mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-23 07:17:17 +00:00
Branch out Goblin Panda from Hellsing
This commit is contained in:
parent
3f50cf0175
commit
53282255ce
1 changed files with 36 additions and 9 deletions
|
@ -1139,15 +1139,7 @@
|
||||||
"country": "CN",
|
"country": "CN",
|
||||||
"refs": [
|
"refs": [
|
||||||
"https://securelist.com/analysis/publications/69567/the-chronicles-of-the-hellsing-apt-the-empire-strikes-back/",
|
"https://securelist.com/analysis/publications/69567/the-chronicles-of-the-hellsing-apt-the-empire-strikes-back/",
|
||||||
"https://www.cfr.org/interactive/cyber-operations/hellsing",
|
"https://www.cfr.org/interactive/cyber-operations/hellsing"
|
||||||
"https://www.crowdstrike.com/blog/meet-crowdstrikes-adversary-of-the-month-for-august-goblin-panda/",
|
|
||||||
"https://securelist.com/cycldek-bridging-the-air-gap/97157/",
|
|
||||||
"https://www.fortinet.com/blog/threat-research/cta-security-playbook--goblin-panda.html"
|
|
||||||
],
|
|
||||||
"synonyms": [
|
|
||||||
"Goblin Panda",
|
|
||||||
"Conimes",
|
|
||||||
"Cycldek"
|
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"uuid": "af482dde-9e47-48d5-9cb2-cf8f6d6303d3",
|
"uuid": "af482dde-9e47-48d5-9cb2-cf8f6d6303d3",
|
||||||
|
@ -9989,6 +9981,41 @@
|
||||||
},
|
},
|
||||||
"uuid": "d58030e2-5673-4836-9aff-ab6d55da0bc0",
|
"uuid": "d58030e2-5673-4836-9aff-ab6d55da0bc0",
|
||||||
"value": "SLIME29"
|
"value": "SLIME29"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Goblin Panda is one of a handful of elite Chinese advanced persistent threat (APT) groups. Most Chinese APTs target the United States and NATO, but Goblin Panda focuses primarily on Southeast Asia.",
|
||||||
|
"meta": {
|
||||||
|
"attribution-confidence": "75",
|
||||||
|
"cfr-suspected-state-sponsor": "China",
|
||||||
|
"cfr-suspected-victims": [
|
||||||
|
"Malaysia",
|
||||||
|
"India",
|
||||||
|
"Indonesia",
|
||||||
|
"Japan",
|
||||||
|
"Philippines",
|
||||||
|
"Southeast Asia",
|
||||||
|
"South Korea",
|
||||||
|
"Vietnam"
|
||||||
|
],
|
||||||
|
"cfr-target-category": [
|
||||||
|
"Private Sector"
|
||||||
|
],
|
||||||
|
"country": "CN",
|
||||||
|
"refs": [
|
||||||
|
"https://www.crowdstrike.com/blog/meet-crowdstrikes-adversary-of-the-month-for-august-goblin-panda/",
|
||||||
|
"https://securelist.com/cycldek-bridging-the-air-gap/97157/",
|
||||||
|
"https://www.fortinet.com/blog/threat-research/cta-security-playbook--goblin-panda.html",
|
||||||
|
"https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2020CrowdStrikeGlobalThreatReport.pdf",
|
||||||
|
"https://cyberthreat.thalesgroup.com/sites/default/files/2022-05/THALES%20THREAT%20HANDBOOK%202022%20Light%20Version_1.pdf"
|
||||||
|
],
|
||||||
|
"synonyms": [
|
||||||
|
"Conimes",
|
||||||
|
"Cycldek",
|
||||||
|
"ATK78"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "8d73715a-8bbd-4eaa-ae24-2f1b1c84cf21",
|
||||||
|
"value": "Goblin Panda"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 239
|
"version": 239
|
||||||
|
|
Loading…
Reference in a new issue