Four new databases added:
badmacro.ndb (detect dangerous macros) (medium risk)
hackingteam.hsb (hacking team hashes) (low risk)
Sanesecurity_sigtest.yara (Yara format: Sanesecurity test signatures)
Sanesecurity_spam.yara (Yara format: detect spam)
Yara Note:
a)Yara signatures need ClamAV 0.99 to work
b)Yara signature name format example
YARA.Sansesecurity_Spam_Google_Redir_001.UNOFFICIAL FOUND
(YARA.) indicates it's a Yara ClamAV signature and not the traditional
ClamAV database:
Download scripts with the update database name should be available shortly:
http://sanesecurity.com/usage/linux-scripts/
Cheers,
Steve
Web : sanesecurity.com
Blog: sanesecurity.blogspot.com