Systems, Applications, and Products in Data Processing (SAP) applications have become a great target for cyber attackers. SAP system touches 74% of the world’s transaction revenue and it is uniquely vulnerable. However, SAP has its strong defense security products and architectures including its threat intelligence, governance, risk management, and compliance (GRC) solution, and many other solutions. So, if a company uses an enterprise resource planning (ERP) system, then it’s common that SAP is the ERP of choice for most of the business these days.
The Qualys Research Team has discovered a heap overflow vulnerability in SUDO app. The vulnerability, which received a CVE-2021-3156 identifier and is known as “Baron Samedit,” was found two weeks ago and patched early this week under the release Sudo v1.9.5p2.
SUDO is a powerful utility that allows users to run programs with the security privileges of another user. It is included in most if not all Unix- and Linux-based OSes.
Qualys Vulnerability R&D Lab has released their weekly vulnerability report. This list of critical vulnerabilities provides a sample of Qualys’ continuous updating. The complete set of over 25,000 vulnerability signatures is contained in the Qualys KnowledgeBase.
Here are this week’s vulnerabilities:
A fourth piece of malware used by the Solar Winds hackers has been detected. According to Symantec analysts, a loader nicknamed “Raindrop” is a backdoor loader that drops Cobalt Strike to perform lateral movement across victims’ networks.
Oracle announced yesterday the availability of the EnterpriseOne Tool Release 9.2 Update 5 (Release 9.2.5). Oracle continues investment in digital transformation, user experience, system automation, security and open platforms. New Features Digital transformation includes all sort of features that enables you to participate in the digital economy, transform business processes, and adopt emerging technologies such