mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 16:57:18 +00:00
[threat-actors] Add LYCEUM aliases
This commit is contained in:
parent
6f61a3fc3e
commit
83f874da2c
1 changed files with 4 additions and 1 deletions
|
@ -8426,7 +8426,9 @@
|
|||
"value": "TA428"
|
||||
},
|
||||
{
|
||||
"description": "Lyceum is an Iranian APT group that has been active since at least 2014. They primarily target Middle Eastern governments and organizations in the energy and telecommunications sectors. Lyceum is known for using cyber espionage techniques and has been linked to other Iranian threat groups such as APT34. They have developed and deployed malware families like Shark and Milan, and have been observed using DNS tunneling and HTTPfor command and control communication.",
|
||||
"meta": {
|
||||
"country": "IR",
|
||||
"refs": [
|
||||
"https://www.secureworks.com/blog/lyceum-takes-center-stage-in-middle-east-campaign",
|
||||
"https://www.secureworks.com/research/threat-profiles/cobalt-lyceum",
|
||||
|
@ -8438,7 +8440,8 @@
|
|||
"COBALT LYCEUM",
|
||||
"HEXANE",
|
||||
"Spirlin",
|
||||
"siamesekitten"
|
||||
"siamesekitten",
|
||||
"Storm-0133"
|
||||
]
|
||||
},
|
||||
"uuid": "e1b95185-8db6-4f3c-9ffd-1749087d934a",
|
||||
|
|
Loading…
Reference in a new issue