Merge branch 'master' of https://github.com/Kafeine/misp-galaxy into Kafeine-master

This commit is contained in:
Alexandre Dulaunoy 2019-04-28 19:11:20 +02:00
commit 82a85d1651
Signed by: adulau
GPG key ID: 09E2CD4944E6CBCD
2 changed files with 51 additions and 2 deletions

View file

@ -97,7 +97,7 @@
"http://blog.trendmicro.com/trendlabs-security-intelligence/pawn-storm-ramps-up-spear-phishing-before-zero-days-get-patched/",
"https://www.welivesecurity.com/2017/12/21/sednit-update-fancy-bear-spent-year/"
],
"status": "Retired - Last seen ",
"status": "",
"synonyms": [
"Sednit RTF EK"
]
@ -120,6 +120,20 @@
"uuid": "74fb6a14-1279-4a5b-939a-76478d36d3e1",
"value": "DNSChanger"
},
{
"description": "Novidade Exploit Kit is an exploit kit targeting Routers via the browser",
"meta": {
"refs": [
"https://blog.trendmicro.com/trendlabs-security-intelligence/new-exploit-kit-novidade-found-targeting-home-and-soho-routers/"
],
"status": "Active",
"synonyms": [
"DNSGhost"
]
},
"uuid": "88acc3b7-2cdd-4e7b-ad0b-2880ffa1eb6d",
"value": "Novidade"
},
{
"description": "Disdain EK has been introduced on underground forum on 2017-08-07. The panel is stolen from Sundown, the pattern are Terror alike and the obfuscation reminds Nebula",
"meta": {
@ -201,6 +215,17 @@
"uuid": "b8be7af8-69a8-11e8-adc0-fa7ae01bbebc",
"value": "VenomKit"
},
{
"description": "Taurus Builder is a tool used to generate malicious MS Word documents that contain macros. The kit is advertised on forums by the user \"badbullzvenom\". ",
"meta": {
"refs": [
""
],
"status": "Active"
},
"uuid": "63988ca2-46c8-4bda-be46-96a8670af357",
"value": "Taurus Builder"
},
{
"description": "RIG is an exploit kit that takes its source in Infinity EK itself an evolution of Redkit. It became dominant after the fall of Angler, Nuclear Pack and the end of public access to Neutrino. RIG-v is the name given to RIG 4 when it was only accessible by \"vip\" customers and when RIG 3 was still in use.",
"meta": {
@ -220,6 +245,17 @@
},
"uuid": "0545e5c0-ed0d-4a02-a69d-31e9e2b31e8a",
"value": "RIG"
},
{
"description": "Spelevo is an exploit kit that appeared at the end of February 2019 and could be an evolution of SPL EK",
"meta": {
"refs": [
"https://twitter.com/kafeine/status/1103649040800145409"
],
"status": "Active"
},
"uuid": "c880991f-1c17-4bf2-8955-50309364e358",
"value": "Spelevo"
},
{
"description": "Sednit EK is the exploit kit used by APT28",

View file

@ -74,6 +74,19 @@
"uuid": "aa179c37-1a8a-4761-841a-cc940e19d7be",
"value": "SimpleTDS"
},
{
"description": "zTDS is an open source TDS",
"meta": {
"refs": [
"http://ztds.info/doku.php"
],
"type": [
"OpenSource"
]
},
"uuid": "7a84de25-545a-4220-b500-85b9219dd67d",
"value": "zTDS"
},
{
"description": "BossTDS",
"meta": {
@ -121,5 +134,5 @@
"value": "Orchid TDS"
}
],
"version": 3
"version": 4
}