[sanesecurity] Sanesecurity News
- From: "Steve Basford" <steveb_clamav@xxxxxxxxxxxxxxxx>
- To: sanesecurity_announce@xxxxxxxxxxxxx
- Date: Thu, 3 Dec 2015 16:17:08 -0000
Hi All,
A few important updates.
1. Current download Scripts
A. Latest Linux download script (eXtremeSHOK.com version recommended):
http://sanesecurity.com/usage/linux-scripts/
B. Latest Windows/ClamWin download script (to replace ClamSup)
http://sanesecurity.com/usage/windows-scripts/
2. Recommended databases to add to block malware.
In order to make sure you have protection for the latest malware,
it's worth making sure that you have the following three signature
databases in your download script config.
badmacro.ndb [block the current Dridex Macros]
foxhole_filename.cdb [block numerical Java/Exe/Scr malware etc.]
foxhole_generic.cdb [block double-extension Malware]
rogue.hdb, phish.ndb will also block malware.
Other signatures here: http://sanesecurity.com/usage/signatures
3. ClamAV v0.99 and Yara Support
ClamAV v0.99 supports Yara signatures, using the eXtremeSHOK.com
current download script, the following two Yara signatures are supported
and can be added to your config files.
Sanesecurity_sigtest.yara
Sanesecurity_spam.yara
4. To keep up to date with current threats and detection, Sanesecurity
blog is useful:
http://sanesecurity.blogspot.com
Cheers,
Steve
Web : sanesecurity.com
Blog: sanesecurity.blogspot.com
Other related posts:
- » [sanesecurity] Sanesecurity News - Steve Basford
- » [sanesecurity] Sanesecurity News- Steve Basford
