We'd love to hear about it! Click here to go to the product suggestion community
In case you missed it on the announcement page we posted a new Live Query script to detect Glupteba malware:
We will continue to quickly create Live Query scripts whenever we see new threat intel to ensure that you have a way to respond to potential threats. We encourage members of the Community to do the same as well.
In reply to Seth Geftic:
If you are having memory usage problems when querying we suggest you change line 50 (https://gist.github.com/andrewmundellsophos/ed42d0d6d3dc4c9e8dae0b4de301ad38#file-gulpteba-sql-L50) ... change ‘-1 days’ to something like ‘-12 hours’ and try again.
From one of our Community members:
Thanks for the tip. To work in my environment I had to reduce it further to 5 hours. This still didnt work until I also reduced the 90 days on the DNS & SHA check to 50 days as well. A very useful query, thanks for posting it.