Explore modern malvertising and web-based malware exploit campaigns in this 55-minute OWASP AppSec California 2015 conference talk. Gain insights into the current malware landscape, focusing on the top five types targeting web application users. Discover how attackers are shifting towards direct user monetization rather than traditional exploitative code. Follow a detailed technical walkthrough of a real-world malvertising and malware campaign, examining each step of the attack and its distribution and obfuscation layers. Learn about traffic distribution systems, video ad banners, cloud components, and real-time bidding in the context of these threats. Understand the impact on mobile devices, browsers, and various industries, and explore best practices for protecting against these evolving attack vectors.