From 5f566dd6837b527776f19f53d5c1d5f7ab1a2733 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Fri, 18 May 2018 13:34:55 +0200 Subject: [PATCH] chg: [misp-galaxy] namespace misp added --- galaxies/android.json | 5 +++-- galaxies/banker.json | 5 +++-- galaxies/botnet.json | 5 +++-- galaxies/branded_vulnerability.json | 5 +++-- galaxies/cert-eu-govsector.json | 5 +++-- galaxies/exploit-kit.json | 5 +++-- galaxies/microsoft-activity-group.json | 5 +++-- galaxies/preventive-measure.json | 5 +++-- galaxies/ransomware.json | 5 +++-- galaxies/rat.json | 5 +++-- galaxies/sector.json | 5 +++-- galaxies/tds.json | 5 +++-- galaxies/threat-actor.json | 5 +++-- galaxies/tool.json | 5 +++-- 14 files changed, 42 insertions(+), 28 deletions(-) diff --git a/galaxies/android.json b/galaxies/android.json index 9624631..8edbee5 100644 --- a/galaxies/android.json +++ b/galaxies/android.json @@ -1,8 +1,9 @@ { "description": "Android malware galaxy based on multiple open sources.", "type": "android", - "version": 2, + "version": 3, "name": "Android", "icon": "android", - "uuid": "84310ba3-fa6a-44aa-b378-b9e3271c58fa" + "uuid": "84310ba3-fa6a-44aa-b378-b9e3271c58fa", + "namespace": "misp" } diff --git a/galaxies/banker.json b/galaxies/banker.json index 4ae7b91..4726db9 100644 --- a/galaxies/banker.json +++ b/galaxies/banker.json @@ -1,8 +1,9 @@ { "description": "Banking malware galaxy.", "type": "banker", - "version": 2, + "version": 3, "name": "Banker", "icon": "usd", - "uuid": "59f20cce-5420-4084-afd5-0884c0a83832" + "uuid": "59f20cce-5420-4084-afd5-0884c0a83832", + "namespace": "misp" } diff --git a/galaxies/botnet.json b/galaxies/botnet.json index 81a2334..0d89c6e 100644 --- a/galaxies/botnet.json +++ b/galaxies/botnet.json @@ -1,8 +1,9 @@ { "description": "Botnet galaxy.", "type": "botnet", - "version": 1, + "version": 2, "name": "Botnet", "icon": "sitemap", - "uuid": "90ccdf38-1649-11e8-b8bf-e7326d553087" + "uuid": "90ccdf38-1649-11e8-b8bf-e7326d553087", + "namespace": "misp" } diff --git a/galaxies/branded_vulnerability.json b/galaxies/branded_vulnerability.json index 9a6d164..0c287a4 100644 --- a/galaxies/branded_vulnerability.json +++ b/galaxies/branded_vulnerability.json @@ -1,8 +1,9 @@ { "description": "List of known vulnerabilities and exploits", "type": "branded-vulnerability", - "version": 1, + "version": 2, "name": "Branded Vulnerability", "icon": "bug", - "uuid": "fda8c7c2-f45a-11e7-9713-e75dac0492df" + "uuid": "fda8c7c2-f45a-11e7-9713-e75dac0492df", + "namespace": "misp" } diff --git a/galaxies/cert-eu-govsector.json b/galaxies/cert-eu-govsector.json index 3e46c8c..0a2cc16 100644 --- a/galaxies/cert-eu-govsector.json +++ b/galaxies/cert-eu-govsector.json @@ -2,7 +2,8 @@ "type": "cert-seu-gocsector", "name": "Cert EU GovSector", "description": "Cert EU GovSector", - "version": 1, + "version": 2, "icon": "globe", - "uuid": "68858a48-b898-11e7-91ce-bf424ef9b662" + "uuid": "68858a48-b898-11e7-91ce-bf424ef9b662", + "namespace": "misp" } diff --git a/galaxies/exploit-kit.json b/galaxies/exploit-kit.json index 78ce6b8..74b7999 100644 --- a/galaxies/exploit-kit.json +++ b/galaxies/exploit-kit.json @@ -2,7 +2,8 @@ "type": "exploit-kit", "name": "Exploit-Kit", "description": "Exploit-Kit is an enumeration of some exploitation kits used by adversaries. The list includes document, browser and router exploit kits.It's not meant to be totally exhaustive but aim at covering the most seen in the past 5 years", - "version": 3, + "version": 4, "icon": "internet-explorer", - "uuid": "6ab240ec-bd79-11e6-a4a6-cec0c932ce01" + "uuid": "6ab240ec-bd79-11e6-a4a6-cec0c932ce01", + "namespace": "misp" } diff --git a/galaxies/microsoft-activity-group.json b/galaxies/microsoft-activity-group.json index c35d586..4d87279 100644 --- a/galaxies/microsoft-activity-group.json +++ b/galaxies/microsoft-activity-group.json @@ -2,7 +2,8 @@ "name": "Microsoft Activity Group actor", "type": "microsoft-activity-group", "description": "Activity groups as