Correct. Now that we are back to pushing updates every 4 hours, whereas most AV companies only push once or twice a day.
-- Joel Esler Manager, Talos Group On May 17, 2016, at 10:20 AM, C.D. Cochrane <[email protected]<mailto:[email protected]>> wrote: My 2 cents would be that rapid traditional signature updates are not a viable solution to this long term problem. I'm pretty sure the current generation of Locky, Dridex, Nemucod, etc. ransomware is generated using millions of tiny mutations so that almost every email attachment has a unique signature. There is no way to keep up with that. ClamAV got more than a million virus samples per day, last time I inquired. ...Chris Sent: Tuesday, May 17, 2016 at 8:02 AM From: "Michael D. L." <[email protected]<mailto:[email protected]>> To: [email protected]<mailto:[email protected]> Subject: [clamav-users] Signature update schedule, and requirements for adding Signatures Hi, Hope it's the right list I'm posting to :) Why is the Signature Database only updated every 4 hours? Every 15 minutes would make more sense, since Spammers move very fast pushing out new version of Trojans and alike. I've reported several Signatures/Files (via. the website), but they never make it to the database. When reporting, I also included the result from www.virustotal.com<http://www.virustotal.com>[http://www.virustotal.com] Best Regards Michael _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
