tryto fix duplicate

This commit is contained in:
Deborah Servili 2019-06-13 11:26:42 +02:00
parent e4245ee991
commit 11c2f43c9f
No known key found for this signature in database
GPG key ID: 7E3A832850D4D7D1

View file

@ -2111,16 +2111,15 @@
"cfr-type-of-incident": "Espionage", "cfr-type-of-incident": "Espionage",
"country": "IR", "country": "IR",
"refs": [ "refs": [
"http://cdn2.hubspot.net/hubfs/270968/assets/Cleaver/Cylance_Operation_Cleaver_Report.pdf",
"https://www.secureworks.com/research/the-curious-case-of-mia-ash",
"http://www.secureworks.com/cyber-threat-intelligence/threats/suspected-iran-based-hacker-group-creates-network-of-fake-linkedin-profiles/",
"https://www.cfr.org/interactive/cyber-operations/operation-cleaver",
"https://www.cfr.org/interactive/cyber-operations/magic-hound", "https://www.cfr.org/interactive/cyber-operations/magic-hound",
"https://www.secureworks.com/research/the-curious-case-of-mia-ash",
"https://www.cfr.org/interactive/cyber-operations/operation-cleaver",
"http://cdn2.hubspot.net/hubfs/270968/assets/Cleaver/Cylance_Operation_Cleaver_Report.pdf",
"http://www.secureworks.com/cyber-threat-intelligence/threats/suspected-iran-based-hacker-group-creates-network-of-fake-linkedin-profiles/",
"https://www.cylance.com/content/dam/cylance/pages/operation-cleaver/Cylance_Operation_Cleaver_Report.pdf", "https://www.cylance.com/content/dam/cylance/pages/operation-cleaver/Cylance_Operation_Cleaver_Report.pdf",
"https://www.trendmicro.com/vinfo/us/security/news/cyber-attacks/operation-woolen-goldfish-when-kittens-go-phishing", "https://www.trendmicro.com/vinfo/us/security/news/cyber-attacks/operation-woolen-goldfish-when-kittens-go-phishing",
"https://unit42.paloaltonetworks.com/unit42-magic-hound-campaign-attacks-saudi-targets/", "https://unit42.paloaltonetworks.com/unit42-magic-hound-campaign-attacks-saudi-targets/",
"https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations", "https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations",
"https://www.secureworks.com/research/the-curious-case-of-mia-ash",
"https://blogs.microsoft.com/on-the-issues/2019/03/27/new-steps-to-protect-customers-from-hacking/", "https://blogs.microsoft.com/on-the-issues/2019/03/27/new-steps-to-protect-customers-from-hacking/",
"https://www.trendmicro.de/cloud-content/us/pdfs/security-intelligence/white-papers/wp-the-spy-kittens-are-back.pdf", "https://www.trendmicro.de/cloud-content/us/pdfs/security-intelligence/white-papers/wp-the-spy-kittens-are-back.pdf",
"https://blog.checkpoint.com/wp-content/uploads/2015/11/rocket-kitten-report.pdf", "https://blog.checkpoint.com/wp-content/uploads/2015/11/rocket-kitten-report.pdf",
@ -2134,7 +2133,6 @@
"2889", "2889",
"TG-2889", "TG-2889",
"Cobalt Gypsy", "Cobalt Gypsy",
"Ghambar",
"Rocket_Kitten", "Rocket_Kitten",
"Cutting Kitten", "Cutting Kitten",
"Group 41", "Group 41",
@ -2897,15 +2895,15 @@
"refs": [ "refs": [
"https://threatpost.com/operation-blockbuster-coalition-ties-destructive-attacks-to-lazarus-group/116422/", "https://threatpost.com/operation-blockbuster-coalition-ties-destructive-attacks-to-lazarus-group/116422/",
"https://www.us-cert.gov/ncas/alerts/TA17-164A", "https://www.us-cert.gov/ncas/alerts/TA17-164A",
"https://securelist.com/lazarus-under-the-hood/77908/",
"http://www.mcafee.com/us/resources/white-papers/wp-dissecting-operation-troy.pdf",
"https://www.us-cert.gov/HIDDEN-COBRA-North-Korean-Malicious-Cyber-Activity",
"https://www.us-cert.gov/ncas/alerts/TA17-318A", "https://www.us-cert.gov/ncas/alerts/TA17-318A",
"https://www.us-cert.gov/ncas/alerts/TA17-318B", "https://www.us-cert.gov/ncas/alerts/TA17-318B",
"https://securelist.com/operation-applejeus/87553/",
"https://securelist.com/lazarus-under-the-hood/77908/",
"https://www.us-cert.gov/HIDDEN-COBRA-North-Korean-Malicious-Cyber-Activity",
"http://www.mcafee.com/us/resources/white-papers/wp-dissecting-operation-troy.pdf",
"https://www.bleepingcomputer.com/news/security/north-korean-hackers-are-up-to-no-good-again/", "https://www.bleepingcomputer.com/news/security/north-korean-hackers-are-up-to-no-good-again/",
"https://www.cfr.org/interactive/cyber-operations/lazarus-group", "https://www.cfr.org/interactive/cyber-operations/lazarus-group",
"https://www.cfr.org/interactive/cyber-operations/operation-ghostsecret", "https://www.cfr.org/interactive/cyber-operations/operation-ghostsecret",
"https://securelist.com/operation-applejeus/87553/",
