[sanesecurity_announce] new databases

• From: "Steve Basford" <steveb_clamav@xxxxxxxxxxxxxxxx>
• To: sanesecurity_announce@xxxxxxxxxxxxx
• Date: Thu, 9 Mar 2017 12:49:03 -0000

Hi All,

New databases are now on the mirrors...

Database: foxhole_mail.cdb
Description: block any mail that contains a possible dangerous attachments
such as: js, jse, exe, bat, com, scr, uue, ace, pif, jar, gz, lnk, lzh.
FP Risk: High


The following databases are distributed by Sanesecurity, but produced by
malware.expert

General Description: Signatures Detect malware from PHP files. Signatures
are generated for real life PHP malware from live Web Hosting Servers

malware.expert.fp:
Description: found to be false positive malware
FP Risk: Med

Database: malware.expert.hdb
Description: statics MD5 pattern for files
FP Risk: Low

Database: malware.expert.ldb
Database: foxhole_mail.cdb
Description: which use multi-words search for malware in files.
FP Risk: Med

Database: malware.expert.ndb
Description: Generic Hex pattern PHP malware, which can cause false
positive alarms
FP Risk: Med


-- 
Cheers,

Steve
Twitter: @sanesecurity

Other related posts:

• » [sanesecurity_announce] new databases- Steve Basford
• » [sanesecurity_announce] new databases - Steve Basford

1. Home
2. sanesecurity_announce
3. Archive
4. 03-2017

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---