mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-27 01:07:18 +00:00
[threat-actors] Add REF2924
This commit is contained in:
parent
18811f8056
commit
4a3968e873
1 changed files with 12 additions and 0 deletions
|
@ -12463,6 +12463,18 @@
|
||||||
},
|
},
|
||||||
"uuid": "64234b2e-0c78-466d-8253-0df339f99f5f",
|
"uuid": "64234b2e-0c78-466d-8253-0df339f99f5f",
|
||||||
"value": "REF5961"
|
"value": "REF5961"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "A group monitored as REF2924 by Elastic Security Labs is wielding novel data-stealing malware — an HTTP listener written in C# dubbed Naplistener by the researchers — in attacks against victims operating in southern and southeast Asia.According to a blog post by Elastic senior security research engineer Remco Sprooten, in that region of the world, network-based detection and prevention technologies are the de facto method for securing many environments.",
|
||||||
|
"meta": {
|
||||||
|
"country": "CN",
|
||||||
|
"refs": [
|
||||||
|
"https://www.elastic.co/security-labs/ref2924-howto-maintain-persistence-as-an-advanced-threat",
|
||||||
|
"https://www.elastic.co/security-labs/introducing-the-ref5961-intrusion-set"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "c46ed7e9-3949-4c57-ab14-177d88f27e2c",
|
||||||
|
"value": "REF2924"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 289
|
"version": 289
|
||||||
|
|
Loading…
Reference in a new issue