"https://www.cfr.org/interactive/cyber-operations/compromise-cryptocurrency-exchanges-south-korea", "https://www.cfr.org/interactive/cyber-operations/compromise-cryptocurrency-exchanges-south-korea",
"https://www.bleepingcomputer.com/news/security/lazarus-group-deploys-its-first-mac-malware-in-cryptocurrency-exchange-hack/", "https://www.bleepingcomputer.com/news/security/lazarus-group-deploys-its-first-mac-malware-in-cryptocurrency-exchange-hack/",
"https://content.fireeye.com/apt/rpt-apt38", "https://content.fireeye.com/apt/rpt-apt38",
@ -2920,17 +2918,15 @@
"https://www.welivesecurity.com/2018/04/03/lazarus-killdisk-central-american-casino/", "https://www.welivesecurity.com/2018/04/03/lazarus-killdisk-central-american-casino/",
"https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/hidden-cobra-targets-turkish-financial-sector-new-bankshot-implant/", "https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/hidden-cobra-targets-turkish-financial-sector-new-bankshot-implant/",
"https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/analyzing-operation-ghostsecret-attack-seeks-to-steal-data-worldwide/", "https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/analyzing-operation-ghostsecret-attack-seeks-to-steal-data-worldwide/",
"https://securelist.com/operation-applejeus/87553/", "https://www.us-cert.gov/ncas/analysis-reports/AR19-129A",
"https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/operation-sharpshooter-targets-global-defense-critical-infrastructure/", "https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/operation-sharpshooter-targets-global-defense-critical-infrastructure/",
"https://securelist.com/cryptocurrency-businesses-still-being-targeted-by-lazarus/90019/", "https://securelist.com/cryptocurrency-businesses-still-being-targeted-by-lazarus/90019/",
"https://www.theregister.co.uk/2019/04/10/lazarus_group_malware/", "https://www.theregister.co.uk/2019/04/10/lazarus_group_malware/",
"https://www.us-cert.gov/ncas/analysis-reports/AR19-129A",
"https://www.operationblockbuster.com/wp-content/uploads/2016/02/Operation-Blockbuster-Report.pdf", "https://www.operationblockbuster.com/wp-content/uploads/2016/02/Operation-Blockbuster-Report.pdf",
"https://www.justice.gov/opa/pr/north-korean-regime-backed-programmer-charged-conspiracy-conduct-multiple-cyber-attacks-and", "https://www.justice.gov/opa/pr/north-korean-regime-backed-programmer-charged-conspiracy-conduct-multiple-cyber-attacks-and",
"https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/a-look-into-the-lazarus-groups-operations", "https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/a-look-into-the-lazarus-groups-operations",
"https://www.kaspersky.com/about/press-releases/2017_chasing-lazarus-a-hunt-for-the-infamous-hackers-to-prevent-large-bank-robberies", "https://www.kaspersky.com/about/press-releases/2017_chasing-lazarus-a-hunt-for-the-infamous-hackers-to-prevent-large-bank-robberies",
"https://medium.com/threat-intel/lazarus-attacks-wannacry-5fdeddee476c", "https://medium.com/threat-intel/lazarus-attacks-wannacry-5fdeddee476c",
"https://content.fireeye.com/apt/rpt-apt38",
"https://attack.mitre.org/groups/G0032/", "https://attack.mitre.org/groups/G0032/",
"https://threatpost.com/lazarus-apt-spinoff-linked-to-banking-hacks/124746/", "https://threatpost.com/lazarus-apt-spinoff-linked-to-banking-hacks/124746/",
"https://www.symantec.com/connect/blogs/duuzer-back-door-trojan-targets-south-korea-take-over-computers", "https://www.symantec.com/connect/blogs/duuzer-back-door-trojan-targets-south-korea-take-over-computers",
@ -5545,7 +5541,6 @@
"https://www.fireeye.com/blog/threat-research/2019/03/apt40-examining-a-china-nexus-espionage-actor.html", "https://www.fireeye.com/blog/threat-research/2019/03/apt40-examining-a-china-nexus-espionage-actor.html",
"https://www.recordedfuture.com/chinese-threat-actor-tempperiscope/", "https://www.recordedfuture.com/chinese-threat-actor-tempperiscope/",
"https://www.fireeye.com/blog/threat-research/2018/07/chinese-espionage-group-targets-cambodia-ahead-of-elections.html", "https://www.fireeye.com/blog/threat-research/2018/07/chinese-espionage-group-targets-cambodia-ahead-of-elections.html",
"https://www.fireeye.com/blog/threat-research/2019/03/apt40-examining-a-china-nexus-espionage-actor.html",
"https://attack.mitre.org/groups/G0065/" "https://attack.mitre.org/groups/G0065/"
], ],
"synonyms": [ "synonyms": [