| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 09 Mar 2011 18:20:52 -0300 From: Onapsis Research Labs <research@...psis.com> To: full-disclosure@...ts.grok.org.uk Subject: [Onapsis Research Labs] New SAP Security In-Depth issue and Tool - The Silent Threat: SAP Backdoors and Rootkits -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear colleague, We are happy to announce the third issue of the Onapsis SAP Security In-Depth publication. Onapsis' SAP Security In-Depth is a free technical publication leaded by the Onapsis Research Labs with the purpose of providing specialized information about the current and future risks in the SAP security field, allowing all the different actors (financial managers, information security managers, SAP administrators, auditors, consultants and the general professional community) to better understand the involved risks and the techniques and tools available to assess and mitigate them. In this edition: "The Silent Threat: SAP Backdoors and Rootkits", by Mariano Nuñez Di Croce. "Backdoors and rootkits have existed for a long time. From PCI cards to the most modern operating systems, almost every system is susceptible of being attacked and modified to hold a malicious program that will secure future access for the attacker and even perform unauthorized activities, while trying to remain undetected. As SAP business solutions run the most critical business information and processes in the organization, a backdoor in this platform would imply severe impacts for the business. If the organization is not securing its systems properly, it would be possible for a remote, anonymous attacker to perform continuous espionage, fraud and sabotage attacks through the injection of a backdoor or rootkit in the SAP platform. This publication analyzes some of the different attack vectors that malicious parties can use to try to inject backdoors and rootkits in the SAP platform, in order to understand which are the necessary protection measures that need to be implemented to protect the business crown jewels." The full publication can be downloaded from http://www.onapsis.com/resources/get.php?resid=ssid03 At the same time, we have released a new free tool: Onapsis Integrity Analyzer for SAP. This proof-of-concept will help you identify future unauthorized modifications of standard ABAP programs in your SAP systems, which could be the result of backdoor or rootkit attacks. The tool can be downloaded from http://www.onapsis.com/ianalyzer We hope you can enjoy these new resources! We would also love to get your feedback. Feel free to write us back with your comments and ideas. Kindest regards, - -- - -------------------------------------------- The Onapsis Research Labs Team Onapsis S.R.L Email: research@...psis.com Web: www.onapsis.com PGP: http://www.onapsis.com/pgp/research.asc - -------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAk137zQACgkQz3i6WNVBcDV0RACdHgigAxhnix2h31TYRI7jpEAH wDMAn2k6iiVK92RlVmkwcDGB5d2VCE8j =oPVY -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists