The Black Hat security conference will kick off next week in Barcelona, with training sessions and briefings from some of the most talented security researchers in the industry.
Facebook's chief security officer, Max Kelly, is scheduled for a keynote presentation on Wednesday morning following two days of training sessions. The last two days of the conference will focus on briefings featuring research into a variety of threats on the Internet and application vulnerabilities.
One of those presentations will focus on a way to insert a backdoor into SAP's ERP (enterprise resource planning) applications. SAP's business software is often the core of a company's operations and is used to manage invoicing, human resources, procurement and billing, among many other functions.
SAP's software uses databases from companies such as Oracle, said Mariano Nu
Many companies do not configure the Oracle database correctly, which makes the SAP system vulnerable to attack.
"What we have found is, it is possible instead of modifying the program you can connect to the database and modify the code directly in the database," Nu
The problem with SAP and the Oracle database has been known for a few years, although Nu
It would allow an attacker, for example, to forward all information related to a new customer account. It could also let a hacker modify shipping orders or collect the log-in details when employees log on to the SAP system, he said.
"It's amazing to see how many experienced SAP customers don't know about this vulnerability," Nu
To remedy this, Nu
It creates a hash value, or a unique numerical identifier based on the source code for applications. If the tool scans an application later and it has a different hash value, it may have been tampered with, indicating a backdoor, Nu
Nu
In the big picture track, Stephan Chenette, principal security researcher for Websense Security Labs, will give a presentation on a project called Fireshark. The project aims to streamline collecting information on the tens of thousands of Web sites that may contain malicious code and are designed to attack unsuspecting visitors.
Fireshark "is capable of visiting large collections of Web sites at a time, executing, storing and analyzing the content and from it identifying hundreds of malicious ecosystems," Chenette wrote on Black Hat's Web site.