NukeBot

Websense has issued a report concerning a HTTP protocol based Botnet which is stealing login data for financial sites.

Click the link above for their full write up.

Nothing too exciting about mitigation:

Don't click unknown links - if you get an email from a company requesting additional information, manually type the link in your address bar.
Don't visit links with the IP address in the address field (example: http://127.1.23.11/bankofamerica.com)
Only give more information than the agency would actually need. (Do they really need your drivers license or social security number?)
Use different passwords for your email address, cpanel access, ebay, paypal, and any other accounts.
Use non-standard internet browsers - opera, firefox, seamonkey, w3m, etc.
Keep your private life private - intimate pictures and thoughts shouldn't be posted on MySpace!
Keep your antivirus and anti-spyware up to date.
Launch suspicious applications in a virtual machine like VMware (free!)
Do NOT use administrator rights, regardless of your operating system.
If you suspect you've been compromised, seek professional help!