Watering hole attacks were in the news earlier this year (2015) after a Chinese cyber espionage group successfully compromised several major US financial services and defense industry companies. The attack sprang from malicious code injected into www.forbes.com\u2019s \u2018Thought of the Day\u2019 widget, which is a flash pop-up users see upon visiting the Forbes.com home page. <\/p>\n
The group exploited two zero-day vulnerabilities, one in Microsoft’s Internet Explorer and the other in Adobe’s Flash Player \u2013 both have since been fixed by Microsoft and Adobe. <\/p>\n
The forbes.com example is a classic, \u2018watering hole\u2019 drive-by attack. The premise of the watering hole attack is simple: identify a place \u2013 online or in the real world \u2013 where members of a community gather and then poison that place. Once the place is \u2018poisoned\u2019 the hackers are then able to exploit vulnerabilities by injecting malware into those visiting that place. <\/p>\n
In the physical world, a watering hole attack might be something like setting up a fake, free wifi service at a coffee shop where employees of a target company often go. <\/p>\n
In the Forbes attack, the watering hole was their flash \u2018thought of the day\u2019 widget that many people in the financial services and defense industry see because they are so apt to visit www.forbes.com. <\/p>\n
Simple, classic and dangerous. <\/p>\n","protected":false},"excerpt":{"rendered":"
Watering hole attacks were in the news earlier this year (2015) after a Chinese cyber espionage group successfully compromised several major US financial services and defense industry companies. The attack sprang from malicious code injected into www.forbes.com\u2019s \u2018Thought of the Day\u2019 widget, which is a flash pop-up users see upon visiting the Forbes.com home page. […]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[346,349],"tags":[350,107,263,351,352,353,341],"class_list":["post-7287","post","type-post","status-publish","format-standard","hentry","category-definition-of-the-day","category-faqs","tag-chinese-cyber-espionage","tag-chinese-hackers","tag-definition-of-the-day","tag-forbes-com","tag-watering-hole","tag-watering-hole-attack","tag-zero-day-vulnerability"],"yoast_head":"\n