mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 16:57:18 +00:00
chg: [threat-actor] UNC2452/DarkHalo added - ref. #614
This commit is contained in:
parent
184d57f0a2
commit
2b356a9eb0
1 changed files with 19 additions and 1 deletions
|
@ -8504,7 +8504,25 @@
|
||||||
},
|
},
|
||||||
"uuid": "c8b961fe-3698-41ac-aba1-002ee3c19531",
|
"uuid": "c8b961fe-3698-41ac-aba1-002ee3c19531",
|
||||||
"value": "Operation Skeleton Key"
|
"value": "Operation Skeleton Key"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Reporting regarding activity related to the SolarWinds supply chain injection has grown quickly since initial disclosure on 13 December 2020. A significant amount of press reporting has focused on the identification of the actor(s) involved, victim organizations, possible campaign timeline, and potential impact. The US Government and cyber community have also provided detailed information on how the campaign was likely conducted and some of the malware used. MITRE’s ATT&CK team — with the assistance of contributors — has been mapping techniques used by the actor group, referred to as UNC2452/Dark Halo by FireEye and Volexity respectively, as well as SUNBURST and TEARDROP malware.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://medium.com/mitre-attack/identifying-unc2452-related-techniques-9f7b6c7f3714",
|
||||||
|
"https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html",
|
||||||
|
"https://news.sophos.com/en-us/2020/12/21/how-sunburst-malware-does-defense-evasion/",
|
||||||
|
"https://www.microsoft.com/security/blog/2020/12/18/analyzing-solorigate-the-compromised-dll-file-that-started-a-sophisticated-cyberattack-and-how-microsoft-defender-helps-protect/",
|
||||||
|
"https://pastebin.com/6EDgCKxd",
|
||||||
|
"https://github.com/fireeye/sunburst_countermeasures"
|
||||||
|
],
|
||||||
|
"synonyms": [
|
||||||
|
"DarkHalo"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "2ee5ed7a-c4d0-40be-a837-20817474a15b",
|
||||||
|
"value": "UNC2452"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 195
|
"version": 196
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue