Friday, February 10, 2017

Yesterday, several articles came out through various publications regarding a piece of malware named "MacDownloader".  It appears to be specifically targeting the Defense Industry and several other research firms attribute the malware to Iranian attackers.

For more information we are publishing links to several blogs below:

https://blog.malwarebytes.com/threat-analysis/2017/02/macdownloader-malware-targeting-defense-industry/
http://www.csoonline.com/article/3167249/security/mac-malware-possibly-made-in-iran-targets-us-defense-industry.html

and finally the original blog:

https://iranthreats.github.io/resources/macdownloader-macos-malware/

Our ClamAV auto detection scripts have published detection for this already:

Osx.Downloader.MacDownloader-5781857-0

Please ensure you are scanning your machines regularly!

Thursday, December 15, 2016

Later today (December 15, 2016) we will be implementing a database change within the system that manages the naming of signatures.

I wanted to let you know as some of you may notice that the numbers at the end of the signature names may change slightly.  This won't have any affect on detection, and is an optimization on our backend for detection distribution.

If there are any questions regarding this, please feel free to reach out to us on the ClamAV-Users list.

Thanks!

Tuesday, November 22, 2016

ClamAV friend and community signature contributor Arnaud Jacques from SecuriteInfo.com wrote a quick article about how to whitelist a signature in ClamAV that may be giving you problems.

Please take a look at this article on his website, for some quick instruction on how to prevent a potential disaster in your environment.

Sunday, November 6, 2016

We'd like to congratulate our ClamAV Community Signature contest winner for October: Arnaud Jacques

Congratulations and thank you for your contributions!

For more information on how you can get involved in the monthly contest and try and win your ClamAV swag, please see my post on the blog. We'll soon be revamping our signature contest (prizes included) so please continue to check back with our blog site!


Once again, thank you, and congratulations to Arnaud!

Friday, October 7, 2016

We'd like to congratulate our ClamAV Community Signature contest winner for the months of August and September: Askar Dyussekeyev

Congratulations and thank you for your contributions!

For more information on how you can get involved in the monthly contest and try and win your ClamAV swag, please see my post on the blog. We'll soon be revamping our signature contest (prizes included) so please continue to check back with our blog site!


Once again, thank you, and congratulations to Askar!

Wednesday, August 10, 2016

With the upcoming release of ClamAV 0.99.3 comes an important change for Windows users interested in compiling ClamAV from source. Version 0.99.3 marks the switch from Visual Studio 2013 (and earlier) to Visual Studio 2015. Among other things, the benefits of this switch include improved C99 compatibility and much less restrictive licensing for individuals, educators, OSS contributors, and small teams.


Please be aware, this update will break compatibility when compiling ClamAV on older versions of Visual Studio. Additionally, building the Installation Setup Projects requires a Microsoft-provided plugin which provides the necessary compilation support.

Finally, we’d like to give a shout out to Keith Jones for the initial pull request.

Wednesday, August 3, 2016

We'd like to congratulate our July winner of the monthly ClamAV Community Signature contest: Askar Dyussekeyev

Congratulations and thank you for your contributions!

For more information on how you can get involved in the monthly contest and try and win your ClamAV swag, please see my post on the blog.

Once again, thank you, and congratulations to Askar!