Cybercriminals and Chinese advanced persistent threat (APT) groups have targeted recently patched vulnerabilities in SAP NetWeaver to deploy webshells and malware. These activities threaten critical infrastructure and enterprise systems worldwide, emphasizing the importance of timely patching and security measures.
Affected: SAP NetWeaver, critical infrastructure networks, enterprise systems
Affected: SAP NetWeaver, critical infrastructure networks, enterprise systems
Keypoints
- Multiple threat groups are exploiting recent SAP NetWeaver vulnerabilities to gain unauthorized access.
- Chinese APTs are conducting long-term cyber-espionage campaigns using webshells and malware on targeted networks.
- Ransomware groups like BianLian and RansomEXX are leveraging these vulnerabilities for financial gain through attacks on critical infrastructure.
- Effective patch management and hardening of SAP systems are crucial to defend against ongoing exploitation.
- Security firms recommend thorough system reviews, deprecation of outdated components, and vigilant monitoring of suspicious activities.
Read More: https://www.securityweek.com/ransomware-groups-chinese-apts-exploit-recent-sap-netweaver-flaws/