Close

have questions?

Contact us today.

Subscribe me to your mailing list

Hardcoded Credentials vulnerability

Hard-Coded credentials – SAP Security Notes May 2016

SAP has released the monthly critical patch update for May 2016. This patch update closes 21 vulnerabilities in SAP products including 10 SAP Security Patch Day Notes and 11 Support Package Notes. 10 of all Notes were released after the second Tuesday of the previous month and before the second Tuesday of this month. 4 of all notes are updates to previous Security Notes.
Read more..

SAP Security Notes June 2015 – Review

SAP has released the monthly critical patch update for June 2015. This patch update closes a lot of vulnerabilities in SAP products. The most common vulnerability is Missing Authorization Check. This month, three critical vulnerabilities found by ERPScan researchers Vahagn Vardanyan, Rustem Gazizov, and Diana Grigorieva were closed.
Read more..

SAP Passwords. Part 1: ABAP Secure Storage. How it works

This is the first entry in our blog series dedicated to passwords in SAP systems. We will discuss how different passwords are stored in systems, how they are protected and transmitted. It seems easy at first glance: passwords should be stored in a database. Of course this is true for regular users: their passwords are stored in databases as hashes. But it’s not that simple for the service users of SAP systems.
Read more..