Feed aggregator

• Microsoft’s March updates for Xbox also brought something for Windows 11
• The Game Bar has been given a makeover, including multiple widgets
• There’s also a useful change to improve the Game Bar Widget Store when using a controller

Microsoft has just brought in a raft of changes for the Xbox consoles in its March updates, but there’s something here for PC gamers too – a new look for the Game Bar (and a useful tweak for handhelds, too).

For the uninitiated, the Game Bar is an overlay that can be summoned to provide easy and convenient access to a bunch of game-related options. That includes tricks such as recording gameplay, monitoring your PC’s performance, tweaking audio settings and much more. The bar can be customized with various widgets and it’s a very useful tool for Windows 11 gamers on the whole.

And now, as Neowin spotted, Microsoft has given the Game Bar a graphical makeover, and also tells us that this is the start of “several visual enhancements that will be rolling out this week.”

The overall look of the bar has been refreshed, and there are new designs for some of the widgets that can be hosted in the Game Bar. That includes the Capture widget, Performance widget, Resource widget, and also the Widget Store itself.

Furthermore, when you’re in the Widget Store, Microsoft says it has improved the way you navigate around with the controller, so this will provide a better experience in Compact Mode.

You might recall that the Game Bar’s Compact Mode was an innovation brought in last year, designed to display the contents of the overlay more optimally in a smaller space as the name suggests – making life easier for those running Windows 11 on a gaming handheld.

(Image credit: Microsoft) Analysis: Handheld hopes

In terms of its appearance, the Game Bar has been refined considerably over the past year or so, and this is yet another step towards making this overlay look more modern. These latest touches make the bar look neater and cleaner, at least in my opinion, so I’m pleased with the general design philosophy Microsoft has gone with here.

It’s also good to get that improvement to make it easier to explore the Widget Store with a controller, which is another step forward for those using the Game Bar on a Windows 11 handheld like the Asus ROG Ally X.

The more Microsoft introduces tinkering aimed at such gaming handhelds – and there have been quite a few small steps taken in that direction now – the more hope I have for an eventual ‘handheld mode’ for Windows 11 (which has been rumored to be something the company has been considering for some time now).

You may also like...

• Shock, horror – I’m not going to argue with Microsoft’s latest bit of nagging in Windows 11, as this pop-up is justified
• Microsoft is supercharging Windows 11’s voice commands on Copilot+ PCs with Snapdragon CPUs, and fine-tuning a few Recall features
• Windows 11 fully streamlined in just two clicks? Talon utility promises to rip all the bloatware out of Microsoft’s OS in a hassle-free way

• Upcoming life sim inZOI will no longer feature Denuvo Anti-Tamper DRM
• The news follows growing concern from fans about its implementation
• Critics argue that it can negatively impact performance and harm modding

Developer Inzoi Studio has confirmed that upcoming life simulation game inZOI will not feature the Denuvo Anti-Tamper digital rights management (DRM) system despite initial plans to include it.

The news comes after growing concern from fans that the software would negatively impact performance and hamper modding possibilities.

If you're out of the loop, Denuvo Anti-Tamper is a popular DRM system used by developers to help prevent game piracy and other forms of code manipulation. How it works is kept mostly under wraps, but some players argue that it can negatively impact game performance.

The company behind the software, Irdeto, argues that "there is no in-game performance impact caused by the addition of anti-tamper protection" and describes the concerns as an example of the "large amount of misinformation out there about anti-tamper technology".

Justified or not, the use of Denuvo remains a contentious issue in gaming, particularly in the case of inZOI. Lots of potential players are already worried about the game's performance given its relatively high system requirements.

Many of the most dedicated life sim fans also make extensive use of community made mods or add-ons, something that may have been prevented by the implementation of the DRM.

To DRM or not to DRM?

In a statement posted to Steam, inZOI producer and director Hyungjun 'Kjun' Kim noted the "growing concern around the implementation of the Denuvo Anti-Tamper solution" and stated that they "felt it was important to approach the issue with care."

They go on to say that, as a result of the community backlash, the company has "decided to remove Denuvo from the Early Access build of inZOI."

They also outline some of the reasons behind its planned inclusion: "we initially chose to implement Denuvo as a way to protect the game from illegal distribution. At the time, we believed this would help ensure fairness for players who had properly purchased the game."

