Information just now officially provided as part of the November SAP Patchday describes a new critical vulnerability: The SAP Security Note 2928635 (CVE-2020-6284) is a Cross-Site Scripting vulnerability (XSS) in SAP NetWeaver Knowledge Management. Act now to close the loophole!
Asides
With the SAST SUITE again at the top of the KuppingerCole Leadership Compass
SAST SUITE by akquinet AG scores again: The KuppingerCole analysts rates us in Leadership Compass for „Access Control Tools for SAP environments“ as international leader in three categories:
Product, Innovation and Overall Leadership.
Read more about this in the report (chargeable): https://t1p.de/ivp51
Corona Lockdown: IT Security Association Germany (TeleTrusT) lists free IT security solutions for secure mobile working.
Partner contribution – Berlin, March 23, 2020. The current widespread switch to mobile working, home office, data transmission and remote authentication places increased demands on IT security to avoid creating new opportunities for attackers to take advantage of the moment.
Criminals exploit the Corona crisis to e-mail spam with malware
The mass e-mail campaigns sending malware are most often the vehicle bringing malware into systems. So-called “phishing” e-mails are particularly dangerous: Cyber criminals use these to “fish” for passwords and other personal information. These e-mails contain infected links or attachments and remain the most common method of distributing malware.