mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-30 02:37:17 +00:00
adding aliases from UA's H1'2023 report
This commit is contained in:
parent
3f039b5932
commit
77b7ed2f01
1 changed files with 26 additions and 9 deletions
|
@ -2499,7 +2499,8 @@
|
||||||
"https://www.secureworks.com/research/threat-profiles/iron-hemlock",
|
"https://www.secureworks.com/research/threat-profiles/iron-hemlock",
|
||||||
"https://attack.mitre.org/groups/G0016",
|
"https://attack.mitre.org/groups/G0016",
|
||||||
"https://unit42.paloaltonetworks.com/atoms/cloaked-ursa/",
|
"https://unit42.paloaltonetworks.com/atoms/cloaked-ursa/",
|
||||||
"https://go.recordedfuture.com/hubfs/reports/cta-2023-0127.pdf"
|
"https://go.recordedfuture.com/hubfs/reports/cta-2023-0127.pdf",
|
||||||
|
"https://cip.gov.ua/services/cm/api/attachment/download?id=60068"
|
||||||
],
|
],
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
"Group 100",
|
"Group 100",
|
||||||
|
@ -2516,7 +2517,8 @@
|
||||||
"TA421",
|
"TA421",
|
||||||
"Blue Kitsune",
|
"Blue Kitsune",
|
||||||
"ITG11",
|
"ITG11",
|
||||||
"BlueBravo"
|
"BlueBravo",
|
||||||
|
"UAC-0029"
|
||||||
],
|
],
|
||||||
"targeted-sector": [
|
"targeted-sector": [
|
||||||
"Think Tanks",
|
"Think Tanks",
|
||||||
|
@ -2625,7 +2627,8 @@
|
||||||
"https://www.welivesecurity.com/2020/12/02/turla-crutch-keeping-back-door-open/",
|
"https://www.welivesecurity.com/2020/12/02/turla-crutch-keeping-back-door-open/",
|
||||||
"https://blog.google/threat-analysis-group/continued-cyber-activity-in-eastern-europe-observed-by-tag",
|
"https://blog.google/threat-analysis-group/continued-cyber-activity-in-eastern-europe-observed-by-tag",
|
||||||
"https://blog.google/threat-analysis-group/fog-of-war-how-the-ukraine-conflict-transformed-the-cyber-threat-landscape/",
|
"https://blog.google/threat-analysis-group/fog-of-war-how-the-ukraine-conflict-transformed-the-cyber-threat-landscape/",
|
||||||
"https://services.google.com/fh/files/blogs/google_fog_of_war_research_report.pdf"
|
"https://services.google.com/fh/files/blogs/google_fog_of_war_research_report.pdf",
|
||||||
|
"https://cip.gov.ua/services/cm/api/attachment/download?id=60068"
|
||||||
],
|
],
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
"Snake",
|
"Snake",
|
||||||
|
@ -2649,7 +2652,10 @@
|
||||||
"Blue Python",
|
"Blue Python",
|
||||||
"SUMMIT",
|
"SUMMIT",
|
||||||
"UNC4210",
|
"UNC4210",
|
||||||
"Secret Blizzard"
|
"Secret Blizzard",
|
||||||
|
"UAC-0144",
|
||||||
|
"UAC-0024",
|
||||||
|
"UAC-0003"
|
||||||
],
|
],
|
||||||
"targeted-sector": [
|
"targeted-sector": [
|
||||||
"Government, Administration",
|
"Government, Administration",
|
||||||
|
@ -2814,7 +2820,8 @@
|
||||||
"https://www.welivesecurity.com/2017/10/24/bad-rabbit-not-petya-back",
|
"https://www.welivesecurity.com/2017/10/24/bad-rabbit-not-petya-back",
|
||||||
"https://blog.google/threat-analysis-group/fog-of-war-how-the-ukraine-conflict-transformed-the-cyber-threat-landscape/",
|
"https://blog.google/threat-analysis-group/fog-of-war-how-the-ukraine-conflict-transformed-the-cyber-threat-landscape/",
|
||||||
"https://www.recordedfuture.com/russia-nexus-uac-0113-emulating-telecommunication-providers-in-ukraine",
|
"https://www.recordedfuture.com/russia-nexus-uac-0113-emulating-telecommunication-providers-in-ukraine",
|
||||||
"https://cert.gov.ua/article/405538"
|
"https://cert.gov.ua/article/405538",
|
||||||
|
"https://cip.gov.ua/services/cm/api/attachment/download?id=60068"
|
||||||
],
|
],
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
"Quedagh",
|
"Quedagh",
|
||||||
|
@ -2828,7 +2835,8 @@
|
||||||
"Blue Echidna",
|
"Blue Echidna",
|
||||||
"FROZENBARENTS",
|
"FROZENBARENTS",
|
||||||
"UAC-0113",
|
"UAC-0113",
|
||||||
"Seashell Blizzard"
|
"Seashell Blizzard",
|
||||||
|
"UAC-0082"
|
||||||
],
|
],
|
||||||
"targeted-sector": [
|
"targeted-sector": [
|
||||||
"Electric",
|
"Electric",
|
||||||
|
@ -13402,7 +13410,12 @@
|
||||||
"country": "RU",
|
"country": "RU",
|
||||||
"refs": [
|
"refs": [
|
||||||
"https://www.mandiant.com/resources/blog/gru-rise-telegram-minions",
|
"https://www.mandiant.com/resources/blog/gru-rise-telegram-minions",
|
||||||
"https://www.mandiant.com/resources/blog/gru-disruptive-playbook"
|
"https://www.mandiant.com/resources/blog/gru-disruptive-playbook",
|
||||||
|
"https://cip.gov.ua/services/cm/api/attachment/download?id=60068"
|
||||||
|
],
|
||||||
|
"synonyms": [
|
||||||
|
"UAC-0100",
|
||||||
|
"UAC-0106"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"uuid": "566752f5-a294-4430-b47e-8e705f9887ea",
|
"uuid": "566752f5-a294-4430-b47e-8e705f9887ea",
|
||||||
|
@ -13417,7 +13430,11 @@
|
||||||
"https://www.cyfirma.com/?post_type=out-of-band&p=17397",
|
"https://www.cyfirma.com/?post_type=out-of-band&p=17397",
|
||||||
"https://www.reversinglabs.com/blog/the-week-in-security-possible-colonial-pipeline-2.0-ransomware-hurts-small-american-eateries",
|
"https://www.reversinglabs.com/blog/the-week-in-security-possible-colonial-pipeline-2.0-ransomware-hurts-small-american-eateries",
|
||||||
"https://channellife.com.au/story/the-increasing-presence-of-pro-russia-hacktivists",
|
"https://channellife.com.au/story/the-increasing-presence-of-pro-russia-hacktivists",
|
||||||
"https://socradar.io/dark-web-profile-killnet-russian-hacktivist-group/"
|
"https://socradar.io/dark-web-profile-killnet-russian-hacktivist-group/",
|
||||||
|
"https://cip.gov.ua/services/cm/api/attachment/download?id=60068"
|
||||||
|
],
|
||||||
|
"synonyms": [
|
||||||
|
"UAC-0109"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"uuid": "3689f0e2-6c39-4864-ae0b-cc03e4cb695a",
|
"uuid": "3689f0e2-6c39-4864-ae0b-cc03e4cb695a",
|
||||||
|
@ -15325,5 +15342,5 @@
|
||||||
"value": "R00tK1T"
|
"value": "R00tK1T"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 303
|
"version": 304
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue