June 23rd, 2009 Posted by - jesler
June 11th, 2009 Posted by - jesler
ClamAV’s own Tomasz Kojm will be giving two talks at the FISL 10 Conference, June 24th through 27th in Porto Alegre Brazil. Abstracts and times for Tomasz’ presentations are below. If you’re attending please stop by and say hi.
June 24 – 2:00pm
“ClamAV Basics, Common Usage, Tips & Tricks”
The presentation will provide a broad introduction to Clam AntiVirus, its main features and advantages. Tomasz will focus his remarks on the following aspects of ClamAV:
May 17th, 2009 Posted by - jesler
Alain Zidouemba will give a talk at DojoSec on the topic: What to do with the unknown.
Here are the meeting details:
Date: June 4, 2009 (Read more...)
January 29th, 2009 Posted by - jesler
Some of you may have heard of a current major outbreak of a virus known as Downadup that has been reported at http://news.bbc.co.uk/1/hi/technology/7842013.stm and http://news.bbc.co.uk/1/hi/technology/7832652.stm. It has been estimated that move than 9 million PCs are infected across the world.
ClamAV detects Downadup, also known as Conficker, as Worm.Downadup. Once on a system it downloads components that ClamAV detects as members of the Trojan.Downloader- family of signatures.
The virus primarily exploits MS08-067; it can also spread through USB sticks. Since the virus is not spread by email we don’t expect to see much activity in our core user-base, which tends to use ClamAV to scan emails. We are, nevertheless, keeping an eye out for it through freshclam’s statistics gathering system – we are yet to see any obvious spike of activity from it. If we hear anything we’ll let you know.
January 27th, 2009 Posted by - jesler
Today, 27th January 2009, ClamAV’s signature team investigated and identified Trojan.Agent-70954, the 500,000th entry in its database. Well done to all the team for working so hard to produce a quality database.
From time to time we are asked to keep the size of the database down by trimming old signatures; but, as the statistics-gathering program has shown, old viruses never die. SomeFool (a.k.a Netsky) is still alive and kicking 5 years after the ClamAV team spotted the first variants! Today two variants of that virus are in the top 10 most active malware amongst our users that send us statistics.