mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-29 18:27:19 +00:00
merge
This commit is contained in:
commit
20d3b3780a
4 changed files with 3354 additions and 2010 deletions
File diff suppressed because it is too large
Load diff
|
@ -11359,6 +11359,21 @@
|
||||||
],
|
],
|
||||||
"uuid": "1e318d85-79c7-4988-83b7-ff86a974786c",
|
"uuid": "1e318d85-79c7-4988-83b7-ff86a974786c",
|
||||||
"value": "Hagga"
|
"value": "Hagga"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "[Microsoft] Volt Typhoon, a state-sponsored actor based in China that typically focuses on espionage and information gathering. Microsoft assesses with moderate confidence that this Volt Typhoon campaign is pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises.\n\n[Secureworks] BRONZE SILHOUETTE likely operates on behalf the PRC. The targeting of U.S. government and defense organizations for intelligence gain aligns with PRC requirements, and the tradecraft observed in these engagements overlap with other state-sponsored Chinese threat groups.",
|
||||||
|
"meta": {
|
||||||
|
"country": "CN",
|
||||||
|
"refs": [
|
||||||
|
"https://www.secureworks.com/blog/chinese-cyberespionage-group-bronze-silhouette-targets-us-government-and-defense-organizations",
|
||||||
|
"https://www.microsoft.com/en-us/security/blog/2023/05/24/volt-typhoon-targets-us-critical-infrastructure-with-living-off-the-land-techniques/"
|
||||||
|
],
|
||||||
|
"synonyms": [
|
||||||
|
"BRONZE SILHOUETTE"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "f02679fa-5e85-4050-8eb5-c2677d93306f",
|
||||||
|
"value": "Volt Typhoon"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 274
|
"version": 274
|
||||||
|
|
|
@ -1,9 +1,9 @@
|
||||||
{
|
{
|
||||||
"description": "Malware galaxy based on Malpedia archive.",
|
"description": "Malware galaxy based on Malpedia archive.",
|
||||||
"icon": "shield",
|
"icon": "shield-virus",
|
||||||
"name": "Malpedia",
|
"name": "Malpedia",
|
||||||
"namespace": "misp",
|
"namespace": "misp",
|
||||||
"type": "malpedia",
|
"type": "malpedia",
|
||||||
"uuid": "1d1c9af9-37fa-4deb-a928-f9b0abc7354a",
|
"uuid": "1d1c9af9-37fa-4deb-a928-f9b0abc7354a",
|
||||||
"version": 1
|
"version": 2
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,9 +1,9 @@
|
||||||
{
|
{
|
||||||
"description": "Preventive measures based on the ransomware document overview as published in https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml# . The preventive measures are quite generic and can fit any standard Windows infrastructure and their security measures.",
|
"description": "Preventive measures based on the ransomware document overview as published in https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml# . The preventive measures are quite generic and can fit any standard Windows infrastructure and their security measures.",
|
||||||
"icon": "shield",
|
"icon": "shield-alt",
|
||||||
"name": "Preventive Measure",
|
"name": "Preventive Measure",
|
||||||
"namespace": "misp",
|
"namespace": "misp",
|
||||||
"type": "preventive-measure",
|
"type": "preventive-measure",
|
||||||
"uuid": "8168995b-adcd-4684-9e37-206c5771505a",
|
"uuid": "8168995b-adcd-4684-9e37-206c5771505a",
|
||||||
"version": 3
|
"version": 4
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue