CFR Watering Hole Attack

On December 27, we received reports that the Council on Foreign Relations (CFR) website was compromised and hosting malicious content.

Image source: Flickr/Chris Capehart
It was later confirmed that the CFR website was hosting the malicious content as early as Friday, December 21—right before a major U.S. holiday.

The malicious content hosted on the website does appear to use Adobe Flash to generate a heap spray attack against Internet Explorer version 8.0 (fully patched), which was the source of the zero-day vulnerability.

What can your CU do to avoid falling prey to this type of attack? Read the blog to find out.