Friday, Jul 17, 2026
English News
  • Hyderabad
  • Telangana
  • AP News
  • India
  • World
  • Entertainment
  • Sport
  • Science and Tech
  • Business
  • Rewind
  • ...
    • NRI
    • View Point
    • cartoon
    • My Space
    • Education Today
    • Reviews
    • Property
    • Lifestyle
E-Paper
  • NRI
  • View Point
  • cartoon
  • My Space
  • Reviews
  • Education Today
  • Property
  • Lifestyle
Home | Science & Tech | Hackers Stole Source Code From Govt Agencies Private Firms Fbi

Hackers stole source code from govt agencies, private firms: FBI

The FBI alert warned the owners of SonarQube, a web-based application that companies integrate into their software build chains to test source code and discover security flaws before rolling out code and applications into production environments.

By IANS
Updated On - 8 November 2020, 05:16 PM
Hackers stole source code from govt agencies, private firms: FBI
whatsapp facebook twitter telegram

San Francisco, Nov 8 (IANS) The US Federal Bureau of Investigation (FBI) has issued a security alert saying threat actors have stolen source code from government agencies and private firms and are abusing it to gain access to critical information.

The FBI alert warned the owners of SonarQube, a web-based application that companies integrate into their software build chains to test source code and discover security flaws before rolling out code and applications into production environments.


The actors exploit known configuration vulnerabilities, allowing them to gain access to proprietary code, exfiltrate it and post the data publicly.

The FBI has identified multiple potential computer intrusions that correlate to leaks associated with SonarQube configuration vulnerabilities.

“SonarQube apps are installed on web servers and connected to source code hosting systems like BitBucket, GitHub, or GitLab accounts, or Azure DevOps systems,” reports ZDNet.

According to the FBI, some companies have left these systems unprotected, running on their default configuration with default admin credentials.

“In August 2020, unknown threat actors leaked internal data from two organizations through a public lifecycle repository tool. The stolen data was sourced from SonarQube instances that used default port settings and admin credentials running on the affected organizations’ networks,” the FBI said in the alert.

This activity is similar toa previous data leak in July 2020, in which an identified cyber actor exfiltrated proprietary source code from enterprises through poorly secured SonarQube instances and published the exfiltrated source code on a self-hosted public repository.

The FBI suggested the firms change the SonarQube default settings, including changing default administrator username, password and port (9000).

“Place SonarQube instances behind a login screen, and check if unauthorized users have accessed the instance and revoke access to any application programming interface keys or other credentials that were exposed in a SonarQube instance, if feasible,” the agency suggested.

  • Follow Us :
  • Tags
  • Corona Virus Deaths
  • Coronavirus
  • Coronavirus in India
  • Coronavirus Latest Updates

Related News

  • GHMC releases assembly constituency mapping to help voters fill SIR forms

    GHMC releases assembly constituency mapping to help voters fill SIR forms

  • GHMC identifies 11.52 lakh ASD electors in Hyderabad district

    GHMC identifies 11.52 lakh ASD electors in Hyderabad district

  • Hyderabad: Madhu Park Ridge residents plan NGT move over Musi Riverfront project

    Hyderabad: Madhu Park Ridge residents plan NGT move over Musi Riverfront project

  • Minor girl allegedly sexually assaulted in Hyderabad’s Sanathnagar; man taken into custody

    Minor girl allegedly sexually assaulted in Hyderabad’s Sanathnagar; man taken into custody

Latest News

  • YSRCP launches Jagan 2.0 Super App to connect cadre with party leadership

    2 hours ago
  • Argentina fan Sandilya presents jersey to Azharuddin, discusses Hyderabad sports infrastructure vision

    3 hours ago
  • NEET-UG 2026: Telangana shines with eight students in top 138, Sahyu secures AIR 13

    3 hours ago
  • Rohit Sharma unlikely to be picked for ODIs after England series as selectors back youth: Report

    3 hours ago
  • NEET-UG 2026 results declared: Punjab’s Aryan Gupta, Haryana’s Panshul Bansal top medical entrance exam

    4 hours ago
  • U Mumba TT beat PBG Pune Jaguars 9-6 to top Butterfly UTT Season 7 standings

    4 hours ago
  • NEET aspirant dies by suicide in Faridabad after distress over expected score, police say

    4 hours ago
  • Opinion: When childhood takes the wheel – the hidden risks of underage driving

    4 hours ago

company

  • Home
  • About Us
  • Contact Us
  • Privacy Policy

business

  • Subscribe

telangana today

  • Telangana
  • Hyderabad
  • Latest News
  • Entertainment
  • World
  • Andhra Pradesh
  • Science & Tech
  • Sport

follow us

  • Telangana Today Telangana Today
Telangana Today Telangana Today

© Copyrights 2024 TELANGANA PUBLICATIONS PVT. LTD. All rights reserved. Powered by Veegam