mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-29 18:27:19 +00:00
fix: [threat-actor] JQ all the things + version updated
This commit is contained in:
parent
ec9dc0f2e3
commit
416cd6706a
1 changed files with 20 additions and 20 deletions
|
@ -213,11 +213,7 @@
|
||||||
"description": "Grayling activity was first observed in early 2023, when a number of victims were identified with distinctive malicious DLL side-loading activity. Grayling appears to target organisations in Asia, however one unknown organisation in the United States was also targeted. Industries targeted include Biomedical, Government and Information Technology. Grayling use a variety of tools during their attacks, including well known tools such as Cobalt Strike and Havoc and also some others.",
|
"description": "Grayling activity was first observed in early 2023, when a number of victims were identified with distinctive malicious DLL side-loading activity. Grayling appears to target organisations in Asia, however one unknown organisation in the United States was also targeted. Industries targeted include Biomedical, Government and Information Technology. Grayling use a variety of tools during their attacks, including well known tools such as Cobalt Strike and Havoc and also some others.",
|
||||||
"meta": {
|
"meta": {
|
||||||
"attribution-confidence": "50",
|
"attribution-confidence": "50",
|
||||||
"country": "CN",
|
|
||||||
"cfr-suspected-state-sponsor": "China",
|
"cfr-suspected-state-sponsor": "China",
|
||||||
"refs": [
|
|
||||||
"https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/grayling-taiwan-cyber-attacks"
|
|
||||||
],
|
|
||||||
"cfr-suspected-victims": [
|
"cfr-suspected-victims": [
|
||||||
"Taiwan",
|
"Taiwan",
|
||||||
"United States",
|
"United States",
|
||||||
|
@ -228,6 +224,10 @@
|
||||||
"Biomedical",
|
"Biomedical",
|
||||||
"Government",
|
"Government",
|
||||||
"Information technology"
|
"Information technology"
|
||||||
|
],
|
||||||
|
"country": "CN",
|
||||||
|
"refs": [
|
||||||
|
"https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/grayling-taiwan-cyber-attacks"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"uuid": "6714de29-4dd8-463c-99a3-77c9e80fa47d",
|
"uuid": "6714de29-4dd8-463c-99a3-77c9e80fa47d",
|
||||||
|
@ -7554,6 +7554,21 @@
|
||||||
{
|
{
|
||||||
"description": "Since April 2018, an APT group (Blind Eagle, APT-C-36) suspected coming from South America carried out continuous targeted attacks against Colombian government institutions as well as important corporations in financial sector, petroleum industry, professional manufacturing, etc.",
|
"description": "Since April 2018, an APT group (Blind Eagle, APT-C-36) suspected coming from South America carried out continuous targeted attacks against Colombian government institutions as well as important corporations in financial sector, petroleum industry, professional manufacturing, etc.",
|
||||||
"meta": {
|
"meta": {
|
||||||
|
"cfr-suspected-victims": [
|
||||||
|
"Ecuador",
|
||||||
|
"Colombia",
|
||||||
|
"Spain",
|
||||||
|
"Panama",
|
||||||
|
"Chile"
|
||||||
|
],
|
||||||
|
"cfr-target-category": [
|
||||||
|
"Petroleum",
|
||||||
|
"Manufacturing",
|
||||||
|
"Financial",
|
||||||
|
"Private sector",
|
||||||
|
"Government"
|
||||||
|
],
|
||||||
|
"cfr-type-of-incident": "Espionage",
|
||||||
"refs": [
|
"refs": [
|
||||||
"https://ti.360.net/blog/articles/apt-c-36-continuous-attacks-targeting-colombian-government-institutions-and-corporations-en/",
|
"https://ti.360.net/blog/articles/apt-c-36-continuous-attacks-targeting-colombian-government-institutions-and-corporations-en/",
|
||||||
"https://www.ecucert.gob.ec/wp-content/uploads/2022/03/alerta-APTs-2022-03-23.pdf",
|
"https://www.ecucert.gob.ec/wp-content/uploads/2022/03/alerta-APTs-2022-03-23.pdf",
|
||||||
|
@ -7563,21 +7578,6 @@
|
||||||
"https://research.checkpoint.com/2023/blindeagle-targeting-ecuador-with-sharpened-tools/",
|
"https://research.checkpoint.com/2023/blindeagle-targeting-ecuador-with-sharpened-tools/",
|
||||||
"https://attack.mitre.org/groups/G0099/"
|
"https://attack.mitre.org/groups/G0099/"
|
||||||
],
|
],
|
||||||
"cfr-suspected-victims": [
|
|
||||||
"Ecuador",
|
|
||||||
"Colombia",
|
|
||||||
"Spain",
|
|
||||||
"Panama",
|
|
||||||
"Chile"
|
|
||||||
],
|
|
||||||
"cfr-type-of-incident": "Espionage",
|
|
||||||
"cfr-target-category": [
|
|
||||||
"Petroleum",
|
|
||||||
"Manufacturing",
|
|
||||||
"Financial",
|
|
||||||
"Private sector",
|
|
||||||
"Government"
|
|
||||||
],
|
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
"Blind Eagle"
|
"Blind Eagle"
|
||||||
]
|
]
|
||||||
|
@ -12049,5 +12049,5 @@
|
||||||
"value": "Void Rabisu"
|
"value": "Void Rabisu"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 286
|
"version": 287
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue