[sanesecurity_announce] Updates
- From: Steve Basford <steveb_clamav@xxxxxxxxxxxxxxxx>
- To: sanesecurity@xxxxxxxxxxxxx, sanesecurity_announce@xxxxxxxxxxxxx
- Date: Thu, 26 Feb 2009 19:34:24 +0000
Hi All,
Thought I'd sent out a quick note about what's been happening lately:
* SHA256 files:
As some of you noticed tonight, the rsync mirrors suddenly had extra
files *.sha256 there. Sorry for not announcing this earlier as I
didn't get time to send out an announce before I left for the day.
The *.sha256 files were added as a quick checksum to verify downloads
for windows users. Gpg, while easy to setup for linux, is slightly more
problematic for *some* windows users/scripts, so they were added.
Linux scripts that currently handle Gpg fine, don't need to be modified
in order to download these new files, just ignore them.
* Http ClamAV proxies
There are a few people who use ClamAV with Http Proxies (HAPV, Squid
etc.) and thought I'd let you know what I've added a few signatures to help
detect Rogue Anti-Virus sites and block them... hopefully before users
even download an exe....it's not comprehensive yet... but it's a start.
* Spear phishing
I've recently added a whole load of new signatures to help stop these
spear phishing emails, most people won't notice as they are usually
targeted at Universities,
but again, I've added them as the more the merrier.
Finally, thanks to all the script writers and mirrors, as without them,
all this wouldn't be possible.
Cheers,
Steve
Sanesecurity
Other related posts:
- » [sanesecurity_announce] Updates - Steve Basford