"We understand that removing Denuvo increases the risk of the game being cracked and illegally distributed after release," Kjun continued. "At the same time, we believe it opens up a valuable opportunity: it allows inZOI to become more freely configurable—unlocking new ways for players to shape new experiences for other players."

The studio is fully "committed to making inZOI a highly moddable game" with the "first stage" of initial mod support launching in May. This, however, "is only the beginning" and will be expanded over time.

In removing Denuvo, the company hopes to, "foster an even more open environment for modders to create and share unique experiences for other players."

Kjun concludes the post by apologizing to the community and reaffirming a commitment to "putting players first" and "prioritize your feedback."

No matter which side of the Denuvo debate you fall on, it's easy to appreciate this level of transparency and goes to show just how closely the team is listening to players.

inZOI is launching for PC on March 28. A PlayStation 5, Xbox Series X, and Xbox Series S release is set to follow at a later date.

You might also like...

• The best Sims 4 Expansion Pack in 2024
• Forget the Nintendo Switch 2, the original Switch is getting one last hurrah in a surprise Nintendo Direct tomorrow
• Yes, Cristiano Ronaldo is a playable character in Fatal Fury: City of the Wolves, and it makes more sense than you think

• What appear to be leaked images show the three colors you might be able to get a Galaxy S25 Edge in
• The images look like official marketing materials
• Accompanying details also reveal the possible screen and camera specs

Just yesterday we saw wallpapers showing the three colors we’re expecting the Samsung Galaxy S25 Edge to launch in, and now we can do one better, as some seemingly leaked images show these three shades on the phone itself.

WinFuture has shared what it claims are official images of the Samsung Galaxy S25 Edge, and while we’d take them with a pinch of salt, they certainly look convincing.

You can see the Samsung Galaxy S25 Edge in Titanium Black, Titanium Silver, and Titanium Icy Blue shades, though colors aside there’s not much to see here, as Samsung has already shown off the phone from both the front and back.

Image 1 of 3

(Image credit: WinFuture / Roland Quandt)Image 2 of 3

(Image credit: WinFuture / Roland Quandt)Image 3 of 3

(Image credit: WinFuture / Roland Quandt) Screen and camera details

Still, these images are also accompanied by some specs, with the source claiming the Samsung Galaxy S25 Edge will have the same 6.7-inch AMOLED display as the Samsung Galaxy S25 Plus.

Confusingly they go on to say that it has a 1080 x 2400 resolution, but that actually wouldn’t be the same as the S25 Plus, as this phone has a 1440 x 3120 resolution. Given that we recently heard the Samsung Galaxy S25 Edge might have a 2K resolution though, we’d guess that it will be 1440 x 3120, and that the mention of 1080 x 2400 was a mistake.

In any case, this latest leak also points to a 200MP main camera and a 12MP ultra-wide one, and suggests that unsurprisingly the Galaxy S25 Edge will have a Snapdragon 8 Elite for Galaxy chipset, just like the rest of the Samsung Galaxy S25 series.

We should find out how accurate this all is soon, as the Samsung Galaxy S25 Edge is tipped to launch before long, with the latest S25 Edge release date leak pointing to April 16.

You might also like

• Best Samsung phones: top Galaxy handsets ranked
• Samsung Galaxy S25 Ultra review: the ultimate Android
• Samsung Galaxy Z Flip 7: latest news, rumors, and everything we’ve heard so far

• Marvel has indicated it hasn't announced the full cast for Avengers: Doomsday
• 27 heroes and villains are already confirmed for the film
• The comic giant and Robert Downey Jr suggest more reveals could be on the way

Hold onto your hats, Marvel fans, because more – yes, even more! – Avengers: Doomsday cast reveals could be inbound.

Yesterday (March 26), Marvel revealed the 27-strong cast for Avengers: Doomsday by way of an extremely drawn-out livestream. That event, which has been humorously dubbed 'Aven-Chairs Assemble' by some sections of the Marvel fanbase, appeared to confirm the movie's full roster.

There are, though, many fan-favorite heroes who weren't announced as part of Avengers 5's cast. Where's Spider-Man? Why are other OG Avengers like Hulk and Hawkeye not in the mix? What's with the lack of mystic art wielders, such as Doctor Strange and Wong? And how come there are only five (!) female characters in Doomsday's currently 27-strong line-up?

