Sitemap | Terms of Use | Privacy Policy |
Quality Policy | Disclosure Policy |
Security Vulnerability Reporting Guidelines |
©2024 Onapsis | All rights reserved
It is important for CISOs to understand that we have now crossed a threshold, a point of no return.
As part of our ongoing research, Onapsis released a report–CH4TTER–in April 2024 in coordination with Flashpoint that focused on how cybercriminals are increasingly seeing the value in targeting SAP applications.
This research delves into a recent real world example of SAP systems being compromised and using the systems to launch attacks on other systems. This report aims to showcase that it is now more important than ever to be engaged and ensure proper security processes and measures are in place.
On Demand Webinar
Anatomy of an Attack: Breaking Down a C2 Incident on SAP
Onapsis Research Labs observed and analyzed malicious activity detected though our global threat intelligence cloud. A system running SAP was compromised and turned into a command and control bot by injecting a malicious file via an SAP vulnerability. The C2 initiated a distributed denial of service attack involving Cloudflare.
Our team will review the details of this attack including source IP addresses, the malicious file, the installation of midnight commander, and cover the commands that were executed on the host system that included an assessment of the compromised SAP system during this session.
Report TL;DR
SAP systems are targeted for many reasons, including the critical data they hold, the infrastructure they run on, and the organizations that use this technology.
New and old SAP vulnerabilities are still leveraged today in compromising SAP systems.
SAP vulnerabilities are now being exploited for use in ransomware attacks.
Onapsis Research Labs routinely runs penetration tests for customers and continues to uncover IT departments struggling to patch regularly.
Stay protected with the Onapsis Platform primed with the Onapsis Research Labs.
Dive Deeper – Access the Full Report
For the full, in-depth report, please fill out the form here to download.
Onapsis Research Labs observed and analyzed malicious activity detected though our global threat intelligence cloud. A system running SAP was compromised and turned into a command and control bot by injecting a malicious file via an SAP vulnerability. The C2 initiated a distributed denial of service attack involving Cloudflare.
In this paper we will review the details of this attack including source IP addresses, the malicious file, the installation of midnight commander, and cover the commands that were executed on the host system that included an assessment of the compromised SAP system.
CH4TTER: Threat Actors Attacking SAP for Profit
Onapsis and Flashpoint have joined forces to level the playfield, revealing how threat actors are attacking SAP applications. This report details new intelligence to protect SAP from ransomware and data breaches.
Ready to eliminate your SAP cyber security blindspot?
Let us show you how simple it can be to protect your business applications.