Security News

Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks
2024-11-29 09:34

Microsoft has addressed four security flaws impacting its artificial intelligence (AI), cloud, enterprise resource planning, and Partner Center offerings, including one that it said has been...

New Zero-Day Flaw in Apache OFBiz ERP Allows Remote Code Execution
2024-08-06 04:16

A new zero-day pre-authentication remote code execution vulnerability has been disclosed in the Apache OFBiz open-source enterprise resource planning system that could allow threat actors to achieve remote code execution on affected instances. "The root cause of the vulnerability lies in a flaw in the authentication mechanism," SonicWall, which discovered and reported the shortcoming, said in a statement.

South Korean ERP Vendor's Server Hacked to Spread Xctdoor Malware
2024-07-03 03:33

An unnamed South Korean enterprise resource planning (ERP) vendor's product update server has been found to be compromised to deliver a Go-based backdoor dubbed Xctdoor. The AhnLab Security...

Baddies hijack Korean ERP vendor's update systems to spew malware
2024-07-02 05:31

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems
2024-01-11 14:16

Cybersecurity researchers have developed a proof-of-concept (PoC) code that exploits a recently disclosed critical flaw in the Apache OfBiz open-source Enterprise Resource Planning (ERP) system to...

Critical Zero-Day in Apache OfBiz ERP System Exposes Businesses to Attack
2023-12-27 15:39

A new zero-day security flaw has been discovered in the Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system that could be exploited to bypass authentication protections. The...

How to quickly deploy the Odoo ERP solution with Docker
2022-07-27 16:48

One such platform is Odoo, which happens to be one of the most popular open-source ERP solutions on the market. The only thing you'll need to deploy Odoo is a running server that supports Docker.

Accenture Federal Services gets $729M contract to help the U.S. Army CECOM transform its ERP system
2021-07-28 22:45

Accenture Federal Services, a subsidiary of Accenture has been awarded a $729 million contract to help the U.S. Army Communications-Electronics Command transform multiple enterprise resource planning systems into a single, consolidated model to improve efficiency, enhance readiness, and reduce costs. AFS will support the Army Shared Services Center with organizational change management, agile development, and quality assurance, among other capability support functions.

You've patched that critical Sage X3 ERP security hole, yeah? Not exposing the suite to the internet, either, yeah?
2021-07-07 23:56

Admins of on-premises Sage X3 ERP deployments should check they're not exposing the enterprise resource planning suite to the public internet in case they fall victim to an unauthenticated command execution vulnerability. The infosec outfit described in detail the flaws, calling them "Protocol-related issues involving remote administration of Sage X3.".

Critical RCE Vulnerability Found in Apache OFBiz ERP Software—Patch Now
2021-03-22 01:34

The Apache Software Foundation on Friday addressed a high severity vulnerability in Apache OFBiz that could have allowed an unauthenticated adversary to remotely seize control of the open-source enterprise resource planning system. Tracked as CVE-2021-26295, the flaw affects all versions of the software prior to 17.12.06 and employs an "Unsafe deserialization" as an attack vector to permit unauthorized remote attackers to execute arbitrary code on a server directly.