mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 16:57:18 +00:00
chg: [threat-actor] added references, origin country, aliases to Sea Turtle
This commit is contained in:
parent
7f5bf07a63
commit
9b9ce4777a
1 changed files with 22 additions and 1 deletions
|
@ -7274,8 +7274,29 @@
|
||||||
{
|
{
|
||||||
"description": "This blog post discusses the technical details of a state-sponsored attack manipulating DNS systems. While this incident is limited to targeting primarily national security organizations in the Middle East and North Africa, and we do not want to overstate the consequences of this specific campaign, we are concerned that the success of this operation will lead to actors more broadly attacking the global DNS system. DNS is a foundational technology supporting the Internet. Manipulating that system has the potential to undermine the trust users have on the internet. That trust and the stability of the DNS system as a whole drives the global economy. Responsible nations should avoid targeting this system, work together to establish an accepted global norm that this system and the organizations that control it are off-limits, and cooperate in pursuing those actors who act irresponsibly by targeting this system.",
|
"description": "This blog post discusses the technical details of a state-sponsored attack manipulating DNS systems. While this incident is limited to targeting primarily national security organizations in the Middle East and North Africa, and we do not want to overstate the consequences of this specific campaign, we are concerned that the success of this operation will lead to actors more broadly attacking the global DNS system. DNS is a foundational technology supporting the Internet. Manipulating that system has the potential to undermine the trust users have on the internet. That trust and the stability of the DNS system as a whole drives the global economy. Responsible nations should avoid targeting this system, work together to establish an accepted global norm that this system and the organizations that control it are off-limits, and cooperate in pursuing those actors who act irresponsibly by targeting this system.",
|
||||||
"meta": {
|
"meta": {
|
||||||
|
"country": "TR",
|
||||||
"refs": [
|
"refs": [
|
||||||
"https://blog.talosintelligence.com/2019/04/seaturtle.html"
|
"https://blog.talosintelligence.com/2019/04/seaturtle.html",
|
||||||
|
"https://blog.talosintelligence.com/sea-turtle-keeps-on-swimming",
|
||||||
|
"https://www.reuters.com/article/us-cyber-attack-hijack-exclusive/exclusive-hackers-acting-in-turkeys-interests-believed-to-be-behind-recent-cyberattacks-sources-idUSKBN1ZQ10X",
|
||||||
|
"https://icann.zoom.us/recording/play/AhQB4AQyjCuEJGz2wQQans0Xqkz3su8swGLQoORJhdECw9ttz0TbuyzBlue85gIY",
|
||||||
|
"https://community.icann.org/download/attachments/109483867/Cybersecurity%20and%20the%20ICANN%20Ecosystem.pdf",
|
||||||
|
"https://www.pwc.co.uk/cyber-security/assets/cyber-threats-2019-retrospect.pdf",
|
||||||
|
"https://www.pwc.co.uk/cyber-security/pdf/pwc-cyber-threats-2020-a-year-in-retrospect.pdf",
|
||||||
|
"https://www.domaintools.com/resources/blog/finding-additional-indicators-with-passive-dns-within-domaintools-iris",
|
||||||
|
"https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2022GTR.pdf",
|
||||||
|
"https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWMFIi?id=101738",
|
||||||
|
"https://threatintel.eu/2020/02/25/on-sea-turtle-campaign-targeting-greek-governmental-organisations-timeline",
|
||||||
|
"https://www.mandiant.com/resources/blog/global-dns-hijacking-campaign-dns-record-manipulation-at-scale",
|
||||||
|
"https://www.virusbulletin.com/uploads/pdf/magazine/2019/VB2019-Mercer-Rascagneres.pdf",
|
||||||
|
"https://www.youtube.com/watch?v=ws1k44ZhJ3g"
|
||||||
|
],
|
||||||
|
"synonyms": [
|
||||||
|
"COSMIC WOLF",
|
||||||
|
"Marbled Dust",
|
||||||
|
"SILICON",
|
||||||
|
"Teal Kurma",
|
||||||
|
"UNC1326"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"related": [
|
"related": [
|
||||||
|
|
Loading…
Reference in a new issue