Secondary threats
Disclosure of source code stored in repositories like this could reveal vulnerabilities that attackers could use to launch additional attacks, security experts warn.
“And the potential for human vulnerability with exposed PII [personally identifiable information]the leak also increases the NYT’s risk of further targeted intrusions by exposing vulnerabilities in its database infrastructure,” Rik Ferguson, VP of security intelligence at security vendor Foreskout, told CSOonline.com.
“This vulnerability could be developed in a variety of ways, for example the distribution of malware, to further interfere with the NYT corporate infrastructure, or denial of service attacks.”
Source link