mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 16:57:18 +00:00
[threat-actors] Add Carderbee
This commit is contained in:
parent
1343cdb35a
commit
84fda6ef72
1 changed files with 12 additions and 0 deletions
|
@ -12345,6 +12345,18 @@
|
||||||
},
|
},
|
||||||
"uuid": "f939b51d-32f9-41d9-8549-f00b2db104c7",
|
"uuid": "f939b51d-32f9-41d9-8549-f00b2db104c7",
|
||||||
"value": "RansomVC"
|
"value": "RansomVC"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Symantec recently reported on activity attributed to a threat actor group dubbed Carderbee. In the campaign, the threat actors target entities in Hong Kong and other regions of Asia via a supply chain attack leveraging the legitimate Cobra DocGuard software. The activity began as early as September 2022.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://blog.eclecticiq.com/chinese-state-sponsored-cyber-espionage-activity-targeting-semiconductor-industry-in-east-asia",
|
||||||
|
"https://blog.polyswarm.io/carderbee-targets-hong-kong-in-supply-chain-attack",
|
||||||
|
"https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/carderbee-software-supply-chain-certificate-abuse"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "ce793b99-0cf2-4148-831c-ea5f6a9e0a76",
|
||||||
|
"value": "Carderbee"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 289
|
"version": 289
|
||||||
|
|
Loading…
Reference in a new issue