mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-23 07:17:17 +00:00
commit
876ae24454
1 changed files with 32 additions and 8 deletions
|
@ -170,7 +170,7 @@
|
|||
"https://blogs.technet.microsoft.com/mmpc/2016/06/09/reverse-engineering-dubnium-2"
|
||||
]
|
||||
},
|
||||
"value": "darkhotel"
|
||||
"value": "DarkHotel"
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
|
@ -470,7 +470,10 @@
|
|||
"PittyTiger",
|
||||
"MANGANESE"
|
||||
],
|
||||
"country": "CN"
|
||||
"country": "CN",
|
||||
"refs": [
|
||||
"http://blog.airbuscybersecurity.com/post/2014/07/The-Eye-of-the-Tiger2"
|
||||
]
|
||||
},
|
||||
"value": "Pitty Panda",
|
||||
"description": "The Pitty Tiger group has been active since at least 2011. They have been seen using HeartBleed vulnerability in order to directly get valid credentials"
|
||||
|
@ -545,6 +548,9 @@
|
|||
{
|
||||
"meta": {
|
||||
"country": "CN",
|
||||
"refs": [
|
||||
"http://researchcenter.paloaltonetworks.com/2014/09/recent-watering-hole-attacks-attributed-apt-group-th3bug-using-poison-ivy/"
|
||||
],
|
||||
"synonyms": [
|
||||
"APT20",
|
||||
"APT 20",
|
||||
|
@ -583,6 +589,9 @@
|
|||
{
|
||||
"meta": {
|
||||
"country": "CN",
|
||||
"refs": [
|
||||
"https://community.rapid7.com/community/infosec/blog/2013/06/07/keyboy-targeted-attacks-against-vietnam-and-india"
|
||||
],
|
||||
"synonyms": [
|
||||
"APT23",
|
||||
"KeyBoy"
|
||||
|
@ -599,6 +608,9 @@
|
|||
"AjaxSecurityTeam",
|
||||
"Ajax Security Team",
|
||||
"Group 26"
|
||||
],
|
||||
"refs": [
|
||||
"https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/rpt-operation-saffron-rose.pdf"
|
||||
]
|
||||
},
|
||||
"value": "Flying Kitten",
|
||||
|
@ -628,6 +640,9 @@
|
|||
"Parastoo",
|
||||
"Group 83",
|
||||
"Newsbeef"
|
||||
],
|
||||
"refs": [
|
||||
"https://en.wikipedia.org/wiki/Operation_Newscaster"
|
||||
]
|
||||
},
|
||||
"value": "Charming Kitten",
|
||||
|
@ -831,6 +846,9 @@
|
|||
"Carbon Spider"
|
||||
],
|
||||
"country": "RU",
|
||||
"refs": [
|
||||
"https://en.wikipedia.org/wiki/Carbanak"
|
||||
],
|
||||
"motive": "Cybercrime"
|
||||
},
|
||||
"description": "Groups targeting financial organizations or people with significant financial assets.",
|
||||
|
@ -931,7 +949,10 @@
|
|||
"Appin",
|
||||
"OperationHangover"
|
||||
],
|
||||
"country": "IN"
|
||||
"country": "IN",
|
||||
"refs": [
|
||||
"http://enterprise-manage.norman.c.bitbit.net/resources/files/Unveiling_an_Indian_Cyberattack_Infrastructure.pdf"
|
||||
]
|
||||
},
|
||||
"value": "Viceroy Tiger"
|
||||
},
|
||||
|
@ -958,6 +979,9 @@
|
|||
"value": "SNOWGLOBE",
|
||||
"meta": {
|
||||
"country": "FR",
|
||||
"refs": [
|
||||
"https://securelist.com/blog/research/69114/animals-in-the-apt-farm/"
|
||||
],
|
||||
"synonyms": [
|
||||
"Animal Farm"
|
||||
]
|
||||
|
@ -1135,12 +1159,12 @@
|
|||
"https://attack.mitre.org/wiki/Group/G0013"
|
||||
],
|
||||
"synonyms": [
|
||||
"APT 30"
|
||||
"APT30"
|
||||
],
|
||||
"country": "CN"
|
||||
},
|
||||
"value": "APT30",
|
||||
"description": "APT30 is a threat group suspected to be associated with the Chinese government. While Naikon shares some characteristics with APT30, the two groups do not appear to be exact matches."
|
||||
"value": "APT 30",
|
||||
"description": "APT 30 is a threat group suspected to be associated with the Chinese government. While Naikon shares some characteristics with APT30, the two groups do not appear to be exact matches."
|
||||
},
|
||||
{
|
||||
"meta": {
|
||||
|
@ -1398,5 +1422,5 @@
|
|||
],
|
||||
"description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign.",
|
||||
"uuid": "7cdff317-a673-4474-84ec-4f1754947823",
|
||||
"version": 16
|
||||
"version": 17
|
||||
}
|
Loading…
Reference in a new issue