Merge pull request #38 from chrisdoman/master

Added references
This commit is contained in:
Alexandre Dulaunoy 2017-03-01 14:54:35 +01:00 committed by GitHub
commit 876ae24454

View file

@ -170,7 +170,7 @@
"https://blogs.technet.microsoft.com/mmpc/2016/06/09/reverse-engineering-dubnium-2"
]
},
"value": "darkhotel"
"value": "DarkHotel"
},
{
"meta": {
@ -470,7 +470,10 @@
"PittyTiger",
"MANGANESE"
],
"country": "CN"
"country": "CN",
"refs": [
"http://blog.airbuscybersecurity.com/post/2014/07/The-Eye-of-the-Tiger2"
]
},
"value": "Pitty Panda",
"description": "The Pitty Tiger group has been active since at least 2011. They have been seen using HeartBleed vulnerability in order to directly get valid credentials"
@ -545,6 +548,9 @@
{
"meta": {
"country": "CN",
"refs": [
"http://researchcenter.paloaltonetworks.com/2014/09/recent-watering-hole-attacks-attributed-apt-group-th3bug-using-poison-ivy/"
],
"synonyms": [
"APT20",
"APT 20",
@ -583,6 +589,9 @@
{
"meta": {
"country": "CN",
"refs": [
"https://community.rapid7.com/community/infosec/blog/2013/06/07/keyboy-targeted-attacks-against-vietnam-and-india"
],
"synonyms": [
"APT23",
"KeyBoy"
@ -599,6 +608,9 @@
"AjaxSecurityTeam",
"Ajax Security Team",
"Group 26"
],
"refs": [
"https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/rpt-operation-saffron-rose.pdf"
]
},
"value": "Flying Kitten",
@ -628,6 +640,9 @@
"Parastoo",
"Group 83",
"Newsbeef"
],
"refs": [
"https://en.wikipedia.org/wiki/Operation_Newscaster"
]
},
"value": "Charming Kitten",
@ -831,6 +846,9 @@
"Carbon Spider"
],
"country": "RU",
"refs": [
"https://en.wikipedia.org/wiki/Carbanak"
],
"motive": "Cybercrime"
},
"description": "Groups targeting financial organizations or people with significant financial assets.",
@ -931,7 +949,10 @@
"Appin",
"OperationHangover"
],
"country": "IN"
"country": "IN",
"refs": [
"http://enterprise-manage.norman.c.bitbit.net/resources/files/Unveiling_an_Indian_Cyberattack_Infrastructure.pdf"
]
},
"value": "Viceroy Tiger"
},
@ -958,6 +979,9 @@
"value": "SNOWGLOBE",
"meta": {
"country": "FR",
"refs": [
"https://securelist.com/blog/research/69114/animals-in-the-apt-farm/"
],
"synonyms": [
"Animal Farm"
]
@ -1135,12 +1159,12 @@
"https://attack.mitre.org/wiki/Group/G0013"
],
"synonyms": [
"APT 30"
"APT30"
],
"country": "CN"
},
"value": "APT30",
"description": "APT30 is a threat group suspected to be associated with the Chinese government. While Naikon shares some characteristics with APT30, the two groups do not appear to be exact matches."
"value": "APT 30",
"description": "APT 30 is a threat group suspected to be associated with the Chinese government. While Naikon shares some characteristics with APT30, the two groups do not appear to be exact matches."
},
{
"meta": {
@ -1398,5 +1422,5 @@
],
"description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign.",
"uuid": "7cdff317-a673-4474-84ec-4f1754947823",
"version": 16
"version": 17
}