Oracle PeopleSoft applications include different critical business systems like HRMS, FMS, SCM, CRM, etc. They are widespread in the world (about 50 % of Fortune 100). In addition, some of these systems (especially HRMS) are accessible from the Internet. Nevertheless, there is almost no research on the security of PeopleSoft applications. Oracle publishes basic information about vulnerabilities in the applications on a regular basis, but it’s not enough for penetration testers. In addition, the uncommon internal architecture of PeopleSoft applications makes black-box testing much harder. Public news about successful attacks against PeopleSoft shows up from time to time and in this talk, Alexey tried to fill this gap.
- Oracle PeopleSoft Applications are Under Attack, Says ERPScan Researcher
- TokenChpoken attack on Oracle PeopleSoft affecting nearly half of large enterprises and government organizations
HITBSecConf2015, Amsterdam is the 6th Annual HITB Security Conference in The Netherlands.
Held once again at De Beurs van Berlage, HITB2015AMS took place from the 26th till the 29th of May 2015 and rфn alongside HITB Haxpo – our 3-day technology expo for hackers, makers, builders and breakers.