MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-11-26 08:47:18 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

[threat-actors] Add SCARLETEEL

Browse source
This commit is contained in:
Mathieu4141 2023-11-08 06:14:54 -08:00
parent b59b270500
commit 23b95c50d5
1 changed files with 11 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
clusters/threat-actor.json
View file

@ -12823,6 +12823,17 @@
}, },
"uuid": "d52a06dd-3ee9-47cf-ad31-b55ca4cbc5cf", "uuid": "d52a06dd-3ee9-47cf-ad31-b55ca4cbc5cf",
"value": "SingularityMD" "value": "SingularityMD"
},
{
"description": "SCARLETEEL is a threat actor that primarily targets cloud environments, specifically AWS and Kubernetes. They have been observed stealing proprietary data and intellectual property, as well as conducting cryptomining operations. SCARLETEEL employs sophisticated tactics and tools to bypass security measures and gain unauthorized access to accounts, often exploiting vulnerabilities in containerized workloads and misconfigurations in AWS policies.",
"meta": {
"refs": [
"https://sysdig.com/blog/scarleteel-2-0/",
"https://sysdig.com/blog/cloud-breach-terraform-data-theft/"
]
},
"uuid": "e03a7ecb-b8a1-40c5-b5af-638ee6029374",
"value": "SCARLETEEL"
} }
], ],
"version": 293 "version": 293