Cybernews by abat

Cybersecurity is a critical success factor for businesses of all sizes today. Here you’ll find the latest news, insights, and background information on IT security, cyber threats, and digital resilience. Our goal is to provide clear context for complex developments and highlight relevant trends early on. 

AI is changing the cybersecurity landscape – the BSI sees a fundamental shift.

In a new IT security bulletin, the BSI warns: Artificial intelligence is significantly accelerating the discovery and exploitation of vulnerabilities. Current systems are increasingly able to find and analyze security vulnerabilities largely on their own and turn them into effective attacks – no longer limited to simply crafting convincing phishing emails.
 
The problem is structural: AI reduces the effort, time, and barriers to entry for attacks. Attackers benefit from speed and automation, while defenses remain constrained by real-world operational limits.
 
This is exactly what we’re seeing at abat: In our cybersecurity division, we use the Frontier models of current LLMs to evaluate the impact on IT security and, above all, the threat landscape for SAP environments. This includes, on the offensive side, assisted penetration testing and the development of penetration testing tools and exploits, as well as, on the defensive side, the secure architecture of AI infrastructures and secure development with the help of AI.
 
The BSI’s recommendation against such current threats: reduce the attack surface, accelerate patching processes, and strengthen response capabilities.
 
But how can you reduce and harden the attack surface while simultaneously strengthening response capabilities? Especially when it comes to SAP environments, it’s helpful to look at things from the attacker’s perspective. How far could a potential attacker get with phished credentials? What business risks does this pose, and how seriously do they threaten the company? Such questions can be answered with a penetration test, which not only provides transparency into vulnerabilities that can actually be exploited but also offers prioritized recommendations for action with a clear business impact. At abat, we specialize in these tests – feel free to contact us for more information.
 
Source:
https://www.heise.de/news/BSI-warnt-vor-Auswirkungen-von-KI-auf-Cybersicherheit-11342418.html

Infostealer Malware: 124 Million Passwords Compromised

On June 15, 2026, the data breach check service HaveIBeenPwned (HIBP) added approximately 56.3 million email addresses and 124 million passwords to its database. The data comes from so-called “stealer logs” – log files generated directly on victims’ devices by infostealer malware. The dataset is based on hundreds of millions of individual log entries; HIBP does not provide any information about their specific origin.

For companies with unhardened SAP environments, this creates several attack vectors: For example, via the proprietary SAP GUI client, operating system commands can be executed on the computers of all logged-in users on a compromised SAP system, using their respective local privileges. An attacker could exploit this vulnerability to install infostealers on end devices and thus attack virtually all of a company’s SAP workstations simultaneously. Compromised credentials and an insecure SAP system are therefore mutually reinforcing.

To proactively prevent attacks using these compromised credentials, companies should identify affected accounts via HIBP, implement security measures as necessary, and consistently roll out multi-factor authentication across all accounts. It is also recommended to actively scan the SAP system landscape for vulnerabilities. An SAP penetration test can determine whether an attacker could gain access to critical systems via these attack vectors.

AI is changing the cybersecurity landscape – the BSI sees a fundamental shift.

In a new IT security bulletin, the BSI warns: Artificial intelligence is significantly accelerating the discovery and exploitation of vulnerabilities. Current systems are increasingly able to find and analyze security vulnerabilities largely on their own and turn them into effective attacks – no longer limited to simply crafting convincing phishing emails.
 
The problem is structural: AI reduces the effort, time, and barriers to entry for attacks. Attackers benefit from speed and automation, while defenses remain constrained by real-world operational limits.
 
This is exactly what we’re seeing at abat: In our cybersecurity division, we use the Frontier models of current LLMs to evaluate the impact on IT security and, above all, the threat landscape for SAP environments. This includes, on the offensive side, assisted penetration testing and the development of penetration testing tools and exploits, as well as, on the defensive side, the secure architecture of AI infrastructures and secure development with the help of AI.
 
The BSI’s recommendation against such current threats: reduce the attack surface, accelerate patching processes, and strengthen response capabilities.
 
But how can you reduce and harden the attack surface while simultaneously strengthening response capabilities? Especially when it comes to SAP environments, it’s helpful to look at things from the attacker’s perspective. How far could a potential attacker get with phished credentials? What business risks does this pose, and how seriously do they threaten the company? Such questions can be answered with a penetration test, which not only provides transparency into vulnerabilities that can actually be exploited but also offers prioritized recommendations for action with a clear business impact. At abat, we specialize in these tests – feel free to contact us for more information.
 
Source:
https://www.heise.de/news/BSI-warnt-vor-Auswirkungen-von-KI-auf-Cybersicherheit-11342418.html

Infostealer Malware: 124 Million Passwords Compromised

On June 15, 2026, the data breach check service HaveIBeenPwned (HIBP) added approximately 56.3 million email addresses and 124 million passwords to its database. The data comes from so-called “stealer logs” – log files generated directly on victims’ devices by infostealer malware. The dataset is based on hundreds of millions of individual log entries; HIBP does not provide any information about their specific origin.

For companies with unhardened SAP environments, this creates several attack vectors: For example, via the proprietary SAP GUI client, operating system commands can be executed on the computers of all logged-in users on a compromised SAP system, using their respective local privileges. An attacker could exploit this vulnerability to install infostealers on end devices and thus attack virtually all of a company’s SAP workstations simultaneously. Compromised credentials and an insecure SAP system are therefore mutually reinforcing.

To proactively prevent attacks using these compromised credentials, companies should identify affected accounts via HIBP, implement security measures as necessary, and consistently roll out multi-factor authentication across all accounts. It is also recommended to actively scan the SAP system landscape for vulnerabilities. An SAP penetration test can determine whether an attacker could gain access to critical systems via these attack vectors.

Contact our expert for cybersecurity