mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-22 23:07:19 +00:00
[threat-actors] jq
This commit is contained in:
parent
9c502d0d1f
commit
9d6315346e
1 changed files with 4 additions and 4 deletions
|
@ -12126,12 +12126,12 @@
|
|||
"Genesis Day",
|
||||
"Teng Snake"
|
||||
],
|
||||
"country": "CN",
|
||||
"refs": [
|
||||
"https://www.recordedfuture.com/xiaoqiying-genesis-day-threat-actor-group-targets-south-korea-taiwan",
|
||||
"https://medium.com/s2wblog/%E5%8F%98%E8%84%B8-teng-snake-a-k-a-code-core-8c35268b4d1a",
|
||||
"https://therecord.media/samsung-investigating-claims-of-hack-on-south-korea-systems-internal-employee-platform/"
|
||||
],
|
||||
"country": "CN"
|
||||
]
|
||||
},
|
||||
"uuid": "0ee7be4f-389f-4083-a1e4-4c39dc1ae105",
|
||||
"value": "Xiaoqiying"
|
||||
|
@ -12157,13 +12157,13 @@
|
|||
{
|
||||
"description": "UNC3886 is an advanced cyber espionage group with unique capