chg: [threat-actor] add Microsoft and PwC report to actors' references

This commit is contained in:
Rony 2022-08-27 12:34:36 +00:00
parent 6ad9699a38
commit 7f526e230b

View file

@ -783,7 +783,8 @@
"https://community.rsa.com/community/products/netwitness/blog/2018/02/13/lotus-blossom-continues-asean-targeting",
"https://www.accenture.com/t20180127T003755Z_w_/us-en/_acnmedia/PDF-46/Accenture-Security-Dragonfish-Threat-Analysis.pdf",
"https://attack.mitre.org/groups/G0030/",
"https://www.secureworks.com/research/threat-profiles/bronze-elgin"
"https://www.secureworks.com/research/threat-profiles/bronze-elgin",
"https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/cyber-year-in-retrospect/yir-cyber-threats-report-download.pdf"
],
"synonyms": [
"Spring Dragon",
@ -1075,7 +1076,9 @@
"https://www.intezer.com/miragefox-apt15-resurfaces-with-new-tools-based-on-old-ones/",
"https://attack.mitre.org/groups/G0004/",
"https://www.secureworks.com/research/threat-profiles/bronze-palace",
"https://www.mandiant.com/resources/insights/apt-groups"
"https://www.mandiant.com/resources/insights/apt-groups",
"https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/cyber-year-in-retrospect/yir-cyber-threats-report-download.pdf",
"https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWMFIi"
],
"synonyms": [
"VIXEN PANDA",
@ -1089,7 +1092,8 @@
"BRONZE DAVENPORT",
"BRONZE IDLEWOOD",
"NICKEL",
"G0004"
"G0004",
"Red Vulture"
]
},
"uuid": "3501fbf2-098f-47e7-be6a-6b0ff5742ce8",
@ -1233,7 +1237,8 @@
"https://securelist.com/the-icefog-apt-a-tale-of-cloak-and-three-daggers/57331/",
"https://securelist.com/the-icefog-apt-hits-us-targets-with-java-backdoor/58209/",
"https://www.cfr.org/interactive/cyber-operations/icefog",
"https://d2538mqrb7brka.cloudfront.net/wp-content/uploads/sites/43/2018/03/20133739/icefog.pdf"
"https://d2538mqrb7brka.cloudfront.net/wp-content/uploads/sites/43/2018/03/20133739/icefog.pdf",
"https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/cyber-year-in-retrospect/yir-cyber-threats-report-download.pdf"
],
"synonyms": [
"IceFog",
@ -4541,7 +4546,8 @@
"https://www.fireeye.com/current-threats/apt-groups.html",
"https://www.fireeye.com/content/dam/fireeye-www/current-threats/pdfs/rpt-southeast-asia-threat-landscape.pdf",
"https://www.secureworks.com/research/threat-profiles/bronze-fleetwood",
"https://www.mandiant.com/resources/insights/apt-groups"
"https://www.mandiant.com/resources/insights/apt-groups",
"https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWMFIi"
],
"synonyms": [
"KEYHOLE PANDA",
@ -5546,7 +5552,8 @@
"https://www.foreignminister.gov.au/minister/marise-payne/media-release/australia-joins-international-partners-attribution-malicious-cyber-activity-china",
"https://www.mofa.go.jp/press/danwa/press6e_000312.html",
"https://www.consilium.europa.eu/en/press/press-releases/2021/07/19/declaration-by-the-high-representative-on-behalf-of-the-eu-urging-china-to-take-action-against-malicious-cyber-activities-undertaken-from-its-territory",
"https://www.mandiant.com/resources/insights/apt-groups"
"https://www.mandiant.com/resources/insights/apt-groups",
"https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWMFIi"
],
"synonyms": [
"TEMP.Periscope",
@ -5877,7 +5884,8 @@
"refs": [
"https://www.recordedfuture.com/chinese-cyberespionage-operations",
"https://go.recordedfuture.com/hubfs/reports/cta-2018-0626.pdf",
"https://go.recordedfuture.com/hubfs/reports/ta-2022-0816.pdf"
"https://go.recordedfuture.com/hubfs/reports/ta-2022-0816.pdf",
"https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/cyber-year-in-retrospect/yir-cyber-threats-report-download.pdf"
],
"synonyms": [
"DeepCliff",
@ -6925,7 +6933,9 @@
"https://www.consilium.europa.eu/en/press/press-releases/2021/07/19/declaration-by-the-high-representative-on-behalf-of-the-eu-urging-china-to-take-action-against-malicious-cyber-activities-undertaken-from-its-territory/",
"https://www.cert.ssi.gouv.fr/ioc/CERTFR-2021-IOC-003",
"https://twitter.com/bkMSFT/status/1417823714922610689",
"https://www.mandiant.com/resources/insights/apt-groups"
"https://www.mandiant.com/resources/insights/apt-groups",
"https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/cyber-year-in-retrospect/yir-cyber-threats-report-download.pdf",
"https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWMFIi"
],
"synonyms": [
"ZIRCONIUM",
@ -6980,7 +6990,8 @@
"https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2020CrowdStrikeGlobalThreatReport.pdf",
"https://www.slideshare.net/codeblue_jp/cb19-cyber-threat-landscape-in-japan-revealing-threat-in-the-shadow-by-chi-en-shen-ashley-oleg-bondarenko",
"https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/palmerworm-blacktech-espionage-apt",
"https://unit42.paloaltonetworks.com/atoms/mangataurus/"
"https://unit42.paloaltonetworks.com/atoms/mangataurus/",
"https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/cyber-year-in-retrospect/yir-cyber-threats-report-download.pdf"
],
"synonyms": [
"CIRCUIT PANDA",
@ -7432,7 +7443,8 @@
"https://www.mandiant.com/resources/report-apt41-double-dragon-a-dual-espionage-and-cyber-crime-operation",
"https://www.cfr.org/cyber-operations/apt-41",
"https://attack.mitre.org/groups/G0096",
"https://www.uscc.gov/sites/default/files/2022-02/Adam_Kozy_Testimony.pdf"
"https://www.uscc.gov/sites/default/files/2022-02/Adam_Kozy_Testimony.pdf",
"https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/cyber-year-in-retrospect/yir-cyber-threats-report-download.pdf"
],
"synonyms": [
"Double Dragon",
@ -8216,7 +8228,8 @@
"https://www.thedailybeast.com/how-chinas-devastating-microsoft-hack-puts-us-all-at-risk",
"https://www.rnz.co.nz/news/political/447239/government-points-finger-at-china-over-cyber-attacks",
"https://www.gov.uk/government/news/uk-and-allies-hold-chinese-state-responsible-for-a-pervasive-pattern-of-hacking",
"https://www.foreignminister.gov.au/minister/marise-payne/media-release/australia-joins-international-partners-attribution-malicious-cyber-activity-china"
"https://www.foreignminister.gov.au/minister/marise-payne/media-release/australia-joins-international-partners-attribution-malicious-cyber-activity-china",
"https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWMFIi"
],
"synonyms": [
"ATK233",