Security researchers, enterprise software maker SAP, and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) have issued warnings over a critical vulnerability affecting Internet Communication Manager (ICM), a core component of SAP business applications that enables HTTPS communications. Tracked as CVE-2022-22536, the vulnerability allows attackers to use malformed packets to trick SAP servers into exposing sensitive data without needing to authenticate, according to Onapsis Research Labs. A security patch is available and organizations are urged to update as soon as possible.
More Stories
UK Councils Warn of Data Breach After Attack on Medical Supplier
Multiple UK councils have warned that residents’ personal data may have been compromised following a ransomware attack on NRS Healthcare...
How to Protect Yourself on Social Networks
There are now over 5 billion active social media users worldwide, representing 62.3% of the global population. While social networks...
New Android Banking Trojan Mimics Google Play Update App
A new banking Trojan targeting Android devices shows multifaceted capabilities Read More
FBI Seizes BreachForums Website
The FBI has seized the BreachForums website, used by ransomware criminals to leak stolen corporate data. If law enforcement has...
Patient Data at Risk in MediSecure Ransomware Attack
Electronic prescriptions provider MediSecure said the attack originated from a third-party vendor, and has impacted individuals’ personal and health information...
Windows Quick Assist Exploited in Ransomware Attacks
Microsoft warned Storm-1811 started vishing attacks in April to gain access to target devices Read More