We look at malware delivered by a campaign that has infected thousands of websites around the world - and the various control flow obfuscation techniques that make its analysis as interesting as it is challenging.

Orbit Downloader by Innoshock is a popular browser add-on often used to download embedded videos from sites such as YouTube. But the popular add-on has disturbing hidden functions.

In this blog post we confirm that the Avatar rootkit continues to thrive in the wild, and disclose some new information about its kernel-mode self-defense tricks. We continue our research into this malware family.

Java has been – and still is – one of the more problematic issues security-wise. A website showing song lyrics from Golden Earring's Radar Love shows off problems that can leave users at the mercy of Java attacks.

A new paper aims to profile the victims most likely to fall for a phishing attack. But what is less clear is how you develop a profile while avoiding the pitfalls of stereotyping.

The Home Campaign is a malware campaign that uses a modified variant of Darkleech to direct visitors to the Blackhole exploit kit. We want to give a better idea of the size and extent of this campaign.

Bitcoin is not the only crypto-currency targeted by malware now that a Trojan designed to steal Litecoins has been discovered. In this post we review recent discoveries in malware impacting digital money.

ESET researchers explain the difficulties in attribution of targeted attacks; evidence is often circumstantial and the source never positively identified.