A
watering hole attack compromises websites frequently visited by targets — waiting for victims to visit the legitimate-but-compromised site and delivering malware via drive-by download.
Difficult to defend against because the site is legitimate (known, trusted). Detection: web proxy categorization changes, SSL certificate changes on trusted sites, behavioral analysis detecting drive-by download. Patch browsers/plugins to defeat the exploit. Web isolation technology is the best defense.