mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 08:47:18 +00:00
[threat-actors] Add Nemesis Kitten
This commit is contained in:
Mathieu Beligon
parent
84faa3c92b
commit
61cb24a3fc
1 changed files with 23 additions and 0 deletions
|
|
@ -10511,6 +10511,29 @@
|
||||||
],
|
],
|
||||||
"uuid": "035fbd5c-e4a1-4c7b-80fb-f5a89a361aed",
|
"uuid": "035fbd5c-e4a1-4c7b-80fb-f5a89a361aed",
|
||||||
"value": "Karakurt"
|
"value": "Karakurt"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Microsoft threat intelligence teams have been tracking multiple ransomware campaigns and have tied these attacks to DEV-0270, also known as Nemesis Kitten, a sub-group of Iranian actor PHOSPHORUS. Microsoft assesses with moderate confidence that DEV-0270 conducts malicious network operations, including widespread vulnerability scanning, on behalf of the government of Iran.",
|
||||||
|
"meta": {
|
||||||
|
"country": "IR",
|
||||||
|
"references": [
|
||||||
|
"https://www.microsoft.com/en-us/security/blog/2022/09/07/profiling-dev-0270-phosphorus-ransomware-operations/"
|
||||||
|
],
|
||||||
|
"synonyms": [
|
||||||
|
"Nemesis Kitten"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"related": [
|
||||||
|
{
|
||||||
|
"dest-uuid": "b8967b3c-3bc9-11e8-8701-8b1ead8c099e",
|
||||||
|
"tags": [
|
||||||
|
"estimative-language:likelihood-probability=\"likely\""
|
||||||
|
],
|
||||||
|
"type": "part-of"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"uuid": "7b90319a-9f7b-466d-9f90-7fcc270ed505",
|
||||||
|
"value": "DEV-0270"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 260
|
"version": 260
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue