Kolby  Wyman

Kolby Wyman

1596178320

Critical SAP Bug Allows Full Enterprise System Takeover

Exploitation of the bug can allow an attacker to lift sensitive information, delete files, execute code, carry out sabotage and more.

A critical vulnerability, carrying a severity score of 10 out of 10 on the CvSS bug-severity scale, has been disclosed for SAP customers.

SAP’s widely deployed collection of enterprise resource planning (ERP) software is used to manage their financials, logistics, customer-facing organizations, human resources and other business areas. As such, the systems contain plenty of sensitive information.

According to an alert from the Department of Homeland Security, successful exploitation of the bug opens the door for attackers to read and modify financial records; change banking details; read personal identifiable information (PII); administer purchasing processes; sabotage or disrupt operations; achieve operating system command execution; and delete or modify traces, logs and other files.

The bug (CVE-2020-6287) has been named RECON by the Onapsis Research Labs researchers that found it, and it affects more than 40,000 SAP customers, they noted. SAP delivered a patch for the issue on Tuesday as part of its July 2020 Security Note.

“It stands for Remotely Exploitable Code On NetWeaver,” Mariano Nunez, CEO of Onapsis, told Threatpost. “This vulnerability resides inside SAP NetWeaver Java versions 7.30 to 7.50 (the latest version as of [our analysis publication]. All Support Packages tested to date were vulnerable. SAP NetWeaver is the base layer for several SAP products and solutions.”

An attacker leveraging this vulnerability will have unrestricted access to critical business information and processes in a variety of different scenarios, according to the firm.

#vulnerabilities #code execution #dhs alert #patch #sap #system takeover #vulnerability

What is GEEK

Buddha Community

Critical SAP Bug Allows Full Enterprise System Takeover
Kolby  Wyman

Kolby Wyman

1596178320

Critical SAP Bug Allows Full Enterprise System Takeover

Exploitation of the bug can allow an attacker to lift sensitive information, delete files, execute code, carry out sabotage and more.

A critical vulnerability, carrying a severity score of 10 out of 10 on the CvSS bug-severity scale, has been disclosed for SAP customers.

SAP’s widely deployed collection of enterprise resource planning (ERP) software is used to manage their financials, logistics, customer-facing organizations, human resources and other business areas. As such, the systems contain plenty of sensitive information.

According to an alert from the Department of Homeland Security, successful exploitation of the bug opens the door for attackers to read and modify financial records; change banking details; read personal identifiable information (PII); administer purchasing processes; sabotage or disrupt operations; achieve operating system command execution; and delete or modify traces, logs and other files.

The bug (CVE-2020-6287) has been named RECON by the Onapsis Research Labs researchers that found it, and it affects more than 40,000 SAP customers, they noted. SAP delivered a patch for the issue on Tuesday as part of its July 2020 Security Note.

“It stands for Remotely Exploitable Code On NetWeaver,” Mariano Nunez, CEO of Onapsis, told Threatpost. “This vulnerability resides inside SAP NetWeaver Java versions 7.30 to 7.50 (the latest version as of [our analysis publication]. All Support Packages tested to date were vulnerable. SAP NetWeaver is the base layer for several SAP products and solutions.”

An attacker leveraging this vulnerability will have unrestricted access to critical business information and processes in a variety of different scenarios, according to the firm.

#vulnerabilities #code execution #dhs alert #patch #sap #system takeover #vulnerability

Micheal  Block

Micheal Block

1602936000

Wormable Apple iCloud Bug Allows Automatic Photo Theft

A group of ethical hackers cracked open Apple’s infrastructure and systems and, over the course of three months, discovered 55 vulnerabilities, a number of which would have given attackers complete control over customer and employee applications.

Of note, a critical, wormable iCloud account takeover bug would allow attackers to automatically steal all of a victim’s documents, photos, videos and more.

The discovery by hackers Sam Curry, Brett Buerhaus, Ben Sadeghipour, Samuel Erb and Tanner Barnes demonstrated key weaknesses in the company’s “massive” infrastructure while it also earned the team nearly $300,000 to date in rewards for their efforts, Curry wrote in an extensive blog post detailing the team’s findings.

Among the flaws found in core portions of Apple’s infrastructure includes ones that would have allowed an attacker to: “fully compromise both customer and employee applications; launch a worm capable of automatically taking over a victim’s iCloud account; retrieve source code for internal Apple projects; fully compromise an industrial control warehouse software used by Apple; and take over the sessions of Apple employees with the capability of accessing management tools and sensitive resources,” he wrote.

