"Fata Morgana Watering Hole Attack Targets Shipping, Logistics Firms"

Security researchers at ClearSky have discovered a sophisticated watering hole attack targeting multiple Israeli websites.  The malicious attempt, believed to be conducted by a nation-state actor from Iran, has raised concerns about the security of shipping and logistics companies operating in the region.  The researchers stated that in watering hole attacks, the attacker compromises a website that is frequently visited by a specific group of people, such as government officials, journalists, or corporate executives.  Once compromised, the attacker can inject malicious code into the website, which will be executed when users visit it.  The researchers noted that currently, the campaign focuses on shipping and logistics companies, aligning with Iran’s focus on the sector for the past three years.  The researchers attributed the attack with low confidence to Tortoiseshell, also known as TA456 or Imperial Kitten, a hacking group traditionally linked to Iranian cyber operations.

Infosecurity reports: "Fata Morgana Watering Hole Attack Targets Shipping, Logistics Firms"