Merge branch 'rectifyq-main'

This commit is contained in:
Alexandre Dulaunoy 2024-11-24 19:23:40 +01:00
commit 0a5062d401
Signed by: adulau
GPG key ID: 09E2CD4944E6CBCD
2 changed files with 668 additions and 42 deletions

View file

@ -8517,20 +8517,6 @@
"uuid": "c7b1cc91-7464-436e-ac40-3b06c98400a5",
"value": "xdr33"
},
{
"description": "",
"meta": {
"refs": [
"https://malpedia.caad.fkie.fraunhofer.de/details/elf.xmrig",
"https://www.aquasec.com/blog/container-security-tnt-container-attack/",
"https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/"
],
"synonyms": [],
"type": []
},
"uuid": "4e67dedd-ee72-4fe4-aaba-c4dea26ea9ef",
"value": "XMRIG"
},
{
"description": "Linux DDoS C&C Malware",
"meta": {
@ -10297,19 +10283,6 @@
"uuid": "5d7b9bcf-a0b6-47eb-8350-a80fac356567",
"value": "BANSHEE"
},
{
"description": "",
"meta": {
"refs": [
"https://malpedia.caad.fkie.fraunhofer.de/details/osx.beavertail",
"https://unit42.paloaltonetworks.com/north-korean-threat-actors-lure-tech-job-seekers-as-fake-recruiters/"
],
"synonyms": [],
"type": []
},
"uuid": "61ec34d7-6c40-4900-9a79-f16b2eec213e",
"value": "beavertail"
},
{
"description": "",
"meta": {
@ -17697,19 +17670,6 @@
"uuid": "d2fd10ba-5904-4679-8758-509b72b1aa2c",
"value": "BEATDROP"
},
{
"description": "",
"meta": {
"refs": [
"https://malpedia.caad.fkie.fraunhofer.de/details/win.beavertail",
"https://unit42.paloaltonetworks.com/north-korean-threat-actors-lure-tech-job-seekers-as-fake-recruiters/"
],
"synonyms": [],
"type": []
},
"uuid": "c0033411-7d53-47bd-ab0f-d98263b980f4",
"value": "Beavertail"
},
{
"description": "Bedep has been mostly observed in ad-fraud campaigns, although it can also generally load modules for different tasks. It was dropped by the Angler Exploit Kit.",
"meta": {
@ -60668,5 +60628,5 @@
"value": "Zyklon"
}
],
"version": 21774
"version": 21776
}

View file

@ -924,7 +924,673 @@
},
"uuid": "9bfc59a7-ab20-4ef0-8034-871956d4a9cc",
"value": "Huntress"
},
{
"description": "A brand of enterprise security software purchased by Broadcom Inc. in August 2019",
"meta": {
"company-type": [
"Cyber Security Vendor"
],
"country": "US",
"official-refs": [
"https://www.broadcom.com/products/cybersecurity"
],
"product-type": [
"Endpoint Protection Platform"
],
"products": [
"Symantec Enterprise Cloud"
],
"refs": [
"https://en.wikipedia.org/wiki/Symantec",
"https://symantec-enterprise-blogs.security.com/threat-intelligence"
]
},
"uuid": "e583434b-7fb8-42c8-90ce-89aa8ed35f0c",
"value": "Symantec"
},
{
"description": "Microsoft Corporation is an American multinational corporation and technology company headquartered in Redmond, Washington.",
"meta": {
"company-type": [
"Information Technology"
],
"country": "US",
"official-refs": [
"https://www.microsoft.com/"
],
"product-type": [
"Software",
"Cybersecurity",
"Services",
"Cloud"
],
"products": [
"Microsoft 365",
"Azure",
"Microsoft Defender"
],
"refs": [
"https://www.microsoft.com/",
"https://en.wikipedia.org/wiki/Microsoft",
"https://www.microsoft.com/en-us/security/blog/topic/threat-intelligence/"
]
},
"uuid": "d0c33595-b684-45ef-91c3-e2f5ce1a8191",
"value": "Microsoft"
},
{
"description": "Part of the SANS Technology Institute, the Internet Storm Center (ISC) stands as a beacon of vigilance and resilience in the ever-evolving landscape of cybersecurity.",
"meta": {
"official-refs": [
