SAP, Credit Cards, and the Bird That Knows Too Much
Offered By: Black Hat via YouTube
Course Description
Overview
Explore SAP vulnerabilities, credit card security, and business process attacks in this Black Hat conference talk. Dive into core attack vectors, learn how to determine and manipulate victim bank accounts, and understand credit card processing in SAP systems. Discover methods for accessing cleartext cardholder information and decrypting encrypted credit card numbers. Examine external vendor payment solutions and their connectivity. Gain insights into implementing holistic security processes and automation to protect SAP environments. Equip yourself with knowledge on SAP security best practices and potential threats in this comprehensive 44-minute presentation.
Syllabus
Intro
Attacking the Core
Attack Vectors
How can it be attacked?
What is a Business Process?
Example: Attacking the Business Processes
Determining Victim Bank Accounts
Changing the Bank Accounts
End of Chapter!
Credit Card Processing on SAP
Credit Card Data
Accessing Cleartext Cardholder information
Free Tool? - Sapsucker
Decrypting Encrypted Credit Card Numbers
External Vendors for Payment Solutions
Standard Concept
External Payment Card Interface Connectivity
Address The Complete Picture
Implement a Holistic Process to Stay Secure
Automate it
The Menu of SAP Security
Taught by
Black Hat
Related Courses
Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security ChipBlack Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube