Even though this blog discusses some serious topics related to security of mission-critical SAP applications, why not start it with a fun trivia question? So, here it is: “What does SAP stand for?” As per the company’s website, SAP is an acronym for the organization’s original German name “Systemanalyse Programmentwicklung,” which stands for System Analysis Program Development in English. Founded in 1972, SAP is a global leader in enterprise application software.

Cryptomining is essential for creating new cryptocurrencies and functioning blockchain networks. However, the increased complexity of cryptomining drives the need for specialized, cost-effective infrastructure to mine cryptocurrencies. Enter the cloud: Cloud computing has become critical for cryptomining, making cloud cryptomining popular among miners. This article describes cloud cryptomining, its history, and the types of cloud cryptomining.

RSA is a popular and secure cryptographic algorithm that encrypts and decrypts data. It provides a secure method for transmitting sensitive data over the Internet. While RSA has some vulnerabilities, it is still utilized for various applications, like digital signatures to authenticate the source of a message. This article describes RSA, how it works, and its major applications. It also explains the security vulnerabilities of RSA and how to mitigate them.

“Who you gonna call?” - Ghostbusters Before we get to the main topic of this blog, I would like to provide some historical background on how I got to the topic. Hopefully, this context will be both informative and useful as we try to use call detail records (CDR) for doing good things.

While most people understand that cybercrime is rising, it’s challenging to fathom just how widespread it is. In 2007, researchers found there was a cyberattack every 39 seconds. By 2022, those numbers seemed small and innocent in comparison: The sheer scale of attacks makes it a challenge to understand and find emerging threats or identify trends. Cyberattack maps provide visuals that clarify numbers that can be otherwise difficult to understand and bring to light the dark activities online.

When it comes to cyber threats, few are as feared as Advanced Persistent Threats. An Advanced Persistent Threat (APT) is a sophisticated, highly targeted and often long-term cyberattack orchestrated by well-funded and highly skilled threat actors. In some cases, they’re even backed by governments: North Korea, Russia and China have all been caught orchestrating APT attacks in the past two years. APTs differ from traditional cyber threats, which are more persistent, targeted, and sophisticated.

The digital world is a lot like the Old West: lawless criminals are looking to take advantage of any bug, flaw or vulnerability to exploit. To combat the problems from these flaws, many organizations offer bounties to anyone who can find them before cybercriminals. Because bugs can be challenging to spot, bug bounty programs leverage ethical hackers' expertise to spot corporate software's flaws. Some of the largest corporations in the world, including Google, Microsoft, and the U.S.

Typosquatting goes by many names: URL hijacking, domain mimicry and domain typo-squatting, to name a few. However, they all mean the same thing: malicious attackers register domain names similar to popular websites but with common typos and variations. Typosquatting aims to trick users who mistype the legitimate URL into visiting and using the fraudulent site. It is a widespread practice.

Authentication and authorization are two processes that play a significant role in any web application. These concepts ensure that only trusted individuals are granted access to the resources of the application. Plus, with all the web applications and services we use regularly, it is increasingly difficult to manage credentials for multiple user accounts. SAML technology provides a means for securely logging into multiple applications using a single set of credentials.