update threat actor

This commit is contained in:
Deborah Servili 2019-06-04 16:32:39 +02:00
parent 468800ed59
commit 189c3066a5
No known key found for this signature in database
GPG key ID: 7E3A832850D4D7D1

View file

@ -45,7 +45,14 @@
"https://en.wikipedia.org/wiki/PLA_Unit_61398", "https://en.wikipedia.org/wiki/PLA_Unit_61398",
"http://intelreport.mandiant.com/Mandiant_APT1_Report.pdf", "http://intelreport.mandiant.com/Mandiant_APT1_Report.pdf",
"https://www.cfr.org/interactive/cyber-operations/pla-unit-61398", "https://www.cfr.org/interactive/cyber-operations/pla-unit-61398",
"https://www.fireeye.com/content/dam/fireeye-www/services/pdfs/mandiant-apt1-report.pdf" "https://www.fireeye.com/content/dam/fireeye-www/services/pdfs/mandiant-apt1-report.pdf",
"https://blog.trendmicro.com/trendlabs-security-intelligence/the-siesta-campaign-a-new-targeted-attack-awakens/",
"https://www.fireeye.com/blog/threat-research/2014/03/a-detailed-examination-of-the-siesta-campaign.html",
"https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/operation-oceansalt-delivers-wave-after-wave/",
"https://www.mcafee.com/enterprise/en-us/assets/reports/rp-operation-oceansalt.pdf",
"https://www.symantec.com/connect/blogs/apt1-qa-attacks-comment-crew",
"https://attack.mitre.org/groups/G0006/",
"https://www.nytimes.com/2014/05/20/us/us-to-charge-chinese-workers-with-cyberspying.html"
], ],
"synonyms": [ "synonyms": [
"Comment Panda", "Comment Panda",
@ -58,7 +65,9 @@
"TG-8223", "TG-8223",
"Comment Group", "Comment Group",
"Brown Fox", "Brown Fox",
"GIF89a" "GIF89a",
"ShadyRAT",
"Shanghai Group"
] ]
}, },
"related": [ "related": [
@ -4606,7 +4615,9 @@
"https://blog.domaintools.com/2017/03/hunt-case-study-hunting-campaign-indicators-on-privacy-protected-attack-infrastructure/", "https://blog.domaintools.com/2017/03/hunt-case-study-hunting-campaign-indicators-on-privacy-protected-attack-infrastructure/",
"http://www.clearskysec.com/copykitten-jpost/", "http://www.clearskysec.com/copykitten-jpost/",
"http://www.clearskysec.com/tulip/", "http://www.clearskysec.com/tulip/",
"https://www.cfr.org/interactive/cyber-operations/copykittens" "https://www.cfr.org/interactive/cyber-operations/copykittens",
"https://www.clearskysec.com/wp-content/uploads/2017/07/Operation_Wilted_Tulip.pdf",
"https://attack.mitre.org/groups/G0052/"
], ],
"synonyms": [ "synonyms": [
"Slayer Kitten" "Slayer Kitten"
@ -5243,7 +5254,8 @@
"attribution-confidence": "50", "attribution-confidence": "50",
"country": "LB", "country": "LB",
"refs": [ "refs": [
"https://info.lookout.com/rs/051-ESQ-475/images/Lookout_Dark-Caracal_srr_20180118_us_v.1.0.pdf" "https://info.lookout.com/rs/051-ESQ-475/images/Lookout_Dark-Caracal_srr_20180118_us_v.1.0.pdf",
"https://attack.mitre.org/groups/G0070/"
] ]
}, },
"uuid": "3d449c83-4426-431a-b06a-cb4f8a0fca94", "uuid": "3d449c83-4426-431a-b06a-cb4f8a0fca94",