October-11-14-2010 Talk at HITB, Malaysia “Hacking SAP Users Extended” by Alexander Polyakov
Kuala Lumpur, Malaysia – October 11-14, 2010 ERPScan experts spoke at Hack In The Box (HITB) 2010, one of the largest conferences dedicated to the technical aspects of information security. The conference was held 11-14 October in Kuala Lumpur, Malaysia.
Alexander Polyakov, CTO at ERPScan, gave a talk about the possible ways of getting unauthorized access to corporate SAP servers through the SAP Frontend vulnerabilities and misconfigurations with new examples of attacks.He also demonstrated that the scenario which was performed by Stuxnet for SCADA systems was applicable for ERP systems. For example, in SAP it is possible to make a worm which would steal business-critical data.