Join our subscribers
Samsung development lab leaked highly sensitive source code
Wednesday, May 8, 2019
A development lab used by Samsung engineers has been exposing source code, credentials and secret keys for several internal Samsung projects, a security researcher has found.
Ilia Kolochenko, founder and CEO of web security company ImmuniWeb, commented: “Unfortunately, today many other large companies unwittingly leak their source codes and other sensitive data via public code repositories, social networks, Pastebin and many other communities on the web. Often, the source code contains hardcoded credentials, API keys, detailed information about internal systems like CRM or ERP, let alone intellectual property owned by the organisations.
“Outsourcing of software development to third parties tremendously exacerbates the problem. Remote developers may recklessly share, send and store your source code without any protection or care. For a while already, cybercriminals glean leaked data from public websites, frequently securing a windfall. Ultimately, growing investments into cybersecurity are ruined by insecure software development processes.
“Organisations should conduct a holistic risk management assessment of their suppliers, foremost on software development companies. Comprehensive and measurable policies and procedures should be enacted and monitored on a continuous basis. Otherwise, you just leave the keys to your digital realm in the front door.” Read Full Article
The Telegraph: Bitcoin safety in spotlight after hackers steal £30 million in digital currency
Metro: Hackers steal £30,900,000 in Bitcoin from cryptocurrency exchange
