mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-30 02:37:17 +00:00
Merge pull request #959 from r0ny123/cn
Updated threat actor references
This commit is contained in:
commit
40cadf2865
1 changed files with 45 additions and 9 deletions
|
@ -5631,7 +5631,8 @@
|
|||
"PLA Navy",
|
||||
"MAVERICK PANDA",
|
||||
"BRONZE EDISON",
|
||||
"Sykipot"
|
||||
"SODIUM",
|
||||
"Salmon Typhoon"
|
||||
]
|
||||
},
|
||||
"uuid": "8e28dbee-4e9e-4491-9a6c-ee9c9ec4b28b",
|
||||
|
@ -7069,7 +7070,10 @@
|
|||
"https://www.proofpoint.com/us/blog/threat-insight/ta416-goes-ground-and-returns-golang-plugx-malware-loader",
|
||||
"https://www.proofpoint.com/us/blog/threat-insight/good-bad-and-web-bug-ta416-increases-operational-tempo-against-european",
|
||||
"https://unit42.paloaltonetworks.com/stately-taurus-targets-philippines-government-cyberespionage/",
|
||||
"https://www.bsi.bund.de/DE/Themen/Unternehmen-und-Organisationen/Cyber-Sicherheitslage/Analysen-und-Prognosen/Threat-Intelligence/Aktive_APT-Gruppen/aktive-apt-gruppen_node.html"
|
||||
"https://www.bsi.bund.de/DE/Themen/Unternehmen-und-Organisationen/Cyber-Sicherheitslage/Analysen-und-Prognosen/Threat-Intelligence/Aktive_APT-Gruppen/aktive-apt-gruppen_node.html",
|
||||
"https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RW1aFyW",
|
||||
"https://jsac.jpcert.or.jp/archive/2023/pdf/JSAC2023_2_LT4.pdf",
|
||||
"https://thecyberwire.com/podcasts/microsoft-threat-intelligence/4/notes"
|
||||
],
|
||||
"synonyms": [
|
||||
"BRONZE PRESIDENT",
|
||||
|
@ -7080,7 +7084,10 @@
|
|||
"Earth Preta",
|
||||
"TA416",
|
||||
"Stately Taurus",
|
||||
"LuminousMoth"
|
||||
"LuminousMoth",
|
||||
"Polaris",
|
||||
"TANTALUM",
|
||||
"Twill Typhoon"
|
||||
]
|
||||
},
|
||||
"uuid": "78bf726c-a9e6-11e8-9e43-77249a2f7339",
|
||||
|
@ -8103,7 +8110,23 @@
|
|||
"https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/cyber-year-in-retrospect/yir-cyber-threats-report-download.pdf",
|
||||
"https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWMFIi",
|
||||
"https://www.pwc.co.uk/cyber-security/pdf/pwc-cyber-threats-2020-a-year-in-retrospect.pdf",
|
||||
"https://www.proofpoint.com/us/blog/threat-insight/above-fold-and-your-inbox-tracing-state-aligned-activity-targeting-journalists"
|
||||
"https://www.proofpoint.com/us/blog/threat-insight/above-fold-and-your-inbox-tracing-state-aligned-activity-targeting-journalists",
|
||||
"https://www.fortinet.com/blog/psirt-blogs/importance-of-patching-an-analysis-of-the-exploitation-of-n-day-vulnerabilities",
|
||||
"https://intrusiontruth.wordpress.com/2023/05/11/article-1-whats-cracking-at-the-kerui-cracking-academy",
|
||||
"https://intrusiontruth.wordpress.com/2023/05/12/the-illustrious-graduates-of-wuhan-kerui",
|
||||
"https://intrusiontruth.wordpress.com/2023/05/13/all-roads-lead-back-to-wuhan-xiaoruizhi-science-and-technology-company",
|
||||
"https://intrusiontruth.wordpress.com/2023/05/15/trouble-in-paradise",
|
||||
"https://intrusiontruth.wordpress.com/2023/05/16/introducing-cheng-feng",
|
||||
"https://intrusiontruth.wordpress.com/2023/05/17/missing-links",
|
||||
"https://ics-cert.kaspersky.com/media/Kaspersky-ICS-CERT-Common-TTPs-of-attacks-against-industrial-organizations-implants-for-remote-access-En.pdf",
|
||||
"https://asec.ahnlab.com/ko/55070",
|
||||
"https://intrusiontruth.wordpress.com/2023/07/04/wuhan-xiaoruizhi-class-of-19",
|
||||
"https://intrusiontruth.wordpress.com/2023/07/07/one-man-and-his-lasers",
|
||||
"https://www.verfassungsschutz.de/SharedDocs/publikationen/DE/cyberabwehr/2023-02-bfv-cyber-brief.pdf?__blob=publicationFile&v=6",
|
||||
