{"id":3162,"date":"2025-04-28T17:45:45","date_gmt":"2025-04-28T16:45:45","guid":{"rendered":"https:\/\/aegislens.com\/home\/?p=3162"},"modified":"2025-04-28T17:45:45","modified_gmt":"2025-04-28T16:45:45","slug":"weekly-update-essential-sap-vulnerability-ai-driven-phishing-significant-security-breaches-fresh-cves-more-insights","status":"publish","type":"post","link":"https:\/\/aegislens.com\/home\/weekly-update-essential-sap-vulnerability-ai-driven-phishing-significant-security-breaches-fresh-cves-more-insights\/","title":{"rendered":"Weekly Update: Essential SAP Vulnerability, AI-Driven Phishing, Significant Security Breaches, Fresh CVEs &#038; More Insights"},"content":{"rendered":"<p>measures.<\/p>\n<h1>New Vulnerabilities: SAP, Oracle, and More<\/h1>\n<p>This week saw the exposure of several significant vulnerabilities.<\/p>\n<p>Topping the list is a crucial SAP exploit (CVE-2021-3758) in its Universal Worklist component.<\/p>\n<p>This exploit allows an attacker to take complete control of an SAP application through job submission, bypassing all authorization checks.<\/p>\n<p>SAP has released a patch to address this issue.<\/p>\n<p>Users are advised to apply the patch urgently to avoid potential breaches.<\/p>\n<p>Oracle also reported new vulnerabilities.<\/p>\n<p>Another 342 issues were identified in its Critical Patch Update, ranging from low to high.<\/p>\n<p>It&#8217;s a stark reminder of the importance of keeping your systems frequently updated.<\/p>\n<h1>AI-Powered Phishing Attacks On The Rise<\/h1>\n<p>Cybersecurity firms ESET and Fortinet highlight the growing trend of AI-powered phishing attacks.<\/p>\n<p>The deep learning algorithms can mimic writing style and tone, creating personalized phishing emails that are incredibly difficult to distinguish from legitimate emails.<\/p>\n<p>A report from ESET identified a new phishing toolkit named &#8216;DeepPhish.&#8217; It uses AI to create phishing versions of popular websites, employing techniques to avoid detection and increase the probability of scams.<\/p>\n<p>This approach requires users to be more vigilant and invest further in phishing defenses.<\/p>\n<h1>Major Breaches and New CVEs<\/h1>\n<p>Major breaches continue to be a regular occurrence.<\/p>\n<p>Two major e-commerce platforms were hit with breaches last week impacting thousands of clients.<\/p>\n<p>Detailed information on these breaches, including possible mitigation strategies, can be found at [REDACTED DUE TO PRIVACY] and [REDACTED DUE TO PRIVACY].<\/p>\n<p>The week also witnessed new Common Vulnerabilities and Exposures (CVE), further emphasizing the need to keep IT systems up-to-date.<\/p>\n<p>The National Vulnerability Database published 291 new entries showing a continued rise in CVEs.<\/p>\n<h1>Takeaways<\/h1>\n<p>In a week filled with major breaches and new threats, it&#8217;s clear cybersecurity is not a &#8216;set and forget&#8217; issue.<\/p>\n<p>IT professionals need to maintain an ongoing, proactive approach to cybersecurity that includes regular patching, system updates, and continuous employee education to detect and respond to increasingly sophisticated attacks.<\/p>\n<h1>Follow-Up Reading<\/h1>\n<p>1. &#8220;The Rise of AI-Powered Phishing&#8221; &#8211; CybersecurityInsights.net<br \/>\n2. &#8220;The Detailed Breakdown of the Latest Big Data Breaches&#8221; &#8211; TechSecurityReports.com<br \/>\n3. &#8220;Understanding the Impact of the Latest SAP Vulnerability&#8221; &#8211; Cyberack.com<\/p>\n","protected":false},"excerpt":{"rendered":"<p>measures. New Vulnerabilities: SAP, Oracle, and More This week saw the exposure of several significant<\/p>\n","protected":false},"author":1,"featured_media":3163,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"pmpro_default_level":"","_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[2,5],"tags":[],"class_list":["post-3162","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","category-news","pmpro-has-access"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/posts\/3162","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/comments?post=3162"}],"version-history":[{"count":1,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/posts\/3162\/revisions"}],"predecessor-version":[{"id":3388,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/posts\/3162\/revisions\/3388"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/media\/3163"}],"wp:attachment":[{"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/media?parent=3162"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/categories?post=3162"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/tags?post=3162"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}