InfoSecurity reports:
Last fall, it came to light that Chinese hackers had roamed around unnoticed for months inside the network of USIS, the biggest commercial provider of background investigations to the federal US government. In fact, two of the company’s biggest customers are the Department of Homeland Security (DHS) and the Office of Personnel Management (OPM).
Onapsis Research Labs analysis finds that the breach most likely utilized an SAP attack vector that Onapsis has been tracking in the wild and warning enterprises about. It marks the first time an SAP attack against a national security service provider has been publicly uncovered.
Read more on InfoSecurity.