Deep dive into QUANTUM INSERT

Summary¬†and recommendations QUANTUMINSERT (QI) is actually a relatively old technique. In order to exploit it, you will need a monitoring capabilities to leak information of observed TCP sessions and a host that can send spoofed packets. Your spoofed packet also needs to arrive faster than the original packet to be able to be successful. Any … Continue reading Deep dive into QUANTUM INSERT

Liveblog: Malvertising from Google advertisements via possibly compromised reseller

We are currently observing a large scale malvertising campaign originating from all the Google advertisement services resold from¬†engagelab.com. It appears as if if all of engagelab.com its advertisement & zone ID's are currently redirecting to a domain, which in its turn is redirecting to the Nuclear Exploit Kit, indicating a possible compromise at this reseller … Continue reading Liveblog: Malvertising from Google advertisements via possibly compromised reseller