Well. pic.twitter.com/4vBlaFPikZMarch 26, 2025

It seems like some or all of those characters, plus many others I haven't mentioned, could still appear in the fifth Avengers film.

In the replies of an Instagram post (see ComicBook.com's screengrab in the above X/Twitter post), which confirmed Doomsday was officially in production alongside its confirmed cast – so far, anyway – Marvel and Robert Downey Jr playfully suggested that there'll be further cast additions at some point.

There's still hope for many, then, that their favorite superhuman will show up in this Marvel Phase 6 project. None of us know when Marvel might reveal more, but let's just hope they don't make us sit through another five and a half hour livestream to find out.

Everything we know about Avengers: Doomsday so far

A post shared by Marvel Studios (@marvelstudios)

A photo posted by on

Doomsday and its sequel flick Avengers: Secret Wars are still shrouded in mystery. Rightfully so, too, because none of us want anything significant spoiled ahead of their eventual releases.

There are some details that we've been aware of for some time, though – starting with the pair's launch dates. Currently, Doomsday is set to land in theaters on May 1, 2026, while Secret Wars is expected to arrive in cinemas on May 7, 2027.

Until yesterday, the Multiverse Saga's double-bill capper's only confirmed cast member was Downey Jr. Instead of playing Tony Stark/Iron Man, however, he'll portray Doctor Victor von Doom, aka one of Marvel's most iconic villains and adversary-in-chief of The Fantastic Four. Doom will be the Multiverse Saga's new Big Bad after Marvel pivoted away from using Jonathan Majors' Kang the Conqueror in late 2023.

Marvel Unlimited monthly subscription: was $9.99 per month now $4.99 at Marvel
The ultimate digital comics subscription for Marvel fans is offering new and returning customers 50% off their first month, which is much cheaper than a streaming subscription to watch all the best superhero movies. To gain access to a library of more than 30,000 comics, use the code 'SPIDEY50' at checkout. You're able to use the Marvel Unlimited app on all iOS and Android devices, including the web, too. But, be quick – the deal expires on May 5!View Deal

Elsewhere, Joe and Anthony Russo, who've helmed four other Marvel Cinematic Universe (MCU) films, return to direct Avengers 5 and 6. They took command of the previous two Avengers movies, too, which are the second and third-highest-grossing films of all time. Clearly, they're considered a safe pair of hands (or should that be two safe pairs of hands?) for Doomsday and Secret Wars.

As for what the siblings have said about the two films, the Russos exclusively told me that they'll draw inspiration from both 'Secret Wars' comic book series for this cinematic pairing. They aren't averse to including heroes from Marvel TV shows on Disney+ in the two Avengers flicks, either, even though the vast majority of Doomsday's roster comprises heroes and villains we've previously seen in big-screen projects.

Lastly, the Russo brothers say Doomsday and Secret Wars will mark a new beginning for the MCU, and after apparent concept art for Avengers 5 and 6 leaked online in early March, the pair denied that this artwork spoiled anything about either film's plot.

I'll be covering Doomsday and Secret Wars in-depth in the long lead-up to their releases, so stick with TechRadar for more when I have it. In the meantime, read on for more Marvel coverage or take to the comments to tell me which MCU character you want to see in either or both films.

You might also like

• 'It sets you up for what comes next': Captain America: Brave New World director offers cryptic reply to Marvel fan theories that it paves the way for Avengers: Doomsday
• Here's how to watch the Marvel movies in order
• Daredevil: Born Again episode 5 reveals what Kamala Khan has been up to since The Marvels, and now I'm more excited for the next superhero team to appear in the MCU

• Legendary footballer Cristiano Ronaldo will be a playable character in Fatal Fury: City of the Wolves
• A second open beta test is live now, running until the end of March
• The game will release in full on April 24, 2025

In what is quite possibly the biggest bit of fighting game news this year, Portuguese footballer Cristiano Ronaldo has been confirmed as a playable character in Fatal Fury: City of the Wolves.

No, don't click away. I promise I'm not just reporting on a particularly convincing fever dream. Ronaldo was initially teased to make an appearance in the upcoming SNK fighting game last year, but in what capacity we didn't know at that time.

