Update threat-actor.json

Lazarus, FIN7
This commit is contained in:
StefanKelm 2020-09-03 14:44:10 +02:00 committed by GitHub
parent 4d35ede23c
commit 57a31fd60c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -2811,14 +2811,16 @@
"https://threatpost.com/fileless-malware-campaigns-tied-to-same-attacker/124369/", "https://threatpost.com/fileless-malware-campaigns-tied-to-same-attacker/124369/",
"https://www.fireeye.com/blog/threat-research/2017/04/fin7-phishing-lnk.html", "https://www.fireeye.com/blog/threat-research/2017/04/fin7-phishing-lnk.html",
"https://www.fireeye.com/blog/threat-research/2017/05/fin7-shim-databases-persistence.html", "https://www.fireeye.com/blog/threat-research/2017/05/fin7-shim-databases-persistence.html",
"http://blog.morphisec.com/fin7-attacks-restaurant-industry", "https://blog.morphisec.com/fin7-attacks-restaurant-industry",
"https://www.flashpoint-intel.com/blog/fin7-revisited-inside-astra-panel-and-sqlrat-malware/", "https://www.flashpoint-intel.com/blog/fin7-revisited-inside-astra-panel-and-sqlrat-malware/",
"http://blog.morphisec.com/fin7-attack-modifications-revealed", "https://blog.morphisec.com/fin7-attack-modifications-revealed",
"http://blog.morphisec.com/fin7-not-finished-morphisec-spots-new-campaign", "https://blog.morphisec.com/fin7-not-finished-morphisec-spots-new-campaign",
"https://securelist.com/fin7-5-the-infamous-cybercrime-rig-fin7-continues-its-activities/90703/", "https://securelist.com/fin7-5-the-infamous-cybercrime-rig-fin7-continues-its-activities/90703/",
"https://www.fireeye.com/blog/threat-research/2018/08/fin7-pursuing-an-enigmatic-and-evasive-global-criminal-operation.html", "https://www.fireeye.com/blog/threat-research/2018/08/fin7-pursuing-an-enigmatic-and-evasive-global-criminal-operation.html",
"https://attack.mitre.org/groups/G0046/", "https://attack.mitre.org/groups/G0046/",
"https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2020CrowdStrikeGlobalThreatReport.pdf", "https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2020CrowdStrikeGlobalThreatReport.pdf",
"https://threatintel.blog/OPBlueRaven-Part1/",
"https://threatintel.blog/OPBlueRaven-Part2/",
"https://www.secureworks.com/research/threat-profiles/gold-niagara" "https://www.secureworks.com/research/threat-profiles/gold-niagara"
], ],
"synonyms": [ "synonyms": [
@ -3077,6 +3079,7 @@
"https://threatpost.com/banco-de-chile-wiper-attack-just-a-cover-for-10m-swift-heist/132796/", "https://threatpost.com/banco-de-chile-wiper-attack-just-a-cover-for-10m-swift-heist/132796/",
"https://www.darkreading.com/attacks-breaches/north-korean-hacking-group-steals-$135-million-from-indian-bank-/d/d-id/1332678", "https://www.darkreading.com/attacks-breaches/north-korean-hacking-group-steals-$135-million-from-indian-bank-/d/d-id/1332678",
"https://www.zdnet.com/article/north-korean-hackers-infiltrate-chiles-atm-network-after-skype-job-interview/", "https://www.zdnet.com/article/north-korean-hackers-infiltrate-chiles-atm-network-after-skype-job-interview/",
"https://blogs.jpcert.or.jp/en/2020/08/Lazarus-malware.html",
"https://www.secureworks.com/research/threat-profiles/nickel-gladstone" "https://www.secureworks.com/research/threat-profiles/nickel-gladstone"
], ],
"synonyms": [ "synonyms": [
@ -8336,5 +8339,5 @@
"value": "GALLIUM" "value": "GALLIUM"
} }
], ],
"version": 174 "version": 175
} }