mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-22 23:07:19 +00:00
commit
7e25c9ef1f
1 changed files with 35 additions and 7 deletions
|
@ -669,19 +669,14 @@
|
|||
"refs": [
|
||||
"https://securelist.com/analysis/publications/69953/the-naikon-apt/",
|
||||
"https://www.fireeye.com/blog/threat-research/2014/03/spear-phishing-the-news-cycle-apt-actors-leverage-interest-in-the-disappearance-of-malaysian-flight-mh-370.html",
|
||||
"https://www.cfr.org/interactive/cyber-operations/apt-30",
|
||||
"https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2018/03/07205555/TheNaikonAPT-MsnMM1.pdf",
|
||||
"https://usa.kaspersky.com/resource-center/threats/naikon-targeted-attacks",
|
||||
"https://blog.trendmicro.com/trendlabs-security-intelligence/bkdr_rarstone-new-rat-to-watch-out-for/",
|
||||
"https://web.archive.org/web/20210925164035/https://blog.trendmicro.com/trendlabs-security-intelligence/bkdr_rarstone-new-rat-to-watch-out-for/",
|
||||
"https://threatconnect.com/blog/tag/naikon/",
|
||||
"https://attack.mitre.org/groups/G0019/",
|
||||
"https://www.secureworks.com/research/threat-profiles/bronze-geneva",
|
||||
"https://cyware.com/news/chinese-naikon-group-back-with-new-espionage-attack-66a8413d",
|
||||
"https://cluster25.io/2022/04/29/lotus-panda-awake-last-strike/",
|
||||
"https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/eagle-eye-is-back-apt30/",
|
||||
"https://www2.fireeye.com/rs/fireye/images/rpt-apt30.pdf",
|
||||
"https://attack.mitre.org/wiki/Group/G0013",
|
||||
"https://www.mandiant.com/sites/default/files/2021-09/rpt-apt30.pdf",
|
||||
"https://www.mandiant.com/resources/insights/apt-groups",
|
||||
"https://www.fireeye.com/content/dam/fireeye-www/summit/cds-2019/presentations/cds19-executive-s08-achievement-unlocked.pdf"
|
||||
],
|
||||
|
@ -720,6 +715,38 @@
|
|||
}
|
||||
],
|
||||
"uuid": "2f1fd017-9df6-4759-91fb-e7039609b5ff",
|
||||
"value": "Naikon"
|
||||
},
|
||||
{
|
||||
"description": "APT30 is a threat group suspected to be associated with the Chinese government. While Naikon shares some characteristics with APT30, the two groups do not appear to be exact matches",
|
||||
"meta": {
|
||||
"attribution-confidence": "50",
|
||||
"cfr-suspected-state-sponsor": "China",
|
||||
"cfr-suspected-victims": [
|
||||
"United States",
|
||||
"South Korea",
|
||||
"Saudi Arabia",
|
||||
"Thailand",
|
||||
"Vietnam",
|
||||
"Malaysia",
|
||||
"India"
|
||||
],
|
||||
"cfr-target-category": [
|
||||
"Government"
|
||||
],
|
||||
"cfr-type-of-incident": "Espionage",
|
||||
"country": "CN",
|
||||
"refs": [
|
||||
"https://attack.mitre.org/wiki/Group/G0013",
|
||||
"https://www2.fireeye.com/rs/fireye/images/rpt-apt30.pdf",
|
||||
"https://www.mandiant.com/resources/insights/apt-groups"
|
||||
],
|
||||
"synonyms": [
|
||||
"G0013"
|
||||
]
|
||||
},
|
||||
"related": [],
|
||||
"uuid": "d3881afe-f781-4c53-9f68-33487a119a59",
|
||||
"value": "APT30"
|
||||
},
|
||||
{
|
||||
|
@ -8804,7 +8831,8 @@
|
|||
"https://blog.malwarebytes.com/threat-intelligence/2021/12/sidecopy-apt-connecting-lures-to-victims-payloads-to-infrastructure/",
|
||||
"https://www.telsy.com/sidecopy-apt-from-windows-to-nix/",
|
||||
"https://blog.talosintelligence.com/2021/07/sidecopy.html",
|
||||
"https://about.fb.com/news/2021/11/taking-action-against-hackers-in-pakistan-and-syria/"
|
||||
"https://about.fb.com/news/2021/11/taking-action-against-hackers-in-pakistan-and-syria/",
|
||||
"https://sebdraven.medium.com/copy-cat-of-apt-sidewinder-1893059ca68d"
|
||||
]
|
||||
},
|
||||
"uuid": "f6d02ac3-3447-4892-b844-1ef31839e04f",
|
||||
|
|
Loading…
Reference in a new issue