[***] Summary: [***]

4 new Open signatures, 9 new Pro (4+5). Tinba, Nuclear EK, Critroni, Cendelf.

Thanks: @kafeine and @malware_traffic

[+++] Added rules: [+++]

2019167 - ET CURRENT_EVENTS Nuclear EK Silverlight URI Struct (current_events.rules)
2019168 - ET TROJAN Tinba Checkin (trojan.rules)
2019169 - ET TROJAN Tinba Server Response (trojan.rules)
2019171 - ET TROJAN DoS.Linux/Elknot.E Checkin (trojan.rules)

Pro:

2808805 - ETPRO TROJAN Win32/Cendelf.gen!A checkin (trojan.rules)
2808806 - ETPRO MOBILE_MALWARE Android/FakeDefender.A Checkin (mobile_malware.rules)
2808807 - ETPRO TROJAN Win32/PSWTool.WebBrowserPassView.B checkin (trojan.rules)
2808808 - ETPRO TROJAN Win32/ChkBot.A Checkin (trojan.rules)
2808809 - ETPRO TROJAN Win32/Critroni Tor DNS Proxy lookup (trojan.rules)

[///] Modified active rules: [///]

2011797 - ET CURRENT_EVENTS Driveby Bredolab - client exploited by acrobat (current_events.rules)
2011906 - ET CURRENT_EVENTS exploit kit x/load/svchost.exe (current_events.rules)
2017667 - ET CURRENT_EVENTS Nuclear EK Payload URI Struct Nov 05 2013 (current_events.rules)
2808804 - ETPRO TROJAN Win32/Cendelf.gen!A www.163.com connectivity check (trojan.rules)

[---] Disabled and modified rules: [---]

2018594 - ET CURRENT_EVENTS Possible Upatre SSL Cert webhostingpad.com (current_events.rules)
Date: 
Thursday, September 11, 2014 - 22:00