MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-11-26 16:57:18 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

add: Nexus Zeta is no stranger when it comes to implementing SOAP

Browse source 
relatedrelated exploit ;-)
This commit is contained in:
Alexandre Dulaunoy 2018-01-25 15:41:47 +01:00
parent 5070314aae
commit 193b474ad2
Signed by: adulau
GPG key ID: 09E2CD4944E6CBCD
1 changed files with 5 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
clusters/threat-actor.json
View file

@ -2264,6 +2264,10 @@
},
"value": "Dark Caracal",
"description": "Lookout and Electronic Frontier Foundation (EFF) have discovered Dark Caracal, a persistent and prolific actor, who at the time of writing is believed to be administered out of a building belonging to the Lebanese General Security Directorate in Beirut. At present, we have knowledge of hundreds of gigabytes of exfiltrated data, in 21+ countries, across thousands of victims. Stolen data includes enterprise intellectual property and personally identifiable information."
},
{
"value": "Nexus Zeta",
"description": "Nexus Zeta is no stranger when it comes to implementing SOAP related exploits. The threat actor has already been observed in implementing two other known SOAP related exploits, CVE-20148361 and CVE-201717215 in his Satori botnet project. A third SOAP exploit, TR-069 bug has also been observed previously in IoT botnets. This makes EDB 38722 the fourth SOAP related exploit which is discovered in the wild by IoT botnets."
}
],
"name": "Threat actor",
@ -2278,5 +2282,5 @@
],
"description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign.",
"uuid": "7cdff317-a673-4474-84ec-4f1754947823",
"version": 31
"version": 33
}