mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-30 02:37:17 +00:00
[threat-actors] Add PROPHET SPIDER
This commit is contained in:
Mathieu Beligon
parent
61cb24a3fc
commit
4bbee8c1e7
1 changed files with 28 additions and 0 deletions
|
|
@ -10534,6 +10534,34 @@
|
||||||
],
|
],
|
||||||
"uuid": "7b90319a-9f7b-466d-9f90-7fcc270ed505",
|
"uuid": "7b90319a-9f7b-466d-9f90-7fcc270ed505",
|
||||||
"value": "DEV-0270"
|
"value": "DEV-0270"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "PROPHET SPIDER is an eCrime actor, active since at least May 2017, that primarily gains access to victims by compromising vulnerable web servers, which commonly involves leveraging a variety of publicly disclosed vulnerabilities. The adversary has likely functioned as an access broker — handing off access to a third party to deploy ransomware — in multiple instances.",
|
||||||
|
"meta": {
|
||||||
|
"country": "",
|
||||||
|
"references": [
|
||||||
|
"https://www.crowdstrike.com/blog/prophet-spider-exploits-oracle-weblogic-to-facilitate-ransomware-activity/",
|
||||||
|
"https://www.crowdstrike.com/blog/prophet-spider-exploits-citrix-sharefile/"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"related": [
|
||||||
|
{
|
||||||
|
"dest-uuid": "cd84bc53-8684-4921-89c7-2cf49512bf61",
|
||||||
|
"tags": [
|
||||||
|
"estimative-language:likelihood-probability=\"likely\""
|
||||||
|
],
|
||||||
|
"type": "uses"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"dest-uuid": "b5814e05-532a-4262-a8da-82fd0d7605ee",
|
||||||
|
"tags": [
|
||||||
|
"estimative-language:likelihood-probability=\"likely\""
|
||||||
|
],
|
||||||
|
"type": "uses"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"uuid": "eb0b100c-8a4e-4859-b6f8-eebd66c3d20c",
|
||||||
|
"value": "Prophet Spider"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 260
|
"version": 260
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue