Getting heaps of false positives myself with these new SecuriteInfo.com <http://securiteinfo.com/> sigs as well. James. > On 28 Mar 2015, at 1:14 am, Steve Basford <steveb_clamav@xxxxxxxxxxxxxxxx> > wrote: > > > On Fri, March 27, 2015 1:13 pm, Wolfgang Zeikat wrote: >> Hi, >> >> >> the signature hits subscribed newsletters from the Swiss newspaper Neue >> Zürcher Zeitung > > > Hi Wolfgang, > > That signatures is from SecuriteInfo.com databases and not under my > control/or distributed by the Sanesecurity mirrors. > > The full signature name to report is: > > SecuriteInfo.com.Spammer.ec-messenger.com. > > > Recently on the ClamAV-Users list they announced that the had more > signatures than their other 3rd Partly "competitors" > .... and had zero false positives: > > See their site: > > https://www.securiteinfo.com/services/improve-detection-rate-of-zero-day-malwares-for-clamav.shtml > > They also said.... > > -------------------------------------------------------------- > The (very very very) old clamav.securiteinfo.com/securiteinfo.hdb.gz has > been removed The old signatures (hosted by clamav.securiteinfo.com) will > not be updated anymore, and will be removed in a few weeks. > > Don't hesitate to send me your feedbacks off list at > webmaster@xxxxxxxxxxxxxxxx > --------------------------------------------------------------- > > Sorry I can't help further :( > > Cheers, > > Steve > Web : sanesecurity.com > Blog: sanesecurity.blogspot.com > >
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
