mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-30 02:37:17 +00:00
Update threat-actor.json
adding UNC3524 to the actor galaxy cluster.
This commit is contained in:
parent
87c1e34ce8
commit
06c293072c
1 changed files with 12 additions and 1 deletions
|
@ -9183,7 +9183,18 @@
|
||||||
},
|
},
|
||||||
"uuid": "c67d3dfb-ab39-46e1-a971-5efdfe6a5b9f",
|
"uuid": "c67d3dfb-ab39-46e1-a971-5efdfe6a5b9f",
|
||||||
"value": "SaintBear"
|
"value": "SaintBear"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Mandiant observed this group operating since December 2019. Its techniques partially overlap with multiple Russian-based espionage actors (APT28 and APT29). They are described as having a high level of operational security, low malware footprint, adept evasive skills, and a large Internet of Things (IoT) device botnet at their disposal.",
|
||||||
|
"meta": {
|
||||||
|
"cfr-type-of-incident": "Espionage",
|
||||||
|
"refs": [
|
||||||
|
"https://www.mandiant.com/resources/unc3524-eye-spy-email"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "bee8b09c-07e5-4c12-94d6-266ebcb1ec24",
|
||||||
|
"value": "UNC3524"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 219
|
"version": 220
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue