Security researchers, enterprise software maker SAP, and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) have issued warnings over a critical vulnerability affecting Internet Communication Manager (ICM), a core component of SAP business applications that enables HTTPS communications. Tracked as CVE-2022-22536, the vulnerability allows attackers to use malformed packets to trick SAP servers into exposing sensitive data without needing to authenticate, according to Onapsis Research Labs. A security patch is available and organizations are urged to update as soon as possible.
More Stories
FBI Seizes BreachForums Website
The FBI has seized the BreachForums website, used by ransomware criminals to leak stolen corporate data. If law enforcement has...
Patient Data at Risk in MediSecure Ransomware Attack
Electronic prescriptions provider MediSecure said the attack originated from a third-party vendor, and has impacted individuals’ personal and health information...
Windows Quick Assist Exploited in Ransomware Attacks
Microsoft warned Storm-1811 started vishing attacks in April to gain access to target devices Read More
SugarGh0st RAT Variant Used in Targeted AI Industry Attacks
Proofpoint said the attackers modified registry key names for persistence Read More
BreachForums seized! One of the world’s largest hacking forums is taken down by the FBI… again
Law enforcement agencies worldwide have coordinated to take down one of the world’s largest hacker forums, scoring a victory against...
53,000 Employees’ Social Security Numbers Exposed in Nissan Data Breach
Car manufacturer Nissan revealed that over 53,000 of its North America employees had their social security numbers accessed by a...