Re: [clamav-users] How can we consume .ldb files in ClamAV Ubuntu?

Hello, are those signatures coming from FireEye github already included on the regular update ? regards Luca ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehens

Re: [clamav-users] Looks like we've gotten a new variant of Emotet getting through...

Hiya Can you please submit to Sanesecurity too. https://sanesecurity.com/contact-us/ Regards Brent On 2020/12/21 18:44, eric-l...@truenet.com wrote: I’m going to start posting a few to https://www.clamav.net/reports/malware Sincerely, Eric Tykwinski TrueNet, Inc. P: 610-429-8300 __

Re: [clamav-users] Looks like we've gotten a new variant of Emotet getting through...

Hi there, On Mon, 21 Dec 2020, eric-l...@truenet.com wrote: I can however scrub the raws and send a few of those as well. If you could zip up a few complete emails for me to look at I'd be most grateful. If you need to sanitize content in the bodies that's fine but it would be best for me if

Re: [clamav-users] Looks like we've gotten a new variant of Emotet getting through...

Joel, I would like to see more third party signature providers distribute through the signed packages so that every user is getting the signatures instead of a few. Last month I sent a generic sig using https://www.clamav.net/reports/signature and AFAIK it is still not published. If you d

Re: [clamav-users] Looks like we've gotten a new variant of Emotet getting through...

On Dec 21, 2020, at 4:02 PM, eric-l...@truenet.com wrote: Joel, I pretty much disagree with this. 90% or greater of what is sent into http://clamav.net is covered in less than 24 hours, and to a much greater degree. We don’t aim to cover ju

Re: [clamav-users] Looks like we've gotten a new variant of Emotet getting through...

Joel, > I pretty much disagree with this. 90% or greater of what is sent into > http://clamav.net is covered in less than 24 hours, and to a much greater > degree. We don’t aim to cover just the > sample you sent in, we cover all > the variants of that sample at the time, if possible. I pret

Re: [clamav-users] Looks like we've gotten a new variant of Emotet getting through...

I pretty much disagree with this. 90% or greater of what is sent into clamav.net is covered in less than 24 hours, and to a much greater degree. We don’t aim to cover just the sample you sent in, we cover all the variants of that sample at the time, if possible. On Dec 21,

Re: [clamav-users] Looks like we've gotten a new variant of Emotet getting through...

Hi, ... or you can use SecuriteInfo signatures. The lastest emotet malwares variant are already detected today. More information at http://ow.ly/LqfdL -- Cordialement / Best regards, Arnaud Jacques Gérant de SecuriteInfo.com Téléphone : +33-(0)3.60.47.09.81 E-mail : a...@securiteinfo.com Si

Re: [clamav-users] Looks like we've gotten a new variant of Emotet getting through...

hi eric, Am 21.12.20 um 17:59 schrieb eric-l...@truenet.com: > Sorry to bother, but do you guys want raw emails or just the payload > Word Docs? > > I just sent payloads, since they are real emails with responses and a > virus attached. this is pretty useless as clamav's reporting process is far

Re: [clamav-users] Looks like we've gotten a new variant of Emotet getting through...

Sorry to bother, but do you guys want raw emails or just the payload Word Docs? I just sent payloads, since they are real emails with responses and a virus attached. I can however scrub the raws and send a few of those as well. Sincerely, Eric Tykwinski TrueNet, Inc. P: 610-429-8300

[clamav-users] Looks like we've gotten a new variant of Emotet getting through...

I'm going to start posting a few to https://www.clamav.net/reports/malware Sincerely, Eric Tykwinski TrueNet, Inc. P: 610-429-8300 ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/cla