Security

Cybersecurity threats are on the rise, with notable increases in ransomware attacks in Belgium, heightened by geopolitical tensions and advanced methods employed by cybercriminals, urging organizations and individuals to enhance their security measures.

Inetum has strengthened its partnership with the City of Bruges by winning two additional lots in a consultancy framework agreement focused on systems management and cybersecurity, potentially worth €92 million over six years.

Microsoft Dynamics 365 users in Finance, Supply Chain, and Commerce must urgently address access governance before stricter licensing rules take effect on November 1, 2025, as many organizations have uncovered significant security vulnerabilities and excessive user permissions amidst new compliance pressures.

Manufacturers are increasingly focusing on enhancing cybersecurity for their ERP systems to protect sensitive data and mitigate risks associated with cyber-attacks, which can lead to substantial financial losses and reputational damage.

Active exploitation of a critical zero-day vulnerability (CVE-2025-31324) in the SAP Visual Composer component allows unauthenticated attackers to gain full control over SAP systems, prompting SAP to release an emergency patch and urging customers to either apply it or disable access to the vulnerable component.

SAP has issued critical Security Notes including a highly severe vulnerability in SAP NetWeaver Visual Composer that allows unauthenticated attackers to upload malicious files, prompting organizations to urgently patch or implement workarounds to protect their systems.

Cyberattacks on manufacturing operations can result in severe consequences including downtime, theft of intellectual property, and financial loss, with recent data revealing 88% of UK companies experienced breaches largely due to human error, emphasizing the need for fundamental security practices and robust measures from firms like Codestone to enhance cybersecurity resilience.

Thales is pioneering digital transformation in its factories by replacing traditional PCs with smartphones and tablets through the SmartMobility project, which enhances mobility and operational efficiency while maintaining cybersecurity.

Effective Segregation of Duties (SoD) and user access management in ERP systems are crucial for reducing fraud risks and ensuring compliance, necessitating automation, continuous access reviews, and a balanced approach to user privileges.

In response to rising identity-related threats, 78% of organizations are set to increase their identity and access management spending in 2025, reflecting a strategic shift towards modern security measures that emphasize complex governance and AI-driven solutions to enhance resilience in the digital landscape.

Dell Technologies and Microsoft are enhancing AI adoption to protect data and improve cybersecurity for multicloud environments.

Onapsis CEO Mariano Nunez talks about the importance of cybersecurity in today's ERP landscape, shared security responsibility, and why it is vital to embed security from the start.

Signify enhanced efficiency and quality control across over 100 company codes by utilizing Aico’s modules, achieving a 99.9% success rate in journal management, real-time reporting with 15-second dashboard refresh rates, a 30% reduction in obsolete tasks, an increase of 250-350 additional reconciliations per company code, and a jump to 58% automation in BSAR sign-offs.

Cyberattacks on utility companies are increasingly targeting vulnerabilities in SAP applications, posing significant financial and operational risks, with the average cost of a data breach reaching $4.72 million. The energy sector, with its sensitive enterprise resource planning (ERP) systems like SAP, is particularly attractive to cybercriminals. Despite this, many utility companies struggle to allocate adequate resources for security, especially amid ongoing digital transformation efforts. The consequences of such attacks can be severe, leading to business disruptions, power or water outages, and the theft of customer data. To address these challenges, Onapsis, a leader in business application security, has partnered with Snohomish County Public Utility District (SNOPUD) to enhance SAP security through its Connect Up initiative, aimed at upgrading meters across homes and businesses. This collaboration leverages Onapsis' threat intelligence and automated vulnerability remediation to safeguard SNOPUD's critical systems and customer data, supporting a security-first approach as the utility modernizes its operations.

This article discusses the use of hashing for password security in SAP systems, explaining how hashes are stored, methods for cracking them using tools like JohnTheRipper and Hashcat, and emphasizes the importance of addressing weak hashes and deactivating downward compatibility to enhance data protection.

Remote Function Call (RFC) is a proprietary framework and network protocol used as a key pillar for data exchange in SAP landscapes. For network communications based upon the RFC framework, connection information needs to be configured and stored on the...

Onapsis Research Labs detailed a security breach where an SAP system was compromised, transformed into a command and control bot through a vulnerability, and used to launch a distributed denial of service attack via Cloudflare.

THE IMPORTANCE OF SAP SECURITY Simple steps to educate yourself, your team, your executive management, and the board of directors. SAP S/4HANA & DIGITAL TRANSFORMATION Best practices to securely navigate your SAP S/AHANA journey. AUTOMATION, EFFICIENCY & AGILITY FOR APPLICATION...

Onapsis and Flashpoint released a report detailing how cybercriminals are increasingly discussing and targeting SAP applications.

RISE with SAP is a comprehensive suite of cloud-based applications, platforms, tools, and services that help businesses of all sizes accelerate their digital transformation. However, any migration to the cloud comes with security challenges. Using third-party security technology can enhance and expand your ability to protect your data and systems while transitioning into a RISE with SAP environment. In this webinar, learn how enhanced visibility, automated security scanning, and incident response can augment your team’s ability to inspect what they expect from RISE with SAP, increase business value, and promote risk abatement.

New Intelligence to Protect SAP from Ransomware and Data Breaches, Onapsis and Flashpoint have joined forces to level the playfield, revealing how threat actors are attacking SAP applications. Download our report or listen to our recent webinar

Onapsis Assess - Complete ERP Attack Surface Management. Discover vulnerabilities across your critical ERP application landscape and get the risk-based guidance you need to better prioritize and respond faster to issues posing the greatest threats to your business.

Onapsis Secure RISE Accelerator lowers risk and reduces security and compliance obstacles in RISE projects by delivering a proven SAP security framework that helps you make better-informed, faster security decisions, narrow the scope for an optimized secure-by-design go-live, and de risks the threat of costly project delays with expert guidance and automation technology that reduces manual efforts and costs.

SAP offers a highly secure and compliant cloud infrastructure for RISE with SAP customers. With the peace of mind that SAP is managing the security of the foundational layers, customers can concentrate on their own security and compliance responsibilities: protecting business processes, sensitive data, and any extensions or customizations.

SonicWall's 2025 Cyber Threat Report reveals a rapidly evolving cyber threat landscape, particularly targeting small and medium businesses (SMBs), with alarming increases in Business Email Compromise incidents, sophisticated attack tactics, and the urgent need for proactive security measures such as real-time patching and enhanced user training.

CrowdStrike is enhancing Oracle Cloud Infrastructure by integrating its Falcon Cloud Security platform to provide unified protection, streamline compliance, and empower organizations to effectively address evolving threats and vulnerabilities in their cloud environments.

The rapid growth of generative AI tools like DeepSeek presents significant data security risks for organizations, necessitating enhanced protective measures such as Mimecast's Incydr platform to safeguard intellectual property while promoting safe and effective AI adoption.