mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-29 18:27:19 +00:00
[threat-actors] Add Storm-0867
This commit is contained in:
parent
8d024a52b1
commit
4cbf4353b0
1 changed files with 14 additions and 0 deletions
|
@ -14280,6 +14280,20 @@
|
||||||
},
|
},
|
||||||
"uuid": "062938a2-6fa1-4217-ad73-f5e0b5186966",
|
"uuid": "062938a2-6fa1-4217-ad73-f5e0b5186966",
|
||||||
"value": "Caramel Tsunami"
|
"value": "Caramel Tsunami"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Storm-0867 is a threat actor that has been active since 2012 and has targeted various industries and regions. They employ sophisticated phishing campaigns, utilizing social engineering techniques and a phishing as a service platform called Caffeine. Their attacks involve intercepting and manipulating communication between users and legitimate services, allowing them to steal passwords, hijack sign-in sessions, bypass multifactor authentication, and modify authentication methods.",
|
||||||
|
"meta": {
|
||||||
|
"country": "EG",
|
||||||
|
"refs": [
|
||||||
|
"https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/defender-experts-chronicles-a-deep-dive-into-storm-0867/ba-p/3911769"
|
||||||
|
],
|
||||||
|
"synonyms": [
|
||||||
|
"DEV-0867"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "dc1d0202-8976-4d15-810d-4af0feff6af9",
|
||||||
|
"value": "Storm-0867"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 298
|
"version": 298
|
||||||
|
|
Loading…
Reference in a new issue