Now, the sporting icon has been outright confirmed as a playable guest character for Fatal Fury: City of the Wolves. Developer SNK has also released a couple of trailers giving us a sneak peek at Ronaldo's appearance and moveset.

As you might expect, the former Real Madrid superstar primarily incorporates a football into his playstyle, along with a good number of powerful kicks. At first glance, it looks like players will be able to keep opponents guessing with the placement of the ball, potentially making him something of a rushdown / zoner hybrid character.

I'll admit it; it seems like an utterly bonkers idea for a crossover. But if you look at the history of fighting game guest characters as well as SNK itself, it starts to make a ton of sense.

For one, guest character inclusions have been an incredibly effective marketing tool for fighting games for decades now. Whether it's Clive Rosfield (Final Fantasy 16) in Tekken 8 or Snake (Metal Gear Solid) in Super Smash Bros. Brawl, guest characters get people talking and have the power to expand a game's audience.

Heck, the Soul Calibur series made this a core part of its identity, featuring characters like Link, Spawn, Darth Vader, Ezio Auditore, Geralt of Rivia, and 2B in various games.

(Image credit: SNK)

'But Ronaldo isn't a fictional character,' you might say. And that's fair. On that front, it's worth noting that both football and SNK-developed fighting games are especially popular in Spanish and Portuguese-speaking countries including Brazil, Argentina, and Chile.

To players in those countries, Ronaldo's inclusion is likely a very exciting prospect. And, y'know, he might also just be a globally celebrated sports icon who has played for clubs all over the world including Real Madrid, Manchester United, and Juventus.

In any case, you can get a taste of Fatal Fury: City of the Wolves right now ahead of its April 24 release. A second open beta for the game has just gone live across all platforms. It runs from today, March 27, all the way until March 31.

Sadly, Ronaldo isn't playable here, but it does look to address issues from the first open beta by adding Tizoc as a playable character as well as a training mode.

You might also like...

• F1 25 has been officially announced, with this year's entry marking a return for Braking Point and a 'significant overhaul' for My Team mode
• Nintendo Music expands its library with songs from Kirby and the Forgotten Land and Tetris
• Forget the Nintendo Switch 2, the original Switch is getting one last hurrah in a surprise Nintendo Direct tomorrow

• Gallagher survey finds high adoption of AI in workplaces
• However many firms still have major concerns about the technology
• Hallucinations and legal liability top the list of worries

Businesses are adopting AI tools at a faster rate than ever before, but many still have some significant concerns about its effects, new research has claimed.

The 2025 Attitudes to AI Adoption & Risk Survey from Gallagher found almost half (45%) of businesses were using AI in day-to-day operations by the end of 2024, an increase of a third (32%) over the previous 12 months.

It added 85% of businesses have introduced strategies related to job protection as part of their AI adoption framework, as seven of the top 10 challenges associated with AI adoption relate to how to change business strategy to effective embrace AI.

AI concerns

Gallagher's research found larger firms were particularly keen at getting AI up to speed, with 82% reporting success in adopting AI, with improved efficiency and productivity named as particular benefits.

The top use-cases for AI named by survey respondents included writing emails/agendas(32%), handling customer queries (31%), and understanding market dynamics (28%).

However the survey also highlighted some widespread concerns about the use of AI, particularly as Gallagher predicts a possible increase in legal liabilities for firms where the use of AI is not properly governed over the next few years.

AI errors or hallucinations, where a model generates inaccurate results, was the most common threat, reported by more than a third (34%) of business owners, with data protection and privacy violations (33%) and legal liabilities (31%) related to AI misuse also mentioned.

Gallagher has warned companies utilizing AI to be aware of the possible risks using AI systems could expose them to, and take the necessary precautions where needed

“AI systems excel at processing vast amounts of data and identifying patterns that may not be readily apparent to humans," noted Ben Waterton, Executive Director of Professional Indemnity at Gallagher.

"However, they cannot replace human expertise and judgment that qualified individuals bring to their work. Relying solely on AI without critical examination and human oversight can lead to serious consequences and compromising advice. The quality assurance procedures and oversight of employees must evolve to ensure that this emerging risk is recognised and addressed to prevent professional indemnity losses.”

