[threat-actors] Equation group: separate from Lamberts and add tools

This commit is contained in:
Mathieu Beligon 2022-09-29 11:28:54 -07:00
parent 9338222b64
commit 4f47e6e2d3

View file

@ -3875,15 +3875,11 @@
"https://www.dropbox.com/s/buxkfotx1kei0ce/Whitepaper%20Shadow%20Broker%20-%20Equation%20Group%20Hack.pdf?dl=0", "https://www.dropbox.com/s/buxkfotx1kei0ce/Whitepaper%20Shadow%20Broker%20-%20Equation%20Group%20Hack.pdf?dl=0",
"https://en.wikipedia.org/wiki/Stuxnet", "https://en.wikipedia.org/wiki/Stuxnet",
"https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2018/03/08064459/Equation_group_questions_and_answers.pdf", "https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2018/03/08064459/Equation_group_questions_and_answers.pdf",
"https://attack.mitre.org/groups/G0020/", "https://attack.mitre.org/groups/G0020/"
"https://www.secureworks.com/research/threat-profiles/platinum-terminal"
], ],
"synonyms": [ "synonyms": [
"Tilded Team", "Tilded Team",
"Lamberts",
"EQGRP", "EQGRP",
"Longhorn",
"PLATINUM TERMINAL",
"G0020" "G0020"
] ]
}, },
@ -3894,6 +3890,48 @@
"estimative-language:likelihood-probability=\"likely\"" "estimative-language:likelihood-probability=\"likely\""
], ],
"type": "similar" "type": "similar"
},
{
"dest-uuid": "3e0c2d35-87cb-40f9-b341-a6c8dbec697e",
"tags": [
"estimative-language:likelihood-probability=\"very-likely\""
],
"type": "uses"
},
{
"dest-uuid": "fb8828a4-76de-467d-9f52-528984aa9b8d",
"tags": [
"estimative-language:likelihood-probability=\"very-likely\""
],
"type": "uses"
},
{
"dest-uuid": "a4cebcc4-9e9b-415f-aa05-dd71c4e288fe",
"tags": [
"estimative-language:likelihood-probability=\"very-likely\""
],
"type": "uses"
},
{
"dest-uuid": "2407bd9a-a3a4-40c4-86de-be6965243c67",
"tags": [
"estimative-language:likelihood-probability=\"very-likely\""
],
"type": "uses"
},
{
"dest-uuid": "1e25d254-3f03-4752-b8d6-023a23e7d4ae",
"tags": [
"estimative-language:likelihood-probability=\"very-likely\""
],
"type": "uses"
},
{
"dest-uuid": "21f7a57b-7778-4b3e-9b50-5289ae3b445d",
"tags": [
"estimative-language:likelihood-probability=\"very-likely\""
],
"type": "uses"
} }
], ],
"uuid": "7036fb3d-86b7-4d9c-bc66-1e1ead8b7840", "uuid": "7036fb3d-86b7-4d9c-bc66-1e1ead8b7840",
@ -4105,12 +4143,14 @@
"https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=7ca2e331-2209-46a8-9e60-4cb83f9602de&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments", "https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=7ca2e331-2209-46a8-9e60-4cb83f9602de&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments",
"https://www.bleepingcomputer.com/news/security/longhorn-cyber-espionage-group-is-actually-the-cia/", "https://www.bleepingcomputer.com/news/security/longhorn-cyber-espionage-group-is-actually-the-cia/",
"https://www.cfr.org/interactive/cyber-operations/longhorn", "https://www.cfr.org/interactive/cyber-operations/longhorn",
"http://blogs.360.cn/post/APT-C-39_CIA_EN.html" "http://blogs.360.cn/post/APT-C-39_CIA_EN.html",
"https://www.secureworks.com/research/threat-profiles/platinum-terminal"
], ],
"synonyms": [ "synonyms": [
"Lamberts", "Lamberts",
"the Lamberts", "the Lamberts",
"APT-C-39" "APT-C-39",
"PLATINUM TERMINAL"
] ]
}, },
"related": [ "related": [