mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-29 18:27:19 +00:00
fix: [threat-actor] JQ all the things + version updated
This commit is contained in:
parent
ec9dc0f2e3
commit
416cd6706a
1 changed files with 20 additions and 20 deletions
|
@ -213,11 +213,7 @@
|
|||
"description": "Grayling activity was first observed in early 2023, when a number of victims were identified with distinctive malicious DLL side-loading activity. Grayling appears to target organisations in Asia, however one unknown organisation in the United States was also targeted. Industries targeted include Biomedical, Government and Information Technology. Grayling use a variety of tools during their attacks, including well known tools such as Cobalt Strike and Havoc and also some others.",
|
||||
"meta": {
|
||||
"attribution-confidence": "50",
|
||||
"country": "CN",
|
||||
"cfr-suspected-state-sponsor": "China",
|
||||
"refs": [
|
||||
"https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/grayling-taiwan-cyber-attacks"
|
||||
],
|
||||
"cfr-suspected-victims": [
|
||||
"Taiwan",
|
||||
"United States",
|
||||
|
@ -228,6 +224,10 @@
|
|||
"Biomedical",
|
||||
"Government",
|
||||
"Information technology"
|
||||
],
|
||||
"country": "CN",
|
||||
"refs": [
|
||||
"https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/grayling-taiwan-cyber-attacks"
|
||||
]
|
||||
},
|
||||
"uuid": "6714de29-4dd8-463c-99a3-77c9e80fa47d",
|
||||
|
@ -7554,6 +7554,21 @@
|
|||
{
|
||||
"description": "Since April 2018, an APT group (Blind Eagle, APT-C-36) suspected coming from South America carried out continuous targeted attacks against Colombian government institutions as well as important corporations in financial sector, petroleum industry, professional manufacturing, etc.",
|
||||
"meta": {
|
||||
"cfr-suspected-victims": [
|
||||
"Ecuador",
|
||||
"Colombia",
|
||||
"Spain",
|
||||
"Panama",
|
||||
"Chile"
|
||||
],
|
||||
"cfr-target-category": [
|
||||
"Petroleum",
|
||||
"Manufacturing",
|
||||
"Financial",
|
||||
"Private sector",
|
||||
"Government"
|
||||
],
|
||||
"cfr-type-of-incident": "Espionage",
|
||||
"refs": [
|
||||
"https://ti.360.net/blog/articles/apt-c-36-continuous-attacks-targeting-colombian-government-institutions-and-corporations-en/",
|
||||
"https://www.ecucert.gob.ec/wp-content/uploads/2022/03/alerta-APTs-2022-03-23.pdf",
|
||||
|
@ -7563,21 +7578,6 @@
|
|||
"https://research.checkpoint.com/2023/blindeagle-targeting-ecuador-with-sharpened-tools/",
|
||||
"https://attack.mitre.org/groups/G0099/"
|
||||
],
|
||||
"cfr-suspected-victims": [
|
||||
"Ecuador",
|
||||
"Colombia",
|
||||
"Spain",
|
||||
"Panama",
|
||||
"Chile"
|
||||
],
|
||||
"cfr-type-of-incident": "Espionage",
|
||||
"cfr-target-category": [
|
||||
"Petroleum",
|
||||
"Manufacturing",
|
||||
"Financial",
|
||||
"Private sector",
|
||||
"Government"
|
||||
],
|
||||
"synonyms": [
|
||||
"Blind Eagle"
|
||||
]
|
||||
|
@ -12049,5 +12049,5 @@
|
|||
"value": "Void Rabisu"
|
||||
}
|
||||
],
|
||||
"version": 286
|
||||
"version": 287
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue