mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-30 02:37:17 +00:00
[threat-actors] Add ShroudedSnooper
This commit is contained in:
parent
2111f50968
commit
798cebc970
1 changed files with 11 additions and 0 deletions
|
@ -12610,6 +12610,17 @@
|
||||||
},
|
},
|
||||||
"uuid": "391573c5-9c21-4984-b6b8-97d42623d6cc",
|
"uuid": "391573c5-9c21-4984-b6b8-97d42623d6cc",
|
||||||
"value": "1937CN"
|
"value": "1937CN"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "In September 2023, Cisco Talos identified a new malware family that it calls ‘HTTPSnoop’ being deployed against telecommunications providers in the Middle East. They also discovered a sister implant to 'HTTPSnoop,’ that they are naming ‘PipeSnoop,’ which can accept arbitrary shellcode from a named pipe and execute it on the infected endpoint. Based on these findings, the researchers assess with high confidence that both implants belong to a new intrusion set that it named ‘ShroudedSnooper.’",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://blog.talosintelligence.com/introducing-shrouded-snooper/",
|
||||||
|
"https://www.sentinelone.com/labs/the-israel-hamas-war-cyber-domain-state-sponsored-activity-of-interest/"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "3437c5a5-4c42-4665-99df-b17bc57a7ba6",
|
||||||
|
"value": "ShroudedSnooper"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 292
|
"version": 292
|
||||||
|
|
Loading…
Reference in a new issue