Merge pull request #38 from chrisdoman/master

Added references
This commit is contained in:
Alexandre Dulaunoy 2017-03-01 14:54:35 +01:00 committed by GitHub
commit 876ae24454

View file

@ -170,7 +170,7 @@
"https://blogs.technet.microsoft.com/mmpc/2016/06/09/reverse-engineering-dubnium-2" "https://blogs.technet.microsoft.com/mmpc/2016/06/09/reverse-engineering-dubnium-2"
] ]
}, },
"value": "darkhotel" "value": "DarkHotel"
}, },
{ {
"meta": { "meta": {
@ -470,7 +470,10 @@
"PittyTiger", "PittyTiger",
"MANGANESE" "MANGANESE"
], ],
"country": "CN" "country": "CN",
"refs": [
"http://blog.airbuscybersecurity.com/post/2014/07/The-Eye-of-the-Tiger2"
]
}, },
"value": "Pitty Panda", "value": "Pitty Panda",
"description": "The Pitty Tiger group has been active since at least 2011. They have been seen using HeartBleed vulnerability in order to directly get valid credentials" "description": "The Pitty Tiger group has been active since at least 2011. They have been seen using HeartBleed vulnerability in order to directly get valid credentials"
@ -545,6 +548,9 @@
{ {
"meta": { "meta": {
"country": "CN", "country": "CN",
"refs": [
"http://researchcenter.paloaltonetworks.com/2014/09/recent-watering-hole-attacks-attributed-apt-group-th3bug-using-poison-ivy/"
],
"synonyms": [ "synonyms": [
"APT20", "APT20",
"APT 20", "APT 20",
@ -583,6 +589,9 @@
{ {
"meta": { "meta": {
"country": "CN", "country": "CN",
"refs": [
"https://community.rapid7.com/community/infosec/blog/2013/06/07/keyboy-targeted-attacks-against-vietnam-and-india"
],
"synonyms": [ "synonyms": [
"APT23", "APT23",
"KeyBoy" "KeyBoy"
@ -599,6 +608,9 @@
"AjaxSecurityTeam", "AjaxSecurityTeam",
"Ajax Security Team", "Ajax Security Team",
"Group 26" "Group 26"
],
"refs": [
"https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/rpt-operation-saffron-rose.pdf"
] ]
}, },
"value": "Flying Kitten", "value": "Flying Kitten",
@ -628,6 +640,9 @@
"Parastoo", "Parastoo",
"Group 83", "Group 83",
"Newsbeef" "Newsbeef"
],
"refs": [
"https://en.wikipedia.org/wiki/Operation_Newscaster"
] ]
}, },
"value": "Charming Kitten", "value": "Charming Kitten",
@ -831,6 +846,9 @@
"Carbon Spider" "Carbon Spider"
], ],
"country": "RU", "country": "RU",
"refs": [
"https://en.wikipedia.org/wiki/Carbanak"
],
"motive": "Cybercrime" "motive": "Cybercrime"
}, },
"description": "Groups targeting financial organizations or people with significant financial assets.", "description": "Groups targeting financial organizations or people with significant financial assets.",
@ -931,7 +949,10 @@
"Appin", "Appin",
"OperationHangover" "OperationHangover"
], ],
"country": "IN" "country": "IN",
"refs": [
"http://enterprise-manage.norman.c.bitbit.net/resources/files/Unveiling_an_Indian_Cyberattack_Infrastructure.pdf"
]
}, },
"value": "Viceroy Tiger" "value": "Viceroy Tiger"
}, },
@ -958,6 +979,9 @@
"value": "SNOWGLOBE", "value": "SNOWGLOBE",
"meta": { "meta": {
"country": "FR", "country": "FR",
"refs": [
"https://securelist.com/blog/research/69114/animals-in-the-apt-farm/"
],
"synonyms": [ "synonyms": [
"Animal Farm" "Animal Farm"
] ]
@ -1398,5 +1422,5 @@
], ],
"description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign.", "description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign.",
"uuid": "7cdff317-a673-4474-84ec-4f1754947823", "uuid": "7cdff317-a673-4474-84ec-4f1754947823",
"version": 16 "version": 17
} }