I find myself increasingly fascinated by the sophistication of the malware threat. From my perspective as a network systems administrator and a security consultant, malware was before considered a nuisance merely impacting PC performance.
Zeus appears to be a sea change in the story of malware. No longer are the users only affecting themselves(their own PCs performance) when they surf irresponsibly and contract a malware infection. Authentication credentials and thus financial and corporate secrets are at risk from only one infection in an environment. And it is now clear that variants like Zeus are being used by organized criminals to compile complex profiles on their victims in preparation for the real attack.
What are you all doing on the network administration side to mitigate these threats? We employ firewalls, proxies, script blockers and machine scans, all at very reasonable low cost. Are these countermeasures enough to combat these sophisticated attacks?