Secondary threats
The publicity of supply code held in repositories like this might reveal vulnerabilities that attackers can exploit to launch additional assaults, safety specialists warned.
“In addition to the potential for danger to people via uncovered PII [personally identifiable information], the leak additionally will increase the chance to the NYT of additional focused intrusions via the publicity of vulnerabilities within the web site’s infrastructure,” Rik Ferguson, VP of safety intelligence at safety vendor Forescout, instructed CSOonline.com.
“These vulnerabilities may then be additional leveraged in varied methods, for instance to distribute malware, to impact additional intrusions into NYT company infrastructure, or for denial-of-service assaults.”
