[clamav-users] Malware/ransomware and Yara signatures with clamav
Alain Zidouemba
azidouemba at sourcefire.com
Sat May 13 17:24:54 UTC 2017
Yara rules have been supported by ClamAV since 2015:
http://blog.clamav.net/2015/06/clamav-099b-meets-yara.html
- Alain
On Sat, May 13, 2017 at 1:16 PM, Alex <mysqlstudent at gmail.com> wrote:
> Hi,
>
> So you've probably heard of the latest ransomware dubbed WannaCry. I'm
> wondering if anyone has figured out a way to integrate the yara
> signatures for these types of exploits with spamassassin?
>
> https://www.us-cert.gov/ncas/alerts/TA17-132A
>
> What is the status of development of integration of yara rules into clamav?
>
> I submitted two more password encrypted word macro viruses as
> false-positives to the clamav team several days ago, and they still
> aren't being marked properly. I need another way to more quickly
> identify vulnerabilities and exploits.
>
> Thanks,
> Alex
> _______________________________________________
> clamav-users mailing list
> clamav-users at lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
More information about the clamav-users
mailing list