During enumeration, a red team discovered that an external web server was frequented by employees. After compromising the server, which of the following attacks would BEST support compromising company systems?
During enumeration, a red team discovered that an external web server was frequented by employees. After compromising the server, which of the following attacks would BEST support compromising company systems?
A watering-hole attack involves compromising a trusted website frequently visited by the target group, in this case, the company’s employees. By compromising the external web server, the attackers can deliver malicious content or exploit client-side vulnerabilities when employees visit the site. This method capitalizes on the trust employees have in the website, making it an effective tactic for further compromising company systems.
C. A watering-hole attack A watering-hole attack involves compromising a website that is frequently visited by the target individuals. In this scenario, the red team has already discovered that an external web server is frequented by employees. By compromising this server and using it as a watering hole, attackers can exploit the trust employees have in the website to deliver malicious content or conduct further attacks. This type of attack is particularly effective when employees visit the compromised site, unaware that it has been tampered with, making it a suitable choice for compromising company systems in this context.
C. A watering-hole attack
C. A watering-hole attack: This attack involves compromising a website that is known to be visited by the target group (in this case, the company’s employees) and then using that website to deliver malware or exploit client-side vulnerabilities. By compromising the web server, the red team can inject malicious code A. This type of attack typically involves gaining information from the physical implementation of a computer system (e.g., electromagnetic leaks, timing information). It is not directly related to compromising systems via a compromised web server frequented by employees. B. While this could be used to exploit vulnerabilities on the server itself, it does not specifically leverage the fact that employees are frequenting the server. D. While XSS can be used to compromise user sessions or steal information, it is typically more limited in scope compared to a watering-hole attack. XSS could be a component of the watering-hole attack, but on its own, it is not as comprehensive.
Ccccc for sure