April 2019 - Layer Seven Security

Securing Administrative Access in SAP AS Java

The misuse of administrative privileges is a common method used by attackers to compromise applications and propagate attacks to connected systems. The elevated privileges granted to administrative accounts are a prized target for attackers and provide a fast path to accessing or modifying sensitive data, programs and system settings. User privileges for Java applications are […]

SAP Security Notes, March 2019

Note 2764283 addresses an XML External Entity vulnerability in SAP HANA extended application services (XS), advanced. HANA XS does not sufficiently validate an XML document accepted from an authenticated developer with privileges to the SAP space. Successful exploitation of the vulnerability could lead to the leading of arbitrary files in SAP servers or denial of […]

Month: April 2019

Securing Administrative Access in SAP AS Java

SAP Security Notes, March 2019

SAP Security Notes, May 2026

Mini Shai-Hulud: Malware Targeting the Software Supply Chain for SAP Development Tools

From SAP Logs to Security Intelligence: Integrating SAP with Splunk

SAP Security Notes, May 2026

Mini Shai-Hulud: Malware Targeting the Software Supply Chain for SAP Development Tools

From SAP Logs to Security Intelligence: Integrating SAP with Splunk