CyberSec Roundup
A synopsis of the Latest Cybersecurity News
SAP Apps under attack
Hackers have been setting their sights on unsecured SAP applications. This was revealed in a report by SAP and Onapsis, where they divulged that 300 targets out of 1500 were compromised over the last few months. Applications that were targeted include ones that handle enterprise resource planning (ERP), supply chain management (SCM), human capital management (HCM), product lifecycle management (PLM), and customer relationship management (CRM). The vulnerabilities that were exploited, and need to be urgently patched are CVE-2010-5326, CVE-2016-3976, CVE-2016-9563, CVE-2018-2380, CVE-2020-6207 andCVE-2020-6287.
EU Commission Hacked
The European Commission reported that they were hit with a cybersecurity attack in March that disrupted their IT network. They confirmed that there was no major information breach, but the EU’s Computer Emergency Response Team is responding to the incident. There were no details given about the nature of the incident.
Tech Support Scam
Hackers have been impersonating tech support personnel from Norton Lifelock, Microsoft, and McAfee. They send out fake invoices via email and encourage recipients to call the support number where they will eventually be tricked into surrendering remote access to their machine. The scam started small, but they have significantly increased their email volume of late, so customers of these products need to be aware.
By: David Pinder
IT & Security Consultant
Certified Ethical Hacker