My 2 cents would be that rapid traditional signature updates are not a viable solution to this long term problem. I'm pretty sure the current generation of Locky, Dridex, Nemucod, etc. ransomware is generated using millions of tiny mutations so that almost every email attachment has a unique signature. There is no way to keep up with that. ClamAV got more than a million virus samples per day, last time I inquired. ...Chris > >Sent: Tuesday, May 17, 2016 at 8:02 AM >From: "Michael D. L." <[email protected]> >To: [email protected] >Subject: [clamav-users] Signature update schedule, and requirements for adding >Signatures >Hi, > >Hope it's the right list I'm posting to :) > >Why is the Signature Database only updated every 4 hours? Every 15 >minutes would make more sense, since Spammers move very fast pushing out >new version of Trojans and alike. > >I've reported several Signatures/Files (via. the website), but they >never make it to the database. When reporting, I also included the >result from www.virustotal.com[http://www.virustotal.com] > >Best Regards >Michael > _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
