[sanesecurity] Re: Browser triggers Safebrowsing warning but clamav is not detecting the URL...
- From: Ricardo Stella <stella@xxxxxxxxx>
- To: sanesecurity@xxxxxxxxxxxxx
- Date: Wed, 28 Aug 2013 16:43:41 -0400
FYI - today it is detected by Sanesecurity.SpearL.2.UNOFFICIAL
I posted this on the clamav-users list but not sure how much traffic
that gets... Or do the browsers do it a different way?
--
°((( = (( ===°°° ((( ================================================
On 8/28/2013 3:56 PM, Ricardo Stella wrote:
> (apologies for sending this to Steve directly by accident).
>
> Recently we got a really bad phish attempt with a URL in plain text.
> The URL triggers Safebrowsing both in Firefox and Chrome, but for some
> reason clamav does not seem to trigger anything.
>
> I use a good set of rules and when running clamscan in debug mode,
> clearly see that they are all being loaded, including safebrowsing.
> All of course updated as well. But the copy of the email reports no
> infections at all.
>
> BTW, all three tests (subject, html and txt) work and are detected...
>
> Have not submitted the form to any one else, but can send it if anyone
> is interested.
>
> TIA.
>
>
> --
> °((( = (( ===°°° ((( ================================================
>
begin:vcard
fn:Ricardo Stella
n:Stella;Ricardo
org:Rider University;OIT - N.U.T.S.
adr:;;2083 Lawrenceville Rd;Lawrenceville;NJ;08648;USA
email;internet:stella@xxxxxxxxx
title:Assoc. Director
tel;work:609-896-5000 x7436
url:www.rider.edu
version:2.1
end:vcard
Other related posts:
