mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 16:57:18 +00:00
add TA558
This commit is contained in:
parent
cf4e5c8cf0
commit
3f036db1e3
1 changed files with 11 additions and 1 deletions
|
@ -9872,7 +9872,17 @@
|
||||||
},
|
},
|
||||||
"uuid": "d58030e2-5673-4836-9aff-ab6d55da0bc0",
|
"uuid": "d58030e2-5673-4836-9aff-ab6d55da0bc0",
|
||||||
"value": "SLIME29"
|
"value": "SLIME29"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Since 2018, security researchers tracked a financially-motivated cybercrime actor, TA558, targeting hospitality, travel, and related industries located in Latin America and sometimes North America, and western Europe. The actor sends malicious emails written in Portuguese, Spanish, and sometimes English. The emails use reservation-themed lures with business-relevant themes such as hotel room bookings. The emails may contain malicious attachments or URLs aiming to distribute one of at least 15 different malware payloads.",
|
||||||
|
"meta": {
|
||||||
|
"sources": [
|
||||||
|
"https://www.proofpoint.com/us/blog/threat-insight/reservations-requested-ta558-targets-hospitality-and-travel"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "e1e70539-8916-45c2-9b01-891c1c5bd8a1",
|
||||||
|
"value": "TA558"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 240
|
"version": 241
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue