for lateral movement during cyberattacks, the S_ICF object offers an extra layer of protection by ensuring only authorized users can access sensitive destinations. By assigning RFC destinations to specific authorization groups, administrators can significantly reduce the risk of unauthorized access and privilege escalation. This post delves into how the S_ICF authorization object works, why it’s vital for mitigating RFC hopping, and the steps to implement it in your SAP environment.
Hash Cracking and the SAP Landscape
Hashing is a crucial security measure, but when it comes to SAP systems, weak or outdated hashes can be a vulnerability. Explore how SAP stores passwords and how security professionals can test these systems for weaknesses through hash cracking in this blog. Learn how SAP implements various hashing methods like MD5 and SHA1, and the risks associated with legacy configurations that can leave systems open to exploitation. We also cover the tools used for cracking SAP hashes, including JohnTheRipper and Hashcat, and share best practices for improving password security, such as disabling downward compatibility to eliminate weak hashes. This post provides the background and techniques to better secure your SAP environment against password-based attacks.
Echoes of Deception: Unmasking the New Wave of AI-Generated Robocall Frauds
Cybercriminals have weaponized AI to create lifelike deepfake voices, fueling a surge in sophisticated robocall fraud that’s harder than ever to detect. This blog explores how scams, like a $200 million heist in Hong Kong, highlight the devastating potential of AI-powered impersonation. It also covers the FCC’s groundbreaking ban on AI-generated robocalls and the FTC’s proposed rules targeting AI impersonation, which mark critical steps in combating this threat. With actionable tips for protecting yourself and insights into Onapsis’ efforts to stay ahead of emerging risks, this is a must-read for navigating today’s evolving digital landscape.
As I’m sure many of you know, Patch Tuesday is a huge day for us each month, so it’s no surprise to see a Patch Day analysis on our list! April’s Patch Tuesday highlighted the release of twelve new and updated security patches, including three high-priority fixes. Notably, SAP Security Note #3434839 addresses a critical issue in SAP NetWeaver AS Java’s User Management Engine, allowing weak passwords that could jeopardize system confidentiality.
New Threat Intelligence: Threat Actors Targeting SAP for Profit
Cybercriminals are increasingly targeting SAP applications for ransomware, data theft, and fraud. Our new research reveals a staggering rise in ransomware incidents, cybercriminal forum discussions, and the price for SAP exploits. This blog provides crucial questions CIOs and CISOs should ask to strengthen their SAP cyber resilience, covering topics like SAP patching, threat monitoring, and zero-day protection. Learn how to protect your SAP landscape and avoid the high costs of a potential ransomware attack.
The Most Overlooked Area of Cybersecurity? Don’t Ignore This Blind Spot
A hidden vulnerability exists between information security and SAP teams, often due to a lack of specialized knowledge in SAP security. Even with advanced tools, organizations can overlook this critical gap, leaving them exposed to cyber threats. This blog highlights the importance of aligning infosec and SAP teams to strengthen defenses. By fostering collaboration, prioritizing alignment, and investing in specialized solutions, organizations can close this blind spot and better protect their critical assets.