Of the 55 vulnerabilities discovered, 11 were rated with critical severity, 29 with high severity, 13 with medium severity and two with low severity. Researchers rated the bugs based on the CvSS vulnerability-severity rating, and “our understanding of the business-related impact,” Curry said.

The wormable iCloud bug is a cross-site scripting (XSS) issue, according to the writeup. iCloud is an automatic storage mechanism for photos, videos, documents, and app related data for Apple products. Additionally, this platform provides services like Mail and Find my iPhone.

“The mail service is a full email platform where users can send and receive emails similar to Gmail and Yahoo,” explained Curry. “Additionally, there is a mail app on both iOS and Mac which is installed by default on the products. The mail service is hosted on www.icloud.com alongside all of the other services like file and document storage.”

He added, “This meant, from an attackers perspective, that any cross-site scripting vulnerability would allow an attacker to retrieve whatever information they wanted to from the iCloud service.”

#bug bounty #cloud security #hacks #iot #mobile security #privacy #vulnerabilities #web security #$300 #000 #apple #apple bug bounty program #applications #authentication bypass #bug bounty #critical bugs #critical flaws #developers #ethical hackers #hackers #hardware #icloud #sam curry #software #source code #takeover #vulnerabilities #wormable #xss

Ruth  Nabimanya

Ruth Nabimanya

1620633584

System Databases in SQL Server

Introduction

In SSMS, we many of may noticed System Databases under the Database Folder. But how many of us knows its purpose?. In this article lets discuss about the System Databases in SQL Server.

System Database

Fig. 1 System Databases

There are five system databases, these databases are created while installing SQL Server.

  • Master
  • Model
  • MSDB
  • Tempdb
  • Resource
Master
  • This database contains all the System level Information in SQL Server. The Information in form of Meta data.
  • Because of this master database, we are able to access the SQL Server (On premise SQL Server)
Model
  • This database is used as a template for new databases.
  • Whenever a new database is created, initially a copy of model database is what created as new database.
MSDB
  • This database is where a service called SQL Server Agent stores its data.
  • SQL server Agent is in charge of automation, which includes entities such as jobs, schedules, and alerts.
TempDB
  • The Tempdb is where SQL Server stores temporary data such as work tables, sort space, row versioning information and etc.
  • User can create their own version of temporary tables and those are stored in Tempdb.
  • But this database is destroyed and recreated every time when we restart the instance of SQL Server.
Resource
  • The resource database is a hidden, read only database that holds the definitions of all system objects.
  • When we query system object in a database, they appear to reside in the sys schema of the local database, but in actually their definitions reside in the resource db.

#sql server #master system database #model system database #msdb system database #sql server system databases #ssms #system database #system databases in sql server #tempdb system database

Ananya Gupta

Ananya Gupta

1606115908

Advantages SAP and Its Importance for Organizations

SAP is one of the amount one providers of business software solutions towards better work and data management in organizations across industries. When Systems, Applications & Products in processing (SAP) was founded in June 1972, it had been centered on only a kind or big businesses.

However, over a period of your time, small and medium-size companies adopted SAP towards achieving organizational goals and today SAP is that the leader in enterprise applications.If you want to be a best leader then join best sap programming course and work on live projects.

Various SAP modules are developed over time focused on different areas. Professionals can become SAP Network Specialists, SAP FI/CO course for finance and accounting control, SAP Database Administrators, SAP Security consultants, etc.

On the opposite hand, management professionals can choose SAP customer relationship management, SAP business intelligence, SAP sales and distribution, SAP business information warehouse, and more.
SAP implementation may be a very complex process and requires adequate knowledge and training on the topic to achieve maxim benefits.

It takes years for professionals to realize expertise in handling SAP. SAP training helps one to realize expertise in software and programs that run them alongside SAP modules. SAP builds robust technical support for the organization.

Advantages of SAP HCM Module in Organizations
SAP offers software for the business world and a number of their solutions are management based. SAP HCM module is that the apt software for the HR department of a corporation. the work of HR is far beyond just recruiting. From hiring professionals to managing details of designation, payment, compensation, promotion, etc., are taken care of by HR. SAP HCM module enables one to stay a far better track of everything.

There are various sub-modules of SAP HCM for various processes like organizational management, personnel administration, e-recruitment, time management, payroll, ESS and MSS, and reporting. Organizational management manages the human resources of a whole organization towards achieving a group goal; personnel administration on the opposite hand manages details like compensation, performance appraisal then on.

E-recruitments enhance the recruitment processes of a corporation, time management enables better management of labor and time of employees, payroll manages the payment details then on.
Advantages of SAP CRM Module in Organizations.

SAP Customer Relationship Management because the term suggests helps in better management of customer needs and helps towards future and profitable customer relationships. SAP CRM provides a corporation the pliability to make various unique solutions for better customer experiences.

It helps in building consistent and relevant interactions across all branches that handle customers. This module helps organizations in driving customer value, loyalty, and profitability across the whole value chain of a corporation. Customer satisfaction is one of the common aims for each business and this SAP module helps to realize an equivalent.Think To Master In Sap Hana? Here Are Some Major Key Points For You

Advantages of SAP SD Module in Organizations
SAP Sales and Distribution is the ideal software for each organization that helps in managing master data, system configuration, order and cash process related transactions, and more. Using this module, organizations can better manage their Customer Master and Material Master Data, Sales Orders, Deliveries, Pricing, Billing, and Credit processes then on.

There are various sub-modules of SAP SD for various processes like Master Data, Sales Support, Pendulum List Indirect Sales, Sales, Shipping and Transportation, Billing, Empties Management, Credit Management, Foreign Trade, and Sales data system. Each SAP SD module provides easy and swift management of task lists within the broader process of Sales and Distribution.

Advantages of SAP BI Module in Organizations
SAP Business Intelligence, earlier referred to as SAP Business Information Warehouse is popularly referred to as SAP BI at a user level. SAP BI helps in various processes of a corporation. It’s liable for extracting data from different sources, applying rules thereon, and loading it to the Data Warehouse area.

SAP BI improves the management of knowledge Storage within a corporation. SAP BI enables one to represent data analysis in several formats like grids, graphs, maps, etc. SAP BI uses BEx tools so as to present these data and report presentations for organizations.

Thus, SAP provides various modules that enhance work processes within organizations. SAP training allows professionals to figure out better with SAP modules. That training module allows professionals to handle software presented by SAP towards better work processes and data management in organizations. due to the varied advantages mentioned, more and more organizations are moving towards adopting SAP by the day.

#sap online training #sap online course #sap training in noida #sap training in delhi #sap training #sap course

Wilford  Pagac

Wilford Pagac

1596834000

Critical Bugs in Utilities VPNs Could Cause Physical Damage

Gear from Secomea, Moxa and HMS Networks are affected by remote code-execution flaws, researchers warn.

Remote code-execution vulnerabilities in virtual private network (VPN) products could impact the physical functioning of critical infrastructure in the oil and gas, water and electric utilities space, according to researchers.

Researchers at Claroty found that VPNs used to provide remote access to operational technology (OT) networks in industrial systems are vulnerable to an array of security bugs, which could give an attacker direct access to field devices and cause physical damage or shut-downs.

The security vulnerabilities affect three vendors specifically, Secomea, Moxa and HMS Networks, and any of their white-label partners.

“These dedicated remote-access solutions are mainly focused on the industrial control system (ICS) industry, and their main use case is to provide maintenance and monitoring to field controllers and devices including programmable logic controllers (PLCs) and input/output (IO) devices,” analysts said in a posting issued on Wednesday. “Apart from connectivity between sites these solutions are also used to enable remote operators and third-party vendors to dial into customer sites and provide maintenance and monitoring for PLCs and other Level 1/0 devices. This kind of access has become especially prioritized in recent months due to the new reality of COVID-19.”

The Flaws

A critical bug in Secomea GateManager (CVE-2020-14500) occurs due to improper handling of HTTP request headers provided by the client. This could allow an attacker to remotely exploit GateManager to achieve remote code execution without any authentication required.

“If carried out successfully, such an attack could result in a complete security breach that grants full access to a customer’s internal network, along with the ability to decrypt all traffic that passes through the VPN,” according to Claroty.

GateManager is an ICS component located at the perimeter of a customer network, which accepts connections from remote sites/clients. It’s deployed worldwide as a cloud-based software-as-a-service solution, both in branded and white-label instances; these cloud servers are multi-tenant but can also be installed and configured as on-premise solutions.

According to Secomea’s website, the GateManager cloud server is designed to “deliver the convenience of fast and easy web access, while avoiding server setups.” However, the cloud-based nature of the product could mean a wider attack surface for cybercriminals looking to exploit this bug, researchers said.

