User
Write something
Question?
Can protection protocols get infected? Or is quite literally anything possible?
Ik zoek een Nederlander.
Ik ben van plan om met mijn ontwikkelteam de Nederlandse markt te betreden. We staan ​​echter voor een aantal uitdagingen, te beginnen met de taalbarrière. Ik ben momenteel op zoek naar iemand die in Nederland woont en mij wil ondersteunen. Programmeervaardigheden zijn een pluspunt, maar niet vereist. Beheersing van meerdere talen is bijzonder wenselijk. Dit is geen kortlopend project; ik zoek iemand die een langetermijnvisie deelt. Het gaat hier niet om gratis werk. We kunnen de details via DM bespreken. Ik stel een snelle reactie op prijs.
Looking for a partner based in Netherlands.
Currently I am working as senior software engineer and founder, I am looking for a partner based in Netherlands. For expanding my development business and cooperation with partner, I have clear idea. Programming skills are preferred but not mandatory. Let's talk in dm in more details.
0
0
🔥 Thursday Push — One Day to Make the Week Count
G'day legends! Thursday morning — and this is where it gets real. 🔐 Friday is tomorrow. Whatever you said you'd get done this week, today is your last real shot at it. No pressure — but also, a little pressure. That's the point. 😄 I'll go first: Today I'm finalising the CVE-2026-0498 defender's playbook for the Classroom — covering patch validation steps, privilege audit procedures, and what an IR plan looks like when a CVSS 9.1 hits your ERP environment. Aiming to have it published before end of day. Also reviewing the 2 membership requests that came in overnight — great to see the community growing. Welcome to anyone who just joined! 👋 Your Thursday challenge — answer ONE of these below: 🔥 What's the ONE thing you're committing to getting done today? 📚 What's one concept or tool you've learned this week that actually clicked? 🚨 Got a question you've been putting off asking? Today's the day — drop it below and let's get it answered before the week ends. Thursday is the unsung hero of the week. Most people coast. Don't be most people. Let's finish strong. 💪 — @Aussie Mr Cyber
🛡️ IR Playbook — Responding to a CVSS 9.1 RCE in an Enterprise ERP (CVE-2026-0498 SAP S/4HANA)
As mentioned in this week's check-ins, I've been building out a real defender's response playbook for CVE-2026-0498. Here it is in full. Save this one — this is the kind of scenario you will face in a real SOC or IR role. ―――――――――――――――――――― 📋 VULNERABILITY BRIEF ―――――――――――――――――――― CVE: CVE-2026-0498 SAP Security Note: #3694242 Product: SAP S/4HANA (Private Cloud and On-Premise) Affected Versions: S4CORE 102 through 109 CVSS Score: 9.1 (Critical) CWE: CWE-94 — Improper Control of Generation of Code Published: 13 January 2026 (SAP Patch Day) What it does: A vulnerable Remote Function Call (RFC)-exposed function module in SAP S/4HANA allows an attacker with administrative privileges to inject arbitrary ABAP code or OS commands directly into the system — bypassing authorization checks entirely. This effectively creates a persistent backdoor with the ability to fully compromise the host system, impacting confidentiality, integrity, and availability. Onapsis researchers confirmed the function module allows modification of existing program source code without authentication enforcement. In plain English: An admin-level attacker can rewrite SAP application code and execute OS commands on the underlying server. Full system compromise. No guardrails. ――――――――――――――――――――――――――― ⚠️ WHY THIS IS HARDER THAN A TYPICAL RCE ――――――――――――――――――――――――――― Most RCE vulns sit at the perimeter. This one lives inside your ERP — the system that runs payroll, procurement, financials, and supply chain. It requires admin-level access, which means: - The attacker already has a foothold AND elevated privileges - Lateral movement has already occurred before this vuln is exploited - The blast radius is your entire business operation, not just an endpoint - ERP systems are often poorly monitored compared to traditional IT infrastructure - ABAP code changes are hard to detect without specific tooling or change management controls This is not a "patch and move on" scenario. This is a "assume breach, investigate thoroughly" scenario.
1
0
1-30 of 50
Cybersecurity BootCamp
skool.com/cybersecurity-bootcamp-2235
Aussie cyber pro with hands-on home lab builder sharing SOC ops, pentesting labs, playbooks & cert prep. Level up your blue-team game Down Under!
Leaderboard (30-day)
Powered by