Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool. A China-based threat actor has ramped up ...

Between November 2023 and July 2024, the attackers compromised Mongolian government websites and used the access to conduct “watering hole” attacks, in which anyone with a vulnerable device ...

This tactic is known as a watering hole attack, in which a legit site that valuable netizens often visit is compromised so it can be used to in turn compromise those targets. You may remember ...

The threat actor combined a watering hole attack strategy with an exploit for a vulnerability in a file transfer client that is required in South Korea to complete certain financial and ...

Kroll researchers observed Termite use a watering hole attack method that relied on malicious ad software, according to Laurie Iacono, associate managing director, cyber risk at Kroll.

Google LLC’s Threat Analysis Group today shared details on multiple observed in-the-wild exploit campaigns that used watering-hole attacks on Mongolian government websites between November 2023 ...