“Last week Council on Foreign Relations website was compromised and recently hit by a drive-by attack using a zero day Internet Explorer 6 vulnerability for Cyber Espionage attack, suspected by Chinese Hackers. Later Microsoft confirmed that Internet Explorer 6, 7, and 8 are vulnerable to remote code execution hacks.
According to researcher Eric Romang, CFR watering hole attack (CVE-2012-4969 and CVE-2012-4792) has also target Capstone Turbine Corporation website since mid-September. He was able to find a cached version of the first JavaScript that starts the drive-by attack. Then on further search finds that by doing a Google dork search site:capstoneturbine.com ‘_include’ we can see something strangely like CFR.org ‘news_14242aa.html‘ file.”
Source:CFR watering hole attack also target Capstone Turbine Corporation – Hacking and Security News