• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 24th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Technology News

Researchers bought MacBook for $1 using critical vulnerabilities

August 28th, 2017 Waqas Security, Technology News 0 comments
Researchers bought MacBook for $1 using critical vulnerabilities
Share on FacebookShare on Twitter

Why buy expensive MacBook Pro when you can get it for $1? But then you will be the bad guy.

The IT security researchers at ERPScan discovered a bunch of critical vulnerabilities in SAP Point-of-Sales systems (SAP POS), a client/server point-of-sale (POS) solution allowing them to buy an expensive MacBook for just $1.

According to researchers, the vulnerabilities exist in the SAP POS Xpress Server that can be exploited to modify the price while purchasing a specific product. An attacker can also use the vulnerabilities to steal banking data including credit card details used for purchasing.

The attack is only successful if an attacker is connected from the same network that is used by the payment system. The security firm says in order to conduct the attack, a hacker needs to physically connect Raspberry Pi or similar tools (which won’t cost more than $25) to electronic scales inside a shop or carry a remote attack if the network is exposed to the Internet.

In a blog post, ERPScan researchers wrote that “Once you are in, you have unlimited control over the backend and frontend of the POS system, as the tool can upload a malicious configuration file on the SAP POS Xpress Server without any authentication procedure. New parameters are limited by hackers’ imagination: they can set special price or discount, the time the discount is valid, the conditions under which it works – for example when purchasing a specific product.”

The vulnerabilities were discovered in April this year and reported to the respective manufacture the same month.

Watch the demo video uploaded by ERPScan researchers

  • Tags
  • Apple
  • Cyber Attack
  • Flaw
  • hacking
  • internet
  • Macbook
  • security
  • Technology
  • Vulnerability
Facebook Twitter LinkedIn Pinterest
Previous article DailyStormer' new site booted off after hosting provider gets DDoSed
Next article "Wanna see the Game of Thrones in advance" email delivers malware
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
SonicWall hacked after 0-day flaws exploited by hackers

SonicWall hacked after 0-day flaws exploited by hackers

Gamarue malware found in UK Govt-funded laptops for homeschoolers

Gamarue malware found in UK Govt-funded laptops for homeschoolers

Shazam Vulnerability exposed location of Android, iOS users

Shazam Vulnerability exposed location of Android, iOS users

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
SonicWall hacked after 0-day flaws exploited by hackers
Hacking News

SonicWall hacked after 0-day flaws exploited by hackers

63
Massive privacy risk as hacker sold 2 million MyFreeCams user records
Cyber Crime

Massive privacy risk as hacker sold 2 million MyFreeCams user records

118
Gamarue malware found in UK Govt-funded laptops for homeschoolers
Security

Gamarue malware found in UK Govt-funded laptops for homeschoolers

578

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us