AppSecUSA 2015

The purpose of this presentation will be to introduce the audience to
new techniques attackers are using to target users of web applications
for exploitation.

The first part of this presentation will be an introduction to the
modern Malware landscape, with a breakdown of the top 5 types of
malware being actively used in campaigns to target end users of web
applications. Of interest, though perhaps unsurprising - the top three
are not what we traditionally think of as "malware" in the sense of
exploitative code or remote backdoors - but aimed at direct
monetization of the user.

The second part of this presentation will be a technical walkthrough a
real-world modern malvertising & malware campaign, and break down each
step of the attack, and each distribution & obfuscation layer. This
walkthrough will be the bulk of the presentation (30 minutes), leaving
time for Q & A at the end.

Time permitting, we may provide more examples of modern campaigns/malware.