chg: [threat-actor] added references, origin country, aliases to Sea Turtle

This commit is contained in:
Rony 2023-07-28 11:04:11 +00:00
parent 7f5bf07a63
commit 9b9ce4777a

View file

@ -7274,8 +7274,29 @@
{ {
"description": "This blog post discusses the technical details of a state-sponsored attack manipulating DNS systems. While this incident is limited to targeting primarily national security organizations in the Middle East and North Africa, and we do not want to overstate the consequences of this specific campaign, we are concerned that the success of this operation will lead to actors more broadly attacking the global DNS system. DNS is a foundational technology supporting the Internet. Manipulating that system has the potential to undermine the trust users have on the internet. That trust and the stability of the DNS system as a whole drives the global economy. Responsible nations should avoid targeting this system, work together to establish an accepted global norm that this system and the organizations that control it are off-limits, and cooperate in pursuing those actors who act irresponsibly by targeting this system.", "description": "This blog post discusses the technical details of a state-sponsored attack manipulating DNS systems. While this incident is limited to targeting primarily national security organizations in the Middle East and North Africa, and we do not want to overstate the consequences of this specific campaign, we are concerned that the success of this operation will lead to actors more broadly attacking the global DNS system. DNS is a foundational technology supporting the Internet. Manipulating that system has the potential to undermine the trust users have on the internet. That trust and the stability of the DNS system as a whole drives the global economy. Responsible nations should avoid targeting this system, work together to establish an accepted global norm that this system and the organizations that control it are off-limits, and cooperate in pursuing those actors who act irresponsibly by targeting this system.",
"meta": { "meta": {
"country": "TR",
"refs": [ "refs": [
"https://blog.talosintelligence.com/2019/04/seaturtle.html" "https://blog.talosintelligence.com/2019/04/seaturtle.html",
"https://blog.talosintelligence.com/sea-turtle-keeps-on-swimming",
"https://www.reuters.com/article/us-cyber-attack-hijack-exclusive/exclusive-hackers-acting-in-turkeys-interests-believed-to-be-behind-recent-cyberattacks-sources-idUSKBN1ZQ10X",
"https://icann.zoom.us/recording/play/AhQB4AQyjCuEJGz2wQQans0Xqkz3su8swGLQoORJhdECw9ttz0TbuyzBlue85gIY",
"https://community.icann.org/download/attachments/109483867/Cybersecurity%20and%20the%20ICANN%20Ecosystem.pdf",
"https://www.pwc.co.uk/cyber-security/assets/cyber-threats-2019-retrospect.pdf",
"https://www.pwc.co.uk/cyber-security/pdf/pwc-cyber-threats-2020-a-year-in-retrospect.pdf",
"https://www.domaintools.com/resources/blog/finding-additional-indicators-with-passive-dns-within-domaintools-iris",
"https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2022GTR.pdf",
"https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWMFIi?id=101738",
"https://threatintel.eu/2020/02/25/on-sea-turtle-campaign-targeting-greek-governmental-organisations-timeline",
"https://www.mandiant.com/resources/blog/global-dns-hijacking-campaign-dns-record-manipulation-at-scale",
"https://www.virusbulletin.com/uploads/pdf/magazine/2019/VB2019-Mercer-Rascagneres.pdf",
"https://www.youtube.com/watch?v=ws1k44ZhJ3g"
],
"synonyms": [
"COSMIC WOLF",
"Marbled Dust",
"SILICON",
"Teal Kurma",
"UNC1326"
] ]
}, },
"related": [ "related": [