"https://isc.sans.edu/about.html"
],
"product-type": [
"Honeypot",
"Blogs"
],
"products": [
"DShield Honeypot",
"Diaries"
],
"refs": [
"https://isc.sans.edu/about.html",
"https://isc.sans.edu/diary/"
]
},
"uuid": "487d8f34-37fa-42de-8afe-45fb771d2e77",
"value": "SANS Internet Storm Center (ISC)"
},
{
"description": "CloudSEK is a contextual AI company that predicts Cyber Threats. Combining the power of Cyber,Brand & Attack Surface monitoring to give context to Digital Risk.",
"meta": {
"company-type": [
"Cyber Security Vendor"
],
"country": "IN",
"official-refs": [
"https://www.cloudsek.com/"
],
"product-type": [
"Digital Risk Protection",
"Exposure Management",
"Threat Intelligence"
],
"products": [
"XVigil",
"BeVigil Enterprise",
"SVigil",
"BeVigil Community",
"Exposure"
],
"refs": [
"https://www.cloudsek.com/",
"https://www.cloudsek.com/blog"
]
},
"uuid": "641ee81f-4899-412c-b54a-9152c1bed6ac",
"value": "CloudSEK"
},
{
"description": "Netskope, a global SASE leader, helps organizations apply zero trust principles and AI/ML innovations to protect data and defend against cyber threats.",
"meta": {
"company-type": [
"Cyber Security Vendor"
],
"country": "US",
"official-refs": [
"https://www.netskope.com/"
],
"product-type": [
"Secure Access Service Edge (SASE)"
],
"products": [
"Security Service Edge (SSE)",
"Next Gen Secure Web Gateway (SWG)",
"Cloud Access Security Broker (CASB)",
"ZTNA Next",
"SkopeAI"
],
"refs": [
"https://www.netskope.com/blog/category/netskope-threat-labs",
"https://www.linkedin.com/company/netskope/"
]
},
"uuid": "f760cfbc-c124-4348-8e68-28cef2fbc4a5",
"value": "Netskope"
},
{
"description": "Real Intrusions by Real Attackers, The Truth Behind the Intrusion",
"meta": {
"company-type": [
"Cyber Security Vendor"
],
"official-refs": [
"https://thedfirreport.com/"
],
"product-type": [
"Threat Intelligence",
"Mentoring & Coaching Program"
],
"products": [
"Threat Intelligence"
],
"refs": [
"https://thedfirreport.com/"
],
"synonyms": [
"thedfirreport",
"The DFIR Report"
]
},
"uuid": "d0ccd0d7-c30b-4e02-ac31-980cfecef085",
"value": "The DFIR Report"
},
{
"description": "American cybersecurity technology company founded in 2012.",
"meta": {
"company-type": [
"Cyber Security Vendor"
],
"country": "US",
"official-refs": [
"https://www.cybereason.com/"
],
"product-type": [
"Anti Virus",
"EDR",
"Managed Services",
"Professional Services"
],
"products": [
"Cybereason Enterprise",
"Cybereason Enterprise Advanced",
"Cybereason Enterprise Complete",
"The MALOP",
"SIEM Detection and Response"
],
"refs": [
"https://www.cybereason.com/blog"
]
},
"uuid": "9ceb85a0-8218-43a2-8067-02cd1136e826",
"value": "Cybereason"
},
{
"description": "Silent Push was founded to transform the way organizations across the world track, monitor and counteract global threat activity.",
"meta": {
"company-type": [
"Cyber Security Vendor"
],
"official-refs": [
"https://www.silentpush.com/"
],
"product-type": [
"Threat Hunting",
"Brand Protection"
],
"products": [
"Threat Hunting",
"Brand Protection"
],
"refs": [
"https://www.silentpush.com/blog/"
]
},
"uuid": "af60a8d8-3bee-47cc-9d6e-3d57bfc8153e",
"value": "Silent Push"
},
{
"description": "Any.run provides a sandbox environment where users can monitor, analyze, and detect cybersecurity threats.",
"meta": {
"company-type": [
"Cyber Security Vendor"
],
"official-refs": [
