We have seen a larger amount of 0day E-Mails incoming with customer running Fortimail and Fortigate PLUS ATD and TIE.
ATD does not capture current Winword OLE malware around. Fortigate informed us that they are working on it. No comment from Mcafee to date.
* Most malware analyse services
Do accept Malware with an Upload mechnism and a site.
With Mcafee for a Aplliance that Costs 80'000.- we can ONLY send the samples as ZIP files. Which by the way is very convient in today secure enviroments (95% block ZIP)
I am for sure not goind to use a corporate E-mail adddres to send in a sample. Ther eis no way we get that out of the building in an outbreak event.
We had that once with a large hospital unable to get a file to TIER X once we reached top support.
* Platinum Customer however seem to be abelt to upload
* Not even mcafee Partners can upload samples
* And no > we don't want to sent ATD Data to GTI we can use the cloud solution then
* And no > GETSUSP did not find it and thus it can't get uploaded.