AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
Hacking Humans
Encore: watering hole attack (noun) [Word Notes]
Jul 9, 2024
Exploration of watering hole attacks, including a real-life case on the International Civil Aviation Organization. Browser exploitation contest showcases evolving IT security landscape and need for robust protection in the digital age.
05:30
AI Summary
AI Chapters
Episode notes
Podcast summary created with Snipd AI
Quick takeaways
- Watering hole attacks involve compromising community sites to deliver malicious payloads.
- Pwn to Own contest exhibits hacking skills via browser vulnerabilities and code execution.
Deep dives
Watering Hole Attacks - A Brief Overview
Watering hole attacks, a concept derived from the intrusion kill chain model, involve compromising websites frequented by a targeted community to deliver malicious payloads. Coined by the RSA Advanced Threat Intelligence team in 2012, these attacks mimic predators waiting at watering holes for prey. Lucky Mouse's 2019 attack on the International Civil Aviation Organization exemplifies this method's efficacy, compromising servers and accounts through the website. These attacks have become prevalent in cybersecurity campaigns.
Get the Snipd
podcast app
Unlock the knowledge in podcasts with the podcast player of the future.
AI-powered
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode
Save any
moment
Hear something you like? Tap your headphones to save it with AI-generated key takeaways
Share
& Export
Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more
AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode