The Salesforce Winter ‘21 patch for Aura should remediate the security risk that allowed any authenticated user the ability to use web services exposed with the @auraenabled decorator. However, Onapsis Research Labs has some security concerns that we found within Aura that we’ll be covering in this blog post.
Research
Introducing SAP Management Console: Concepts and General Considerations
The SAP Management Console (SAP MC) provides a common framework for centralized system management. It allows you to monitor and perform basic administration tasks on the SAP system centrally, which simplifies system administration.
SAP Security Patches June 2020: Two Critical Fixes Released for SAP Commerce
Today, SAP released its monthly patch updates with several fixes, including 23 new SAP Security Notes, 2 HotNews Notes and 5 High Priority Notes.
SAP Security Patches May 2020: Second Month in a Row with 29 Total Fixes Released
Today, SAP released its monthly patch updates with several fixes, including 29 new SAP Security Notes, 6 HotNews Notes and 7 High Priority Notes.
SAP Security Patches April 2020: 5 HotNews and 29 Total Fixes for SAP Products
Today, SAP released its monthly patch updates with several fixes, including 29 new SAP Security Notes, 5 HotNews Notes and 5 High Priority Notes.
SAP Security Notes March 2020: Two Critical Patches Released to Protect Solution Manager from Cyberattacks
Today, SAP released its monthly patch updates with several fixes, including 22 new SAP Security Notes, 4 HotNews Notes and 5 High Priority Notes.
Is Enabling the SSL Connection to Your Java System Enough?
Secure Sockets Layer (SSL)/Transport Layer Security (TLS) is a protocol used to encrypt communications between two entities by exchanging public and private keys to create secure sessions between them. In this blog, I will explain how you can enable SSL (Secure Socket Layer) in your SAP Java system and how you can redirect the HTTP requests to HTTPS protocol.
SAP Security Notes February 2020: Calm Times Are Over—19 New SAP Security Notes and Root Access at Risk
Today, SAP released its monthly patch updates with several fixes, including 12 new SAP Security Notes, 1 High Priority Note, 10 of Medium Priority and 1 with Low Priority. The Onapsis Research Labs contributed more than 30% of the new SAP Security Notes published this month, not considering re-released ones.
SAP Security Notes: Looking Back at 2019 and Forward to 2020
There is no doubt that ERP systems will increasingly become a preferred target of cyberattacks. SAP and Onapsis have taken multiple measures so that customers are best prepared for the challenges of 2020. Here is some of what we learned in 2019 and what we can expect in 2020.
SAP Security Notes January 2020: ICM Services at Risk of Denial of Service
Today, SAP released its monthly patch updates with several fixes, including 12 new SAP Security Notes, 1 High Priority Note, 10 of Medium Priority and 1 with Low Priority