"https://www.justice.gov/opa/pr/seven-hackers-associated-chinese-government-charged-computer-intrusions-targeting-perceived",
|
||||
"https://www.justice.gov/opa/media/1345141/dl?inline",
|
||||
"https://www.gov.uk/government/news/uk-holds-china-state-affiliated-organisations-and-individuals-responsible-for-malicious-cyber-activity",
|
||||
"https://harfanglab.io/en/insidethelab/apt31-indictment-analysis/"
|
||||
],
|
||||
"synonyms": [
|
||||
"ZIRCONIUM",
|
||||
|
@ -10856,7 +10879,12 @@
|
|||
"https://www.crowdstrike.com/blog/overwatch-exposes-aquatic-panda-in-possession-of-log-4-shell-exploit-tools",
|
||||
"https://decoded.avast.io/luigicamastra/backdoored-client-from-mongolian-ca-monpass",
|
||||
"https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/cyber-year-in-retrospect/yir-cyber-threats-report-download.pdf",
|
||||
"https://go.recordedfuture.com/hubfs/reports/cta-2023-0808.pdf"
|
||||
"https://go.recordedfuture.com/hubfs/reports/cta-2023-0808.pdf",
|
||||
"https://securelist.com/apt-annual-review-2021/105127",
|
||||
"https://securelist.com/apt-trends-report-q2-2021/103517",
|
||||
"https://www.ncsc.gov.uk/static-assets/documents/malware-analysis-reports/jolly-jellyfish/NCSC-MAR-Jolly-Jellyfish.pdf",
|
||||
"https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/cyber-year-in-retrospect/pdf/2022-year-in-retrospect-report.pdf",
|
||||
"https://www.youtube.com/watch?v=-7Swd1ZetiQ"
|
||||
],
|
||||
"synonyms": [
|
||||
"CHROMIUM",
|
||||
|
@ -10867,7 +10895,9 @@
|
|||
"AQUATIC PANDA",
|
||||
"Red Dev 10",
|
||||
"RedHotel",
|
||||
"Charcoal Typhoon"
|
||||
"Charcoal Typhoon",
|
||||
"BountyGlad",
|
||||
"Red Scylla"
|
||||
]
|
||||
},
|
||||
"related": [
|
||||
|
@ -12336,7 +12366,8 @@
|
|||
"https://www.microsoft.com/en-us/security/blog/2023/05/24/volt-typhoon-targets-us-critical-infrastructure-with-living-off-the-land-techniques/"
|
||||
],
|
||||
"synonyms": [
|
||||
"BRONZE SILHOUETTE"
|
||||
"BRONZE SILHOUETTE",
|
||||
"VANGUARD PANDA"
|
||||
]
|
||||
},
|
||||
"uuid": "f02679fa-5e85-4050-8eb5-c2677d93306f",
|
||||
|
@ -12579,7 +12610,11 @@
|
|||
"https://www.microsoft.com/en-us/security/blog/2023/07/14/analysis-of-storm-0558-techniques-for-unauthorized-email-access/",
|
||||
"https://www.wiz.io/blog/storm-0558-compromised-microsoft-key-enables-authentication-of-countless-micr",
|
||||
"https://msrc.microsoft.com/blog/2023/09/results-of-major-technical-investigations-for-storm-0558-key-acquisition/",
|
||||
"https://www.bsi.bund.de/DE/Themen/Unternehmen-und-Organisationen/Cyber-Sicherheitslage/Analysen-und-Prognosen/Threat-Intelligence/Aktive_APT-Gruppen/aktive-apt-gruppen_node.html"
|
||||
"https://www.bsi.bund.de/DE/Themen/Unternehmen-und-Organisationen/Cyber-Sicherheitslage/Analysen-und-Prognosen/Threat-Intelligence/Aktive_APT-Gruppen/aktive-apt-gruppen_node.html",
|
||||
"https://blogs.microsoft.com/on-the-issues/2023/07/11/mitigation-china-based-threat-actor/",
|
||||
"https://msrc.microsoft.com/blog/2023/07/microsoft-mitigates-china-based-threat-actor-storm-0558-targeting-of-customer-email/",
|
||||
"https://www.youtube.com/watch?v=khywfhJv4H8",
|
||||
"https://www.cisa.gov/sites/default/files/2024-04/CSRB_Review_of_the_Summer_2023_MEO_Intrusion_Final_508c.pdf"
|
||||
]
|
||||
},
|
||||
"uuid": "5b30bcb8-4923-45cc-bc89-29651ca5d54e",
|
||||
|
@ -14436,7 +14471,8 @@
|
|||
"https://www.crowdstrike.com/global-threat-report/"
|
||||
],
|
||||
"synonyms": [
|
||||
"Ethereal Panda"
|
||||
"Ethereal Panda",
|
||||
"Storm-0919"
|
||||
]
|
||||
},
|
||||
"uuid": "50ee2b1b-979e-4507-8747-8597a95938f6",
|
||||
|
|
Loading…
Reference in a new issue