The password-stealing ZeuS variant, Gameover, is now using encryption to get around perimeter security kit like firewalls and intrusion detection systems. Malcovery's Gary Warner outlines the new behaviour of the malware at his blog, here, on the basis that the threat needed to be known beyond the circle of the company's …
Just need to spot the UPATRE downloader then?
How's this helping them?
If you are silly enough to open a zip attachment from a random mail then your doomed from the start.
With all these techniques becoming more common a more strict default deny policy with approved apps only being allowed through next gen firewalls like Palo Alto Networks may be the only way to cope with this as users WILL open zip attachments.
with a flick of a switch...
the best work around for all of these phishing/social engineering tricks;
.exe files can only be run from C:\Program Files... Group Policy
This has curbed my companies malware infection rates by 90% in the last 3 months, and makes us highly resistant to this attack also.