"https://any.run/"
],
"product-type": [
"Malware Analysis Platform"
],
"products": [
"Sandbox",
"Threat Intelligence"
],
"refs": [
"https://any.run/cybersecurity-blog/"
],
"synonyms": [
"ANYRUN FZCO",
"Any Run"
]
},
"uuid": "a3cce817-44df-4f61-bcfe-a2b52a86afd7",
"value": "ANY.RUN"
},
{
"description": "Aqua Security is the pioneer in securing containerized cloud native applications from development to production. Aqua's full lifecycle solution prevents attacks by enforcing pre-deployment hygiene and mitigates attacks in real time in production, reducing mean time to repair and overall business risk",
"meta": {
"company-type": [
"Cyber Security Vendor"
],
"official-refs": [
"https://www.aquasec.com/"
],
"product-type": [
"CNAPP",
"Code Security",
"Runtime Security",
"Posture Management"
],
"products": [
"Aqua CNAPP"
],
"refs": [
"https://www.aquasec.com/blog/"
]
},
"uuid": "f077b758-84b5-45c6-95c6-9f05de4de993",
"value": "Aquasec"
},
{
"description": "Qualys, Inc. is an American technology firm based in Foster City, California, specializing in cloud security, compliance and related services.",
"meta": {
"company-type": [
"Cyber Security Vendor"
],
"country": "US",
"official-refs": [
"https://www.qualys.com/"
],
"product-type": [
"Attack Surface Management",
"Vulnerability Management",
"Compliance",
"Threat Detection & Response"
],
"products": [
"CSAM",
"EASM",
"Enterprise TruRisk Management",
"TotalAI",
"VMDR",
"WAS",
"TruRisk Eliminate"
],
"refs": [
"https://blog.qualys.com/"
]
},
"uuid": "679214bc-88d3-4c1d-a6bd-41f98ee97be3",
"value": "Qualys"
},
{
"description": "Zimperium, Inc. is a privately owned mobile security company based in the United States and headquartered in Dallas, Texas.",
"meta": {
"company-type": [
"Cyber Security Vendor"
],
"country": "US",
"official-refs": [
"https://www.zimperium.com/"
],
"product-type": [
"Mobile Endpoint Security",
"Threat Intelligence",
"Mobile Application Security"
],
"products": [
"Zimperium MTD",
"Mobile App Protection Suite (MAPS)",
"Advanced Threat Insights"
],
"refs": [
"https://www.zimperium.com/blog/"
]
},
"uuid": "a9691984-44bf-46e9-98bb-dd9e94afc7e2",
"value": "Zimperium"
},
{
"description": "Intezer's Genetic Malware Analysis technology enables security teams to automate memory and file analysis",
"meta": {
"company-type": [
"Cyber Security Vendor"
],
"country": "IL",
"official-refs": [
"https://intezer.com/"
],
"product-type": [
"Malware Analysis Platform",
"Integration"
],
"refs": [
"https://intezer.com/blog/"
]
},
"uuid": "ac46bac7-e7b5-4efe-8f32-b79e9015ab86",
"value": "Intezer"
},
{
"description": "Forcepoint is an American multinational corporation software company headquartered in Austin, Texas, that develops computer security software and data protection, cloud access security broker, firewall and cross-domain solutions.",
"meta": {
"company-type": [
"Cyber Security Vendor"
],
"country": "US",
"official-refs": [
"https://en.wikipedia.org/wiki/Forcepoint"
],
"product-type": [
"Security Service Edge (SSE)",
"DLP"
],
"products": [
"Forcepoint ONE",
"DPSM"
],
"refs": [
"https://www.forcepoint.com/blog/x-labs"
]
},
"uuid": "2aeec940-ae33-430f-837d-167a5a63e448",
"value": "Forcepoint"
},
{
"description": "Elastic NV is an American-Dutch software company that provides self-managed and software as a service (SaaS) offerings for search, logging, security, observability, and analytics use cases.",
