I have checked VirusTotal and none of the 23 samples submitted yesterday were detected at the time of submission by ClamAV. I'd estimate that an average of 20 of 55 scanners did detect them as infected. On the basis of that I would have to guess that ClamAV signatures will not detect Grizzly Steppe at this time, but will probably be able to shortly.
-Al- On Wed, Jan 04, 2017 at 04:12 PM, TR Shaw wrote: > > I have offered sigs to ClamAV official but have heard nothing back yet. > >> On Jan 4, 2017, at 6:52 PM, Eric Tykwinski <[email protected]> wrote: >> >> This was my concern about Cisco’s AMP product on ASA’s and NGIPS’s. I’m >> going to be beta testing stuff out shortly, but don’t have high hopes >> besides the Snort rules. >> >> Sincerely, >> >> Eric Tykwinski
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ clamav-users mailing list [email protected] http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
