mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-27 01:07:18 +00:00
Adding GALLIUM Threat Actor
This commit is contained in:
parent
01b03ca5b0
commit
9365bfb7cd
1 changed files with 23 additions and 17 deletions
|
@ -1158,13 +1158,6 @@
|
||||||
"estimative-language:likelihood-probability=\"likely\""
|
"estimative-language:likelihood-probability=\"likely\""
|
||||||
],
|
],
|
||||||
"type": "similar"
|
"type": "similar"
|
||||||
},
|
|
||||||
{
|
|
||||||
"dest-uuid": "8dda51ef-9a30-48f7-b0fd-5b6f0a62262d",
|
|
||||||
"tags": [
|
|
||||||
"estimative-language:likelihood-probability=\"likely\""
|
|
||||||
],
|
|
||||||
"type": "suspected-link"
|
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"uuid": "56b37b05-72e7-4a89-ba8a-61ce45269a8c",
|
"uuid": "56b37b05-72e7-4a89-ba8a-61ce45269a8c",
|
||||||
|
@ -7916,16 +7909,9 @@
|
||||||
},
|
},
|
||||||
"related": [
|
"related": [
|
||||||
{
|
{
|
||||||
"dest-uuid": "56b37b05-72e7-4a89-ba8a-61ce45269a8c",
|
"dest-uuid": "e400b6c5-77cf-453d-ba0f-44575583ac6c",
|
||||||
"tags": [
|
"tags": [
|
||||||
"estimative-language:likelihood-probability=\"likely\""
|
"estimative-language:likelihood-probability=\"almost-certain\""
|
||||||
],
|
|
||||||
"type": "suspected-link"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"dest-uuid": "6085aad0-1d95-11ea-a140-078d42aced40",
|
|
||||||
"tags": [
|
|
||||||
"estimative-language:likelihood-probability=\"likely\""
|
|
||||||
],
|
],
|
||||||
"type": "similar"
|
"type": "similar"
|
||||||
}
|
}
|
||||||
|
@ -8340,7 +8326,27 @@
|
||||||
},
|
},
|
||||||
"uuid": "d1c25b0e-e4c5-4b7c-b790-2e185cb2f07e",
|
"uuid": "d1c25b0e-e4c5-4b7c-b790-2e185cb2f07e",
|
||||||
"value": "COBALT KATANA"
|
"value": "COBALT KATANA"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "GALLIUM, is a threat actor believed to be targeting telecommunication providers over the world, mostly South-East Asia, Europe and Africa. To compromise targeted networks, GALLIUM target unpatched internet-facing services using publicly available exploits and have been known to target vulnerabilities in WildFly/JBoss.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://www.microsoft.com/security/blog/2019/12/12/gallium-targeting-global-telecom/",
|
||||||
|
"https://www.youtube.com/watch?v=fBFm2fiEPTg"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"related": [
|
||||||
|
{
|
||||||
|
"dest-uuid": "8dda51ef-9a30-48f7-b0fd-5b6f0a62262d",
|
||||||
|
"tags": [
|
||||||
|
"estimative-language:likelihood-probability=\"almost-certain\""
|
||||||
|
],
|
||||||
|
"type":"similar"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 163
|
"uuid": "e400b6c5-77cf-453d-ba0f-44575583ac6c",
|
||||||
|
"value": "GALLIUM"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"version": 164
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue