At least a dozen companies and government agencies have been targeted and thousands more organizations are exposed to data breaches by hackers exploiting old security flaws in management software, two cyber security firms told Reuters.
The U.S. Department of Homeland Security is preparing on Wednesday to issue an alert based on the report about the risks posed to thousands of unpatched business systems from software makers Oracle and SAP, which can enable hackers to steal corporate secrets, the researchers said.
Homeland Security declined to comment and Reuters could not immediately confirm the warning from independent sources.
Systems at two government agencies and at firms in the media, energy and finance sectors have been hit after failing to install patches or take other security measures advised by Oracle or SAP, experts at security firms Onapsis and Digital Shadows said.
The security alert from the Homeland Security’s Computer Emergency Response Team (US-CERT) includes steps that organizations can take to identify vulnerable systems and close long-standing security gaps, the companies told Reuters.
The threat is alarming because businesses store highly…
