SAP & Onapsis Webinar: Log4j Threat Intelligence and Mitigation Strategies to Protect Your SAP Applications

The Onapsis Blog

Die Sicherheit von geschäftskritischen Anwendung ist dynamisch, und es gibt ständig neue Entwicklungen. In unserem Blog finden Sie Empfehlungen, Einblicke und Beobachtungen zu den neuesten Nachrichten für die Sicherung Ihrer SAP®-, Oracle®- und Salesforce-Anwendungen.

Oracle PAYDAY Vulnerabilities

Video: Oracle PAYDAY Vulnerabilities

Oracle E-Business Suite (EBS) critical vulnerabilities from earlier this year are presenting new risk, despite Oracle issuing fixes and thousands of organizations that have not applied the patches remain at risk.

With over 21,000 organizations across the globe using Oracle EBS, Onapsis estimates that over 50% of Oracle EBS customers have not deployed the patches necessary to protect their systems, leaving thousands of organizations at risk. Two attack scenarios involving these vulnerabilities are detailed in the videos below. The first could leave you vulnerable to a malicious user gaining control of your Oracle E-Business Suite, resulting in a user rerouting invoice payments to an attacker’s bank account, leaving no trace. In the second example, a malicious user would be able to create and print forged bank checks through the Oracle EBS check printing process, with the ability to then disable and erase audit logs to hide the activity. Together, these two major vulnerabilities are dubbed the PAYDAY attack scenarios and could be detrimental to your business if you have not patched your system correctly.

Watch the videos below for more information on these attack scenarios and on patching your Oracle EBS system and keeping your organization safe and secure. Learn more by downloading our Oracle EBS PAYDAY vulnerabilities threat report.

ORACLE EBS PAYDAY: MANIPULATING WIRE TRANSFERS

 

 

ORACLE EBS PAYDAY: PRINTING APPROVED CHECKS

 

 

Sichern Sie Ihre
geschäftskritischen SAP-, Oracle-, SalesForce
und SaaS-Anwendungen

Verschaffen Sie sich aus erster Hand einen Überblick über die Transparenz, das Reporting und die Automatisierungsmöglichkeiten der Onapsis-Plattform, indem Sie eine persönliche Demo mit unseren Experten für Anwendungssicherheit vereinbaren.

Demo anfordern