Oracle’s E-Business Suite (EBS) was informed about two critical security vulnerabilities in their software that could give attackers full control over a company’s enterprise resource planning (ERP) solution. These vulnerabilities were discovered by Onapsis back in December 2018 and also helped create a patch that was released in April 2019.
Stay on top of the latest media coverage, and company and product announcements from the leader in business-critical application security and compliance solutions.

PAYDAY flaws in Oracle’s E-Business Suite putting firms at risk of fraud
Over 21,000 organisations that use Oracle's E-Business Suite could be at risk of financial fraud or theft as hackers can exploit a number of critical vulnerabilities known as PAYDAY to hijack an Oracle EBS system, reroute invoice payments, and erase audit logs to cover up their activity.

Thousands of Enterprises At Risk Due to Oracle EBS Critical Flaws
Two critical security vulnerabilities discovered in Oracle's E-Business Suite (EBS) could allow potential attackers to take full control over a company's entire enterprise resource planning (ERP) solution.

Half of Oracle E-Business customers open to months-old bank fraud flaw
Haven't gotten around to patching since last Spring? Now would be a good time

Oracle Vulnerability Gives Hackers “Untraceable” License to Print Money
Security firm Onapsis says it has identified a series of critical vulnerabilities in Oracle’s E-Business Suite (EBS) that could allow attackers to gain “untraceable control” of electronic fund transfers and print bank checks without detection.

Onapsis Reveals Oracle E-Business Suite Vulnerability
Malicious users can exploit the vulnerability by committing wire fraud or printing pre-approved cheques

50,000 businesses exposed to cyber attacks through SAP systems
Up to 50,000 businesses running Sap software are at risk of being hacked after security researchers uncovered new ways to exploit insufficiently protected systems.

PoC Exploits for Old SAP Configuration Flaws Increase Risk of Attacks
Organizations using SAP business applications have been warned that the risk of attacks involving some old configuration issues has increased after researchers released proof-of-concept (PoC) exploits.

50,000 companies running SAP installations open to attack via publicly released exploits
Two exploits publicly released in late April at the OPCDE security conference in Dubai could be leveraged to compromise a great number of SAP implementations, Onapsis has warned.

50,000 companies exposed to hacks of 'business critical' SAP systems: researchers
Up to 50,000 companies running SAP software are at greater risk of being hacked after security researchers found new ways to exploit vulnerabilities of systems that haven't been properly protected and published the tools to do so online.