You might also like

• Even entrepreneurs want to get using AI - here's what they need to know
• We’ve listed the best AI writers around today
• Businesses are facing an "AI Divide" - which could be the difference between success and failure

Following another year of widespread attacks across every industry, organizations cannot afford to ignore the threat posed by ransomware gangs. Ransomware gangs are constantly innovating, and traditional defense strategies are being outpaced by new threats such as fileless malware and AI-driven attacks.

If we want to protect our businesses, safeguard the economy and keep the lights on in our hospitals and critical national infrastructure, the cybersecurity industry needs to radically rethink its approach.

What can we expect from ransomware gangs in 2025?

Ransomware gangs have a way of coming back in one form or another. Given their track record as the world’s most prolific ransomware gangs, it would be wise to assume that LockBit, REvil, and Conti will all make an unwelcome comeback before long. Despite being taken down by the National Crime Agency (NCA) in February last year, unknown individuals claiming to represent the LockBit gang recently hinted at an impending release of a new locker malware, LockBit 4.0. It’s only a matter of time.

Elsewhere, RansomHub, Play and DragonForce are among several new ransomware groups quickly gaining notoriety within the cybersecurity industry. These new gangs share a common characteristic of attacking critical infrastructure. In the US, last year’s American Water shutdown was a catastrophic example of the growing threat ransomware gangs pose to critical infrastructure. In the UK, the impact has become so severe that the government has been pushed to ban local councils, schools and the NHS from making ransomware payments.

Ransomware gangs – old and new – chiefly rely on double extortion tactics, exploiting supply chain weaknesses and DDoS attacks. Organizations that continue to rely on reactive defenses or behavior-based detection are vulnerable to these tactics. Software defenses by themselves are too easily evaded. To truly combat the multi-faceted approach of ransomware gangs, organizations must integrate multi-layered approaches, combining advanced software solutions with proactive hardware defenses, robust backup strategies and rigorous employee training.

The limitations of software

The tools and tactics used by cybercriminals are advancing at such a pace that even today’s most advanced software-based cybersecurity will eventually become obsolete. Reliance on security software by itself depends on continual updates and vigilance. It also places the burden of cybersecurity on users, who must always be on alert to detect and respond to threats such as phishing attacks. This is worrying given that human error persists as the leading cause of security lapses.

What’s more, AI has greatly improved the social engineering capabilities of ransomware gangs. Previously, phishing emails could be detected by tells such as poor spelling or unnatural phrasing. Now, advanced AI chatbots can write more fluently than most humans and deepfake technology can produce convincing audio and visual communications. We need to remove humans from the equation which just isn’t possible when relying on software alone.

A further issue for businesses relying on software security is that it is interconnected with their wider digital ecosystem, which makes it inherently vulnerable to attackers. The trouble with software security is not that it doesn’t work, but that it only works up to a point. Since many businesses assume that software is the only game in town for cybersecurity, ransomware gangs will continue to thrive by exploiting its limitations. It’s time for businesses to change this narrative and embrace multi-layer security solutions.

Rethinking ‘zero trust’ from hardware up

Hardware-based solutions should be a non-negotiable for modern cybersecurity. By integrating a hardware layer alongside software, businesses ensure that their security remains intact, even if their software layer fails. Hardware security can also incorporate proactive security driven by AI. This means that businesses have an additional round-the-clock security team that can pre-empt attacks before they have a chance to cause harm. Moving from reactive to proactive defenses will be a critical step towards stopping ransomware gangs in their tracks.

When it comes to zero trust security – the cybersecurity approach that assumes no one inside or outside a network should be trusted by default – the concept is extremely valuable, but it often falls short in practice. Humans must put together the underlying IT infrastructure and make judgements where an exception may be needed.

This brings us back to the innate risk of relying on human beings. The way to build true zero trust is to incorporate new tools that are embedded within endpoint hardware. Features like hardware-verified boot, firmware integrity checks and automatic recovery ensure that security is built directly into the hardware itself.

To further mitigate human error, AI-driven policy engines can be used to enhance hardware-based security. AI analyses data from trusted hardware components to enforce zero trust. By combining AI with hardware security, businesses can automate policies, detect threats in real time and minimize software vulnerabilities.

There’s no time to wait

Ransomware gangs show no signs of slowing down. The unfortunate corollary of AI development is that bad actors are exploiting this advancing technology to increase the scope and power of their attacks. Traditional cybersecurity methods are not equipped to combat the rising tide of AI-powered attacks, and security teams must adopt a multi-layer approach to break the grip of ransomware gangs.

We feature the best endpoint protection software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Shield your money from economic turmoil with these top accounts.

Nearly every team offers an in-market streaming service this season, making it easier for fans to watch their favorite team. Here's what you need to know.

At under $700, this phone has a premium feel, but you're occasionally reminded of its-less-than-premium price.

The news of the leak of life-and-death operational details to a reporter lands differently with veterans and active-duty troops, who can be prosecuted for much less significant "spillage" incidents.

(Image credit: Kayla Bartkowski)

Major League Baseball's 2025 season gets fully underway Thursday. The scary news for the league: the defending champion Los Angeles Dodgers, favorites to repeat, may be even better this season.

(Image credit: John McCoy)

What's the right age to take kids to a loud sporting event? A Johns Hopkins noise expert on protecting babies' ears and when game day noise might be too much for them.

(Image credit: Jaap Arriens)

• Proton and Vivaldi have announced a new partnership, integrating Proton VPN directly into Vivaldi's desktop browser
• The integration is available for use from March 27, 2025
• This partnership hopes to strengthen European tech independency from US Big Tech giants and provide users with a better online experience

Europe-based firms Proton and Vivaldi have announced they're joining forces. The partnership means Proton VPN will be integrated into Vivaldi's desktop browser starting today, March 27, 2025.

The integration allows users to enjoy the perks of one of the best VPN services when surfing the web and promises advanced customization and control over your data.

The partnership aims to strengthen European tech independency from US Big Tech giants while helping you break free from surveillance capitalism models, all with a better online experience.

A better alternative

"Consumers around the world are fed up with Big Tech’s data collection. The problem is they haven’t until recently had an alternative," said David Peterson, General Manager of Proton VPN.

"Together, Proton VPN and Vivaldi are setting a new standard that challenges the dominance of Tech giants, providing a viable European alternative that helps people retake control of their digital lives."

Web browsers are the primary source for online data collection on today's internet. While you can take some steps to minimize your data footprint by spoofing your IP address with a virtual private network (VPN), this generally involves the need to download an app or browser extension.

You can find Proton VPN directly on the sidebar of Vivaldi's desktop browser app for a seamless and secure browsing experience (Image credit: Proton)

Now, you can utilize Proton's tried and tested privacy, security, and anti-censorship features directly from the Vivaldi browser. All you need to do is create a Proton account and enjoy the protections of this no-log VPN.

On its side, Vivaldi is a secure and encrypted web browser known for its great customization features.

For example, unlike Google Chrome, it promises never to track your browsing history or collect your data in any other form. Everything is stored locally on your device in an encrypted folder, so not even the provider itself can access it.

Vivaldi also offers a built-in tracker and ad blocker, alongside the ability to disable all cookies from third-party sites.

"While innovation drives technology forward, we believe ethics must guide its path," said COO and Co-founder at Vivaldi, Tatsuki Tomita. "Our partnership represents a principled alternative to big tech, one where your data remains yours, not a commodity to be sold."

You might also like

• Profit over privacy? Google gives advertisers more personal info in major ‘fingerprinting’ U-turn
• We just reviewed Proton VPN – here are 5 ways it impressed us
• I spent 7 days on a data detox – here's what I learned

Utah's new law is part of a larger effort by Republicans to limit the window in which mail ballots can be counted during an election.

(Image credit: George Frey)

Cyber attackers like to target SAP systems because of their wide use—SAP platforms are used by 99 of the Fortune 100 companies and have over 280 million cloud subscribers worldwide. Attackers know this and take advantage of SAP’s vulnerabilities.

These vulnerabilities include configuration errors, access control problems, and software bugs. There are many types of weaknesses in SAP systems and different ways to deal with them. This article will look at some common vulnerabilities you must know and, importantly, how to mitigate these SAP risks.

