mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-22 14:57:18 +00:00
[threat-actors] Add Vanilla Tempest
This commit is contained in:
parent
0668ed368d
commit
42bad34d91
1 changed files with 17 additions and 0 deletions
|
@ -14329,6 +14329,23 @@
|
|||
},
|
||||
"uuid": "9c0f0db1-b773-42ff-a6f7-d4b6c1d28ca4",
|
||||
"value": "Sunglow Blizzard"
|
||||
},
|
||||
{
|
||||
"description": "Vice Society is a ransomware group that has been active since at least June 2021. They primarily target the education and healthcare sectors, but have also been observed targeting the manufacturing industry. The group has used multiple ransomware families and has been known to utilize PowerShell scripts for their attacks. There are similarities between Vice Society and the Rhysida ransomware group, suggesting a potential connection or rebranding.",
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://www.microsoft.com/en-us/security/blog/2022/10/25/dev-0832-vice-society-opportunistic-ransomware-campaigns-impacting-us-education-sector/",
|
||||
"https://fourcore.io/blogs/rhysida-ransomware-history-ttp-adversary-emulation",
|
||||
"https://detect.fyi/rhysida-ransomware-and-the-detection-opportunities-3599e9a02bb2",
|
||||
"https://research.checkpoint.com/2023/the-rhysida-ransomware-activity-analysis-and-ties-to-vice-society/"
|
||||
],
|
||||
"synonyms": [
|
||||
"DEV-0832",
|
||||
"Vice Society"
|
||||
]
|
||||
},
|
||||
"uuid": "c4132d43-2405-43ca-9940-a6f78e007861",
|
||||
"value": "Vanilla Tempest"
|
||||
}
|
||||
],
|
||||
"version": 298
|
||||
|
|
Loading…
Reference in a new issue