“In recent years we have seen a shift toward cloud-based remote access solutions, which typically enable rapid deployment and reduce cost,” according to Claroty’s post. “Usually, they also offer white-labeled solutions that large-scale companies can purchase to have their own personal cloud while the underlying software is exactly the same. Thus, finding bugs in one instance could mean that all other instances would be affected, too.”

In addition to the critical bug, other flaws found in GateManager include CVE-2020-14508, an off-by-one error, which may allow an attacker to remotely execute arbitrary code or cause a denial-of-service condition. Another (CVE-2020-14510) arises from the use of a hard-coded credential for telnet, allowing an unprivileged attacker to execute commands as root. And CVE-2020-14512 is due to a weak hash type, which may allow an attacker to view user passwords.

Secomea issued patches on July 16 (in GateManager versions 9.2c / 9.2i).

Meanwhile, a stack-based overflow vulnerability, is present in the Moxa EDR-G902/3 industrial VPN server (CVE-2020-14511). This product is meant to provide a secure connection between remote industrial sites and a main data center where the SCADA/data collection server is located.

“Exploiting this security flaw, an attacker could use a specially crafted HTTP request to trigger a stack-based overflow in the system web server and carry out remote code execution without the need for any credentials,” according to the writeup. “An attacker can provide a large cookie and trigger a stack-based overflow in the system.”

Moxa made a patch available on June 9; users should update EDR-G902/3 to version v5.5 by applying the respective firmware updates available for the EDR-G902 series and EDR-G903 series, the vendor said.

And finally, a critical stack-buffer overflow (CVE-2020-14498) is present in the eWon product by HMS Networks.

eWon is a VPN device that allows machine builders and factory owners to remotely monitor the performance of their equipment. Remote clients can connect to it using a proprietary VPN client on their computer, named eCatcher, which is where the vulnerability lies.

“The bug can be exploited to achieve remote code execution [on a target’s computer] by [convincing a user to visit] a malicious website or [open] a malicious email which contains a specifically crafted HTML element which is able to trigger the vulnerability in eCatcher,” explained Claroty researchers.

Gaining control of an authorized user’s computer grants attackers access to that user’s VPN credentials, which they can then use to expand their foothold within an organization’s internal network.

In a proof-of-concept exploit, researchers showed that sending socially engineered emails embedded with specifically crafted images could trigger the vulnerability if the user simply opened and viewed the email. An attacker would then have the highest privileges and be able to completely take over a victim’s machine.

“The exploitation phase occurs immediately when the email client (e.g. Outlook) is loading the malicious images,” according to the post.

HMS Networks issued a patch on July 14 in eCatcher version 6.5.5.

ICS in the Crosshairs

Industrial installations have been ramping up in terms of adversary interest of late. Last week, the U.S. National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) issued an alert warning that cybercriminals could be targeting critical infrastructure across the U.S.

And separately, ICS-CERT issued an advisory on a critical security bug in the Schneider Electric Triconex TriStation and Tricon Communication Module. These safety instrumented system (SIS) controllers are responsible for shutting down plant operations in the event of a problem and act as an automated safety defense for industrial facilities, designed to prevent equipment failure and catastrophic incidents such as explosions or fire. They’ve been targeted in the past, in the TRITON attack of 2017.

“We expect that in the COVID-19 reality of working from home, the increased use of [VPN] platforms will drive increased interest both from the operational side, as they become more process-critical, and from the security side, as they become more common,” according to Claroty. The researchers added, “Denial-of-service attacks on these components of the enterprise infrastructure could potentially emerge as a new tactic used by financially motivated attackers.”

Complimentary Threatpost Webinar: Want to learn more about Confidential Computing and how it can supercharge your cloud security? This webinar “Cloud Security Audit: A Confidential Computing Roundtable_” brings top cloud-security experts together to explore how Confidential Computing is a game changer for securing dynamic cloud data and preventing IP exposure. Join us Wednesday Aug. 12 at 2pm ETfor this** FREE _**live

#cloud security #critical infrastructure #vulnerabilities #web security #bugs #claroty #coronavirus #covid-19 #critical #denial of service #hms networks #ics #industrial control systems #infrastructure #moxa #operational technology #ot #physical damage #remote access #remote code execution #secomea #security flaws #triton #utilities #vpns #vulnerability #work from home