We (ISC Sans) have gotten a number of submissions asking about "Flame", the malware that was spotted targeting systems in a number of arab countries. According to existing write-ups, the malware is about 20 MB in size, and consists of a number of binary modules that are held together by a duct tape script written in LUA. A good part of the size of the malware is associated with its LUA interpreter.
Variants of the SpyEye trojan target banks using a plugin called webinject.txt. We collected 1,318 samples in our back end that matched those from SpyEye Tracker's RSS Feed. Taking a look inside, we discovered that this collection of samples contains 632 different bank domains and that commerzbank.com was the most targeted bank domain.