Discover the definition of the term Watering Hole Attack presented by Les Assises de la Cybersécurité.

WATERING HOLE ATTACK

The so-called "watering hole" attack consists of the attacker trapping a public website that he knows is visited by the victim(s) he is targeting in particular. This prevents him from coming into direct contact with his victims (in particular by sending a phishing email, for example, which is easily spotted). It is therefore an indirect attack, which can cause many collateral victims (starting with the infected website for the occasion). In order to avoid being detected too quickly, some advanced attackers only infect visitors matching the profile of their victims (origin of the visit, IP address belonging to the targeted company, etc.).

And there you have it, we have just ruined the excuse of the CISOs who were considering doing OSINT at the "watering hole" (read: a break at the bistro across the street...).

Assises page pushes

About Les Assises

Les Assises de la cybersécurité are a unique opportunity to discuss current and future cyber issues.
Go to the Assises one-to-one concept page

Excellence & Networking by DG Consultants

One to One events by DG Consultants : essential meeting places that combine business meetings, operational & strategic excellence, and networking opportunities in exceptional venues
Access Les Assises of cybersecurity glossary

Cyber Glossary | Les Assises

Les Assises de la Cybersécurité, France's must-attend cybersecurity event, provides definitions of the technical terms you need to know.
Vulnerabilities (Management) | Cyber Glossary
Weaponized | Cyber Glossary