- Perimeter Security Is at the Forefront of Industry 4.0 Revolution
- Black Friday sales just slashed the Apple Watch SE (2nd Gen) to its lowest price ever
- Get an Apple Watch Series 10 for $70 off for the first time ahead of Black Friday
- The 15 best Black Friday Target deals 2024
- This fantastic 2-in-1 laptop I tested is highly recommended for office workers (and it's on sale)
SAP security holes raise questions about the rush to AI
“As AI infrastructure is fast becoming a staple of many business environments, the implications of these attacks are becoming more and more significant. The AI training process requires access to vast amounts of sensitive customer data, which turns AI training services into attractive targets for attackers. SAP AI Core offers integrations with S/4HANA and other cloud services, to access customers’ internal data via cloud access keys. These credentials are highly sensitive.”
Alarming holes
Given how widely deployed SAP systems are within enterprises, and how integrated SAP is with so many other enterprise-level applications and cloud environments, Wiz said the holes were especially alarming.
“By executing arbitrary code, we were able move laterally and take over the service – gaining access to customers’ private files, along with credentials to customers’ cloud environments: AWS, Azure, SAP S/4HANA Cloud, and more,” the report said. “The vulnerabilities we found could have allowed attackers to access customers’ data and contaminate internal artifacts – spreading to related services and other customers’ environments.”