described by Microsoft", - "version": 2, + "version": 3, "icon": "user-secret", - "uuid": "74c869e8-0b8e-4e5f-96e6-cd992e07a505" + "uuid": "74c869e8-0b8e-4e5f-96e6-cd992e07a505", + "namespace": "misp" } diff --git a/galaxies/preventive-measure.json b/galaxies/preventive-measure.json index d15d5bc..ffb280b 100644 --- a/galaxies/preventive-measure.json +++ b/galaxies/preventive-measure.json @@ -2,7 +2,8 @@ "name": "Preventive Measure", "type": "preventive-measure", "description": "Preventive measures based on the ransomware document overview as published in https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml# . The preventive measures are quite generic and can fit any standard Windows infrastructure and their security measures.", - "version": 2, + "version": 3, "icon": "shield", - "uuid": "8168995b-adcd-4684-9e37-206c5771505a" + "uuid": "8168995b-adcd-4684-9e37-206c5771505a", + "namespace": "misp" } diff --git a/galaxies/ransomware.json b/galaxies/ransomware.json index 387f8f0..90cdacd 100644 --- a/galaxies/ransomware.json +++ b/galaxies/ransomware.json @@ -1,8 +1,9 @@ { "description": "Ransomware galaxy based on https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml", "type": "ransomware", - "version": 3, + "version": 4, "name": "Ransomware", "icon": "btc", - "uuid": "3f44af2e-1480-4b6b-9aa8-f9bb21341078" + "uuid": "3f44af2e-1480-4b6b-9aa8-f9bb21341078", + "namespace": "misp" } diff --git a/galaxies/rat.json b/galaxies/rat.json index a51c8ec..c30e986 100644 --- a/galaxies/rat.json +++ b/galaxies/rat.json @@ -2,7 +2,8 @@ "type": "rat", "name": "RAT", "description": "remote administration tool or remote access tool (RAT), also called sometimes remote access trojan, is a piece of software or programming that allows a remote \"operator\" to control a system as if they have physical access to that system.", - "version": 2, + "version": 3, "icon": "eye", - "uuid": "06825db6-4797-11e7-ac4d-af25fdcdd299" + "uuid": "06825db6-4797-11e7-ac4d-af25fdcdd299", + "namespace": "misp" } diff --git a/galaxies/sector.json b/galaxies/sector.json index f3ea6df..6d002bd 100644 --- a/galaxies/sector.json +++ b/galaxies/sector.json @@ -2,7 +2,8 @@ "type": "sector", "name": "Sector", "description": "Activity sectors", - "version": 1, + "version": 2, "icon": "industry", - "uuid": "e1bb134c-ae4d-11e7-8aa9-f78a37325439" + "uuid": "e1bb134c-ae4d-11e7-8aa9-f78a37325439", + "namespace": "misp" } diff --git a/galaxies/tds.json b/galaxies/tds.json index b012022..799790c 100644 --- a/galaxies/tds.json +++ b/galaxies/tds.json @@ -2,7 +2,8 @@ "type": "tds", "name": "TDS", "description": "TDS is a list of Traffic Direction System used by adversaries", - "version": 3, + "version": 4, "icon": "cart-arrow-down", - "uuid": "1b9a7d8e-bd7a-11e6-a4a6-cec0c932ce01" + "uuid": "1b9a7d8e-bd7a-11e6-a4a6-cec0c932ce01", + "namespace": "misp" } diff --git a/galaxies/threat-actor.json b/galaxies/threat-actor.json index 041baf1..ae65bdb 100644 --- a/galaxies/threat-actor.json +++ b/galaxies/threat-actor.json @@ -2,7 +2,8 @@ "name": "Threat Actor", "type": "threat-actor", "description": "Threat actors are characteristics of malicious actors (or adversaries) representing a cyber attack threat including presumed intent and historically observed behaviour.", - "version": 2, + "version": 3, "icon": "user-secret", - "uuid": "698774c7-8022-42c4-917f-8d6e4f06ada3" + "uuid": "698774c7-8022-42c4-917f-8d6e4f06ada3", + "namespace": "misp" } diff --git a/galaxies/tool.json b/galaxies/tool.json index d015566..a5d0aee 100644 --- a/galaxies/tool.json +++ b/galaxies/tool.json @@ -2,7 +2,8 @@ "type": "tool", "name": "Tool", "description": "Threat actors tools is an enumeration of tools used by adversaries. The list includes malware but also common software regularly used by the adversaries.", - "version": 2, + "version": 3, "icon": "optin-monster", - "uuid": "9b8037f7-bc8f-4de1-a797-37266619bc0b" + "uuid": "9b8037f7-bc8f-4de1-a797-37266619bc0b", + "namespace": "misp" }