The recent evolution of cyber security has improved more defensive approaches and hardening security measures, intruders started discovering various ways to compromise or to get intruded into an organization they often target vulnerable employees as an intrusion point,
Many attacks take place by the lack of awareness of the employees of an organization, attacks such as Stuxnet, SolarWinds happen because of a flaw of internal employees who failed to be aware of these cyber threats, an intruder whose main focus is to target a vulnerable person and to trick them to execute their targeted actions.
Malicious websitesWeak passwordExcessive privilegesPhishing
In recent trends browser-based intrusion becomes more common, attackers publicly hosted many malicious websites and trick the victim to visit the infected sites and get intrude into the networks these types of attacks known as WATERING HOLE TECHNIQUE
WATERING HOLE TECHNIQUE
This attack has a specific path to be get executed
Read the article