"meta": {
"company-type": [
"Cyber Security Vendor"
],
"country": "US",
"official-refs": [
"https://www.elastic.co/"
],
"product-type": [
"SIEM",
"Observability",
"Generative AI"
],
"products": [
"Elasticsearch",
"Logstash",
"Kibana",
"Search AI Lake"
],
"refs": [
"https://www.elastic.co/security-labs"
],
"synonyms": [
"Elasticsearch",
"elasticseclabs"
]
},
"uuid": "58d7efca-402a-4b36-9178-dc14e52f12e5",
"value": "Elastic"
},
{
"description": "Infoblox, is a privately held IT automation and security company based in California's Silicon Valley.",
"meta": {
"company-type": [
"Computer networking and Cyber Security Vendor"
],
"country": "US",
"official-refs": [
"https://www.infoblox.com/"
],
"product-type": [
"Networking",
"Security"
],
"products": [
"Universal DDI",
"Infoblox Threat Defense",
"DNS Security"
],
"refs": [
"https://blogs.infoblox.com/threat-intelligence/"
]
},
"uuid": "4ace5901-f3d2-434e-bb4f-6892d9c3f765",
"value": "Infoblox"
},
{
"description": "Akamai Technologies, Inc. is an American delivery company that provides content delivery network(CDN), cybersecurity, DDoS mitigation, and cloud services.",
"meta": {
"company-type": [
"IT Company (CDN, Cybersecurity)"
],
"country": "US",
"official-refs": [
"https://www.akamai.com/"
],
"product-type": [
"Content Delivery Network",
"Security",
"Cloud Computing"
],
"products": [
"Ion",
"API Acceleration",
"Akamai Guardicore Platform"
],
"refs": [
"https://www.akamai.com/blog/security/"
]
},
"uuid": "be3d8ada-45a2-43e7-83f3-2b49d6921826",
"value": "Akamai"
},
{
"description": "Sucuri is a content distribution network service (CDN) provider that helps websites to load faster while increasing their resilience to intrusions from malware, DDoS attacks, and hacker activity. Users can easily monitor the performance and safety of their websites using the Sucuri WordPress plugin and the company offers multiple caching options to suit numerous different types of websites.",
"meta": {
"official-refs": [
"https://sucuri.net/"
],
"product-type": [
"CDN",
"WAF"
],
"refs": [
"https://blog.sucuri.net/"
]
},
"uuid": "59774d9f-8578-48d5-9c7a-2fc79b7217e4",
"value": "Sucuri"
},
{
"description": "Volexity is a Washington, D.C.-based cyber security firm with a global reach.",
"meta": {
"company-type": [
"Cyber Security Vendor"
],
"country": "US",
"official-refs": [
"https://www.volexity.com/"
],
"product-type": [
"Memory analysis solution",
"Memory acquisition solution",
"Incident Response",
"Threat Intelligence"
],
"products": [
"Volcano",
"Surge"
],
"refs": [
"https://www.volexity.com/blog/"
]
},
"uuid": "c2f76813-f24c-450e-abfd-0db4495ab68e",
"value": "Volexity"
},
{
"description": "Rapid7 Inc (Rapid7) offers data security and analytics solutions. It offers products such as insightVM, nexpose, metasploit, appspider, insightAppSec, insightIDR and insightOps. The company offers services including advisory services, penetration testing services, IoT security testing services, vulnerability management services, incident detection, and response services. Rapid7 also provides various solutions including vulnerability management, penetration testing solutions, web application security testing, IT operations, user behavior analytics (UBA), Siem, consulting services, and managed security services.",
"meta": {
"company-type": [
"Cyber Security Vendor"
],
"country": "US",
"official-refs": [
"https://www.rapid7.com/"
],
"product-type": [
"Vulnerability Management",
"SIEM",
"Threat Intelligence",
"Application Security Testing",
"Attack Surface Management",
"Exposure Management"
],
"products": [
"InsightVM",
"InsightIDR",
"Threat Command",
"InsightAppSec",
"Surface Command",
"Exposure Command",
"InsightCloudSec"
],
"refs": [
"https://www.rapid7.com/blog/"
]
},
"uuid": "adc57f66-9910-4500-a16b-311cd4f08409",
"value": "Rapid7"
},
{
"description": "Outpost24 empowers organizations to achieve cyber resilience with a complete range of continuous threat exposure management (CTEM) solutions.",
"meta": {
"company-type": [
"Cyber Security Vendor"
],
"country": "SE",
"official-refs": [
"https://outpost24.com/"
],
"product-type": [
"Exposure Management",
"Attack Surface Management",
"Web Application Security Testing",
"Threat Intelligence",
"Vulnerability Management",
"AD Security"
],
"products": [
"Exposure Management",
"Sweepatic",
"SWAT",
"Threat Compass",
"Outscan NX",
"Specops Software"
],
"refs": [
"https://outpost24.com/blog/category/research-and-threat-intel/"
]
},
"uuid": "7c5ef04a-8077-4f62-aa35-b03e67f1816d",
"value": "Outpost24"
},
{
"description": "IT security blog focusing on malware forensics, dynamic and static analysis, as well as automated malware analysis techniques.",
"meta": {
"country": "DE",
"product-type": [
"Sandbox"
],
"products": [
"Falcon Sandbox"
],
"refs": [
"https://hybrid-analysis.blogspot.com/"
],
"synonyms": [
"hybrid-analysis",
"HYBRID ANALYSIS GMBH"
]
},
"uuid": "aefbf8b0-b66f-4ddc-9803-60ac3f69b276",
"value": "Hybrid Analysis"
},
{
"description": "Morphisec provides a proactive security solution for workstations, virtual desktops, and server workloads to prevent cyberattacks.",
"meta": {
"company-type": [
"Cyber Security Vendor"
],
"country": "IL",
"official-refs": [
"https://www.morphisec.com/"
],
"product-type": [
"Exposure Management",
"EDR",
"Incident Response"
],
"products": "Morphisec Anti-Ransomware Assurance Suite",
"refs": [
"https://blog.morphisec.com/"
]
},
"uuid": "7730e25a-1626-4858-bd1f-1f19fbd89b4a",
"value": "Morphisec"
},
{
"description": "HarfangLab, as part of its business as a supplier EDR (Endpoint Detection and Response)",
"meta": {
"company-type": [
"Cyber Security Vendor"
],
"country": "FR",
"official-refs": [
"https://harfanglab.io/"
],
"product-type": [
"EDR",
"EPP"
],
"products": [
"HarfangLab EDR",
"HarfangLab EPP"
],
"refs": [
"https://harfanglab.io/insidethelab/"
]
},
"uuid": "68ece781-df17-40f2-ad47-24383df71d73",
"value": "HarfangLab"
},
{
"description": "Hunt.io is a service that provides threat intelligence data about observed network scanning and cyberattacks. This data is collected by a worldwide distributed network of sensors. All interactions with sensors are registered, analyzed, and used to create network host profiles.",
"meta": {
"company-type": [
"Cyber Security Vendor"
],
"country": "US",
"official-refs": [
"https://hunt.io/"
],
"product-type": [
"Threat Intelligence",
"Threat Intelligence Feeds"
],
"products": [
"Web Interface",
"Feeds",
"Enrichment API"
],
"refs": [
"https://hunt.io/blog"
],
"synonyms": [
"Hunt Intelligence"
]
},
"uuid": "960a2fb8-96c5-4675-b8bc-d8bdad3c73be",
"value": "Hunt.io"
}
],
"version": 15
"version": 16
}