Security researchers, enterprise software maker SAP, and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) have issued warnings over a critical vulnerability affecting Internet Communication Manager (ICM), a core component of SAP business applications that enables HTTPS communications. Tracked as CVE-2022-22536, the vulnerability allows attackers to use malformed packets to trick SAP servers into exposing sensitive data without needing to authenticate, according to Onapsis Research Labs. A security patch is available and organizations are urged to update as soon as possible.
More Stories
Friday Squid Blogging: Creating Batteries Out of Squid Cells
This is fascinating: “When a squid ends up chipping what’s called its ring tooth, which is the nail underneath its...
A Hacker’s Mind News
My latest book continues to sell well. Its ranking hovers between 1,500 and 2,000 on Amazon. It’s been spied in...
Critical flaw in WooCommerce can be used to compromise WordPress websites
WooCommerce, a popular plug-in for running WordPress-based online stores, contains a critical vulnerability that could allow attackers to take over...
Spot and Remove Viruses from Your Android Phone
So, can Android phones get viruses and malware? The answer is yes, and likewise you can do several things to...
CISA Unveils Ransomware Notification Initiative
Provides businesses with early warnings to evict threat actors before they can encrypt data Read More
WooCommerce Patches Critical Plugin Flaw Affecting Half a Million Sites
The vulnerability could allow an unauthenticated attacker to gain admin privileges and take over a website Read More