Security pros warned that teams should patch a critical zero-day bug in SAP NetWeaver Visual Composer immediately after the Shadowserver Foundation found that more than 400 servers are exposed to potential attacks.Active exploitation of the vulnerability has already been confirmed, with risks including remote code execution and full system compromise. As of yesterday, 427 servers … Read more
SAP released a patch for a critical 10.0 vulnerability in its NetWeaver Visual Composer product that it observed attackers exploiting, uploading malicious webshells.Security experts expressed concern because many Fortune 500 companies and large government agencies use SAP.In a blog post that originally ran April 22 and was updated April 25, ReliaQuest researchers said the bug … Read more
With the end of mainstream support for major SAP versions looming large, SAP shops may feel pressure to accelerate a shift to cloud. But more and more are learning they no longer have to stress over vendor-imposed deadlines. Leveraging third-party support, enterprises can reclaim the power dynamic, reaping value from their on-premises SAP estate while … Read more
SAP’s promised collaboration between its AI copilot, Joule, and other agents will become reality in the fourth quarter of 2024, the company announced at its 2024 TechEd conference Tuesday. The company first discussed the new functionality at its Sapphire conference in June, announcing that Joule would offer an integration with Microsoft Copilot enabling users to, … Read more
Four vulnerabilities in SAP, D-Link, DrayTek and Motion Spell products were added to the Known Exploited Vulnerabilities (KEV) catalog Monday by the Cybersecurity & Infrastructure Security Agency (CISA) The vulnerabilities, most of which are several years old, pose risks including privilege escalation and remote command execution. Due to targeting of these flaws by threat actors, … Read more