Cybersecurity researchers have discovered vulnerabilities in the Windows and Java versions of the SAP GUI software, which is frequently used in the business world, that could lead to serious data leaks. It was understood that sensitive historical data previously entered by users, such as T.R. identity numbers, bank account details, and passwords, could be easily stolen by attackers with access to the computer. It was revealed that this data is stored on the computer using a very weak encryption method in the Windows version, and completely unencrypted in the Java version. Although SAP has released updates to fix this situation, unpatched systems remain at great risk.

On the other hand, the development causing real panic in the cyber world was a new vulnerability dubbed "Citrix Bleed 2". This critical vulnerability discovered in Citrix NetScaler devices allows hackers to silently bypass even multi-factor authentication (MFA) and steal active session keys from the system memory. Moreover, they can directly infiltrate corporate networks without needing to know any usernames or passwords.

The latest reports published by security experts show that attackers have started actively exploiting this vulnerability and are conducting reconnaissance (Active Directory scans) on companies' internal networks with the sessions they have compromised. Against these attacks, which are thought to be backed by major ransomware gangs, it is of vital importance for organizations to urgently update their systems and manually terminate all old sessions left open in the background.

Some of the precautions we need to take to protect against these types of attacks include:

• Do not open emails from untrusted sources.

• Use multi-factor authentication (MFA).

• Keep your system updated to the latest version at all times.

• Monitor login logs regularly.

• Track the security of mobile devices.

  
  

  For detailed information, you can reach out to our experts at info@zerosecond.ae