Watering hole attacks have been in the news as of late. Symantec published a question and answer blog post to explain exactly what a watering hole attack is, its prevalence and how to prevent an attack .
"A watering hole attack is a method of targeting sites which are likely to be visited by targets of interest. The attacker will compromise the site and inject JavaScript or HTML to redirect victims to additional malicious code. The compromised site is then left “waiting” to exploit users who visit through drive-by downloads."
Internet Explorer Zero-Day Used in Watering Hole Attack: Q&A | Symantec
"A watering hole attack is a method of targeting sites which are likely to be visited by targets of interest. The attacker will compromise the site and inject JavaScript or HTML to redirect victims to additional malicious code. The compromised site is then left “waiting” to exploit users who visit through drive-by downloads."
Internet Explorer Zero-Day Used in Watering Hole Attack: Q&A | Symantec
