Sunday, May 16, 2021

Attackers Hit Human Rights, Foreign Policy Websites With Drive-By Exploits

eWeek: Attackers have frequently targeted human rights and foreign policy think tank websites with DDoS attacks, but now they’re taking a craftier approach. According to the Shadowserver Foundation, hackers have begun compromising these websites with exploit code that spreads malware and enables cyber-espionage against people who visit the sites. Affected sites include Amnesty International Hong Kong, Center for Defense Information and the International Institute for Counter-Terrorism.

“These types of attacks seem to be increasing as the attackers look for additional ways to target and compromise a particular demographic while still being somewhat indiscriminate,” said Shadowserver’s Steve Adair. “I think attackers are finding that instead of going to the targets, that they can let the targets come to them. Even a person that’s been trained on how to spot and notice suspicious emails will likely have their guard down when visiting a Website they go to every day or every week.”

“The cold reality is that, in addition to APTs [Advanced Persistent Threats], most organizations aren’t protected from even the most basic of scripted attacks or common attack tools,” said Dave Marcus of McAfee Labs. “Ensuring security policies, network security prevention and detection, as well as incident-response plans are all up to date, will help your organization prevent and mitigate APT attacks.”

Similar articles

Latest Articles

How IBM has Changed...

Think is IBM’s big annual conference, and again this year, it was digital. I’m noticing a sharp quality difference in shows like this where...

Database-Tuning Platform Launches and...

PITTSBURGH — A team out of Carnegie Mellon University is launching its automatic database-tuning product today with the help of $2.5 million in funding.   OtterTune,...

Top 10 Professional Services...

Professional services automation (PSA) software aims to offer service-based companies most of the software they will need to run their businesses in one package....

What is Data Aggregation?

Data aggregation is the process where raw data is gathered and presented in a summarized format for statistical analysis. The data may be gathered...