Security researchers, enterprise software maker SAP, and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) have issued warnings over a critical vulnerability affecting Internet Communication Manager (ICM), a core component of SAP business applications that enables HTTPS communications. Tracked as CVE-2022-22536, the vulnerability allows attackers to use malformed packets to trick SAP servers into exposing sensitive data without needing to authenticate, according to Onapsis Research Labs. A security patch is available and organizations are urged to update as soon as possible.
More Stories
CISA and NFL Collaborate to Secure Super Bowl LVIII
Tabletop exercise assessed the cybersecurity response capabilities, plans and procedures for the event Read More
Over 700 Dark Web Ads Offer DDoS Attacks Via IoT in 2023
Kaspersky said these services range from $20 per day to $10,000 a month Read More
Elusive Sandman APT Targets Telecom Giants With LuaJIT Toolkit
SentinelLabs said the group’s tactics focus on stealthy lateral movements and minimal interactions Read More
#mWISE: Why Zero Days Are Set for Highest Year on Record
Experts at the mWISE conference discussed who is behind the surge in zero-day exploits Read More
US Government IT Staffer Arrested on Espionage Charges
Maryland resident faces possible death penalty Read More
UK Security Agency Publishes New Crypto Designs
NCSC hopes research will inform future standards Read More