mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 08:47:18 +00:00
Merge pull request #945 from danielplohmann/patch-38
adding aliases from UA's H1'2023 report
This commit is contained in:
commit
3f3b7984a8
1 changed files with 26 additions and 9 deletions
|
@ -2499,7 +2499,8 @@
|
|||
"https://www.secureworks.com/research/threat-profiles/iron-hemlock",
|
||||
"https://attack.mitre.org/groups/G0016",
|
||||
"https://unit42.paloaltonetworks.com/atoms/cloaked-ursa/",
|
||||
"https://go.recordedfuture.com/hubfs/reports/cta-2023-0127.pdf"
|
||||
"https://go.recordedfuture.com/hubfs/reports/cta-2023-0127.pdf",
|
||||
"https://cip.gov.ua/services/cm/api/attachment/download?id=60068"
|
||||
],
|
||||
"synonyms": [
|
||||
"Group 100",
|
||||
|
@ -2516,7 +2517,8 @@
|
|||
"TA421",
|
||||
"Blue Kitsune",
|
||||
"ITG11",
|
||||
"BlueBravo"
|
||||
"BlueBravo",
|
||||
"UAC-0029"
|
||||
],
|
||||
"targeted-sector": [
|
||||
"Think Tanks",
|
||||
|
@ -2625,7 +2627,8 @@
|
|||
"https://www.welivesecurity.com/2020/12/02/turla-crutch-keeping-back-door-open/",
|
||||
"https://blog.google/threat-analysis-group/continued-cyber-activity-in-eastern-europe-observed-by-tag",
|
||||
"https://blog.google/threat-analysis-group/fog-of-war-how-the-ukraine-conflict-transformed-the-cyber-threat-landscape/",
|
||||
"https://services.google.com/fh/files/blogs/google_fog_of_war_research_report.pdf"
|
||||
"https://services.google.com/fh/files/blogs/google_fog_of_war_research_report.pdf",
|
||||
"https://cip.gov.ua/services/cm/api/attachment/download?id=60068"
|
||||
],
|
||||
"synonyms": [
|
||||
"Snake",
|
||||
|
@ -2649,7 +2652,10 @@
|
|||
"Blue Python",
|
||||
"SUMMIT",
|
||||
"UNC4210",
|
||||
"Secret Blizzard"
|
||||
"Secret Blizzard",
|
||||
"UAC-0144",
|
||||
"UAC-0024",
|
||||
"UAC-0003"
|
||||
],
|
||||
"targeted-sector": [
|
||||
"Government, Administration",
|
||||
|
@ -2814,7 +2820,8 @@
|
|||
"https://www.welivesecurity.com/2017/10/24/bad-rabbit-not-petya-back",
|
||||
"https://blog.google/threat-analysis-group/fog-of-war-how-the-ukraine-conflict-transformed-the-cyber-threat-landscape/",
|
||||
"https://www.recordedfuture.com/russia-nexus-uac-0113-emulating-telecommunication-providers-in-ukraine",
|
||||
"https://cert.gov.ua/article/405538"
|
||||
"https://cert.gov.ua/article/405538",
|
||||
"https://cip.gov.ua/services/cm/api/attachment/download?id=60068"
|
||||
],
|
||||
"synonyms": [
|
||||
"Quedagh",
|
||||
|
@ -2828,7 +2835,8 @@
|
|||
"Blue Echidna",
|
||||
"FROZENBARENTS",
|
||||
"UAC-0113",
|
||||
"Seashell Blizzard"
|
||||
"Seashell Blizzard",
|
||||
"UAC-0082"
|
||||
],
|
||||
"targeted-sector": [
|
||||
"Electric",
|
||||
|
@ -13402,7 +13410,12 @@
|
|||
"country": "RU",
|
||||
"refs": [
|
||||
"https://www.mandiant.com/resources/blog/gru-rise-telegram-minions",
|
||||
"https://www.mandiant.com/resources/blog/gru-disruptive-playbook"
|
||||
"https://www.mandiant.com/resources/blog/gru-disruptive-playbook",
|
||||
"https://cip.gov.ua/services/cm/api/attachment/download?id=60068"
|
||||
],
|
||||
"synonyms": [
|
||||
"UAC-0100",
|
||||
"UAC-0106"
|
||||
]
|
||||
},
|
||||
"uuid": "566752f5-a294-4430-b47e-8e705f9887ea",
|
||||
|
@ -13417,7 +13430,11 @@
|
|||
"https://www.cyfirma.com/?post_type=out-of-band&p=17397",
|
||||
"https://www.reversinglabs.com/blog/the-week-in-security-possible-colonial-pipeline-2.0-ransomware-hurts-small-american-eateries",
|
||||
"https://channellife.com.au/story/the-increasing-presence-of-pro-russia-hacktivists",
|
||||
"https://socradar.io/dark-web-profile-killnet-russian-hacktivist-group/"
|
||||
"https://socradar.io/dark-web-profile-killnet-russian-hacktivist-group/",
|
||||
"https://cip.gov.ua/services/cm/api/attachment/download?id=60068"
|
||||
],
|
||||
"synonyms": [
|
||||
"UAC-0109"
|
||||
]
|
||||
},
|
||||
"uuid": "3689f0e2-6c39-4864-ae0b-cc03e4cb695a",
|
||||
|
@ -15325,5 +15342,5 @@
|
|||
"value": "R00tK1T"
|
||||
}
|
||||
],
|
||||
"version": 303
|
||||
"version": 304
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue