Total Tests:

Samsung development lab leaked highly sensitive source code

By Barnaby for Software Testing NEWS
Wednesday, May 8, 2019

A development lab used by Samsung engineers has been exposing source code, credentials and secret keys for several internal Samsung projects, a security researcher has found.

Ilia Kolochenko, founder and CEO of web security company ImmuniWeb, commented: “Unfortunately, today many other large companies unwittingly leak their source codes and other sensitive data via public code repositories, social networks, Pastebin and many other communities on the web. Often, the source code contains hardcoded credentials, API keys, detailed information about internal systems like CRM or ERP, let alone intellectual property owned by the organisations.

“Outsourcing of software development to third parties tremendously exacerbates the problem. Remote developers may recklessly share, send and store your source code without any protection or care. For a while already, cybercriminals glean leaked data from public websites, frequently securing a windfall. Ultimately, growing investments into cybersecurity are ruined by insecure software development processes.

“Organisations should conduct a holistic risk management assessment of their suppliers, foremost on software development companies. Comprehensive and measurable policies and procedures should be enacted and monitored on a continuous basis. Otherwise, you just leave the keys to your digital realm in the front door.” Read Full Article


Book a Call Ask a Question
Talk to ImmuniWeb Experts
Have a technical question?

Our security experts will answer within
one business day. No obligations.

Have a sales question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
Your data will stay private and confidential