SAP and security analysts Onapsis say cyber-criminals are pretty quick to analyze the enterprise software outfit's patches and develop exploits to get into vulnerable systems.
In a joint report issued by the two organizations, Mariano Nunez, CEO of Onapsis, cited "conclusive evidence that cyberattackers are actively targeting and exploiting unsecured SAP applications," and warned time was of the essence, reporting "SAP vulnerabilities being weaponized in less than 72 hours since the release of patches."
For newly provisioned SAP applications in cloud environments, discovery and attack can occur in as little as three hours, the report says. However, the average time from the provisioning of a new SAP instance at cloud service provider to exploitation and compromise is just under a week.
And while, yes, patches are rapidly weaponized all the time in the ..
Support the originator by clicking the read the rest link below.
