MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-11-26 08:47:18 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

[threat-actors] Add Ruby Sleet

Browse source
This commit is contained in:
Mathieu4141 2024-02-01 11:02:00 -08:00
parent 2dc29dc6c7
commit 6fdd037988
1 changed files with 14 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
clusters/threat-actor.json
View file

@ -14379,6 +14379,20 @@
}, },
"uuid": "b80be7a7-6d06-4da7-8ae0-302a198e7c73", "uuid": "b80be7a7-6d06-4da7-8ae0-302a198e7c73",
"value": "Lilac Typhoon" "value": "Lilac Typhoon"
},
{
"description": "Ruby Sleet is a threat actor linked to North Korea's Ministry of State Security. Cerium has been involved in spear-phishing campaigns, compromising devices, and conducting cyberattacks alongside other North Korean threat actors. They have also targeted companies involved in COVID-19 research and vaccine development.",
"meta": {
"country": "KP",
"refs": [
"https://blogs.microsoft.com/on-the-issues/2020/11/13/health-care-cyberattacks-covid-19-paris-peace-forum/"
],
"synonyms": [
"CERIUM"
]
},
"uuid": "03ff54cf-f7d4-4606-a531-2ca6d4fa6a54",
"value": "Ruby Sleet"
} }
], ],
"version": 298 "version": 298