We are using up to date clamav sigs.  The problem is that these files are
encrypted so they're not being detected.

On Tue, Oct 18, 2016 at 11:19 AM, Grayhat <gray...@gmx.net> wrote:

> :: On Tue, 18 Oct 2016 10:27:10 -0400
> :: <calhpkamx-umhq93g4pshni-xjs4doujhvhty7r1cywfkwtj...@mail.gmail.com>
> :: K Post <nntp.p...@gmail.com> wrote:
>
> > VirusTotal has zero hits on the samples that I submitted, but if
> > they're encrypted, that explains why...
>
> I suppose that, since you're talking (ok, writing) about AFC, you're
> running ClamAV; now... are you using the extra signatures available
> from SaneSecurity ? I'm referring to
>
> http://sanesecurity.com/usage/signatures/
>
> to use them you'll need to schedule one of the update scripts available
> on Steve's (sanesecurity) site, depending from your OS to ensure your
> ClamAV will also use updated "extra" signatures; then, in case the AV
> doesn't catch the critters, you may submit samples to Steve and he'll
> add signatures on the fly so that you'll have them available in a
> really short time :)
>
>
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, SlashDot.org! http://sdm.link/slashdot
> _______________________________________________
> Assp-test mailing list
> Assp-test@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/assp-test
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test

Reply via email to