Mitigating Risks

The risks of not dealing with potential SAP vulnerabilities are financial loss, data loss, reputational damage, and even legal liability. Reducing these risks requires minimizing the attack surface. SAP users must continuously assess and inventory the exposed services (SOAP, WebService, APIs). Any service that is not used or does not serve a current business function should be deactivated to reduce the attack surface and, thus, minimize the risk of exploitation.

In addition, SAP administrators should identify services that do not require authentication. These services are favored touch points for bad actors to gather information. To further tighten the defense, keep up with the latest security advisories, SAP Security Notes, and vulnerabilities. It’s a good policy to limit the number of users with access to sensitive data by creating strong access controls. Regularly updating your systems and keeping up with the latest security patches are also required. Since native SAP security is limited, using third-party tools to boost vulnerability insights and gain insights into platform attack vectors is also helpful.

Common Vulnerabilities

SAP vulnerabilities come in many forms and can be daunting to identify and manage. However, constant attention to these common types of SAP vulnerabilities will strengthen the platform’s posture:

• Code Injection vulnerabilities allow attackers to inject malicious code into SAP Systems. This code can help steal data or mount an attack on business operations. Examples are SQL injection and Remote Function Call (RFC) injection.
• Denial-of-service vulnerabilities allow attackers to send multiple requests or data to SAP systems, which can overwhelm them and cause them to crash.
• Authentication vulnerabilities allow cyber attackers to access authentication protocols. Some examples are misconfigured authentication settings, shared credentials, or weak passwords. Organizations should implement multi-factor authentication (MFA) and routinely review and update authentication policies. Enforcing single sign-on dramatically reduces the attack surface and the team's effort to reset the password.
• Authorization vulnerabilities allow attackers access to critical information and system protocols. Some examples are misconfigured authorization protocols and poor role designs. Organizations must implement robust role-based access controls (RBAC) to ensure users have only the permissions necessary for their roles.

Unsecured Interfaces

Attention must be paid to all interfaces. SAP systems often have multiple communication interfaces, including RFC (Remote Function Call) and HTTP. Unsecured interfaces allow hackers to manipulate data or move between SAP systems, compromising the entire platform’s landscape. To make it more secure, avoid using passwords by configuring trust between systems or using SAP's UCON functionality to lower the attack surface. Another step is enabling data encryption for information at rest and in transit.

Security Logs

Be sure to activate the SAP Security Audit Log; this becomes essential for incident investigation. Proper logging and monitoring are crucial for detecting and responding to security incidents. Inadequate or misconfigured logging can make identifying suspicious activities or breaches difficult. Organizations must establish robust monitoring and alerting systems to stay vigilant against potential threats.

Outdated Systems

Running outdated or unsupported SAP systems, operating systems, and databases is a significant security risk. These systems are more likely to have known vulnerabilities that attackers exploit. If an SAP system is decommissioned, ensure all users are locked out, and the data is deleted to prevent unwanted access.

Conclusion

Due to the sensitive nature of the data managed within SAP systems and their business-critical nature, organizations must establish a comprehensive security strategy that includes regular patch management, robust access controls, secure custom code development, and ongoing user training.

Education and heightened security awareness can help prevent social engineering traps like phishing. And it can’t be stressed enough: not patching SAP regularly is one of the most significant security tasks. Patches, or SAP Security Notes, contain critical security fixes that address vulnerabilities. Failing to apply these patches will render the platform vulnerable.

In addition to all the mitigating actions mentioned, one of the best ways to protect the SAP system is to automate much of the hardening activities through third-party tools designed to complement native SAP security.

We feature the best Active directory documentation tool.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Keep a ready supply of purified water and ditch the large jugs and single-use plastic. Here's how portable water dispensers work and why I switched.

Last year, Gen-Z uprising in Bangladesh helped bring down Prime Minister Sheikh Hasina. Student activists continue to be central figures in shaping the future of Bangladesh's political landscape.

(Image credit: Rajib Dhar)

Climate change and overfishing are making it harder to catch the anchovies essential to the condiment that underlies so much of Vietnam and southeast Asia's food.

(Image credit: Yannick Peterhans)

For the first time, a re-creation of the annex where Anne Frank and her family hid is available outside of Amsterdam. Visitors in New York said its themes reverberated in today's political climate.

(Image credit: John Halpern)