This commit is contained in:
Delta-Sierra 2023-06-19 08:35:48 +02:00
commit 20d3b3780a
4 changed files with 3354 additions and 2010 deletions

File diff suppressed because it is too large Load diff

View file

@ -11359,6 +11359,21 @@
], ],
"uuid": "1e318d85-79c7-4988-83b7-ff86a974786c", "uuid": "1e318d85-79c7-4988-83b7-ff86a974786c",
"value": "Hagga" "value": "Hagga"
},
{
"description": "[Microsoft] Volt Typhoon, a state-sponsored actor based in China that typically focuses on espionage and information gathering. Microsoft assesses with moderate confidence that this Volt Typhoon campaign is pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises.\n\n[Secureworks] BRONZE SILHOUETTE likely operates on behalf the PRC. The targeting of U.S. government and defense organizations for intelligence gain aligns with PRC requirements, and the tradecraft observed in these engagements overlap with other state-sponsored Chinese threat groups.",
"meta": {
"country": "CN",
"refs": [
"https://www.secureworks.com/blog/chinese-cyberespionage-group-bronze-silhouette-targets-us-government-and-defense-organizations",
"https://www.microsoft.com/en-us/security/blog/2023/05/24/volt-typhoon-targets-us-critical-infrastructure-with-living-off-the-land-techniques/"
],
"synonyms": [
"BRONZE SILHOUETTE"
]
},
"uuid": "f02679fa-5e85-4050-8eb5-c2677d93306f",
"value": "Volt Typhoon"
} }
], ],
"version": 274 "version": 274

View file

@ -1,9 +1,9 @@
{ {
"description": "Malware galaxy based on Malpedia archive.", "description": "Malware galaxy based on Malpedia archive.",
"icon": "shield", "icon": "shield-virus",
"name": "Malpedia", "name": "Malpedia",
"namespace": "misp", "namespace": "misp",
"type": "malpedia", "type": "malpedia",
"uuid": "1d1c9af9-37fa-4deb-a928-f9b0abc7354a", "uuid": "1d1c9af9-37fa-4deb-a928-f9b0abc7354a",
"version": 1 "version": 2
} }

View file

@ -1,9 +1,9 @@
{ {
"description": "Preventive measures based on the ransomware document overview as published in https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml# . The preventive measures are quite generic and can fit any standard Windows infrastructure and their security measures.", "description": "Preventive measures based on the ransomware document overview as published in https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml# . The preventive measures are quite generic and can fit any standard Windows infrastructure and their security measures.",
"icon": "shield", "icon": "shield-alt",
"name": "Preventive Measure", "name": "Preventive Measure",
"namespace": "misp", "namespace": "misp",
"type": "preventive-measure", "type": "preventive-measure",
"uuid": "8168995b-adcd-4684-9e37-206c5771505a", "uuid": "8168995b-adcd-4684-9e37-206c5771505a",
"version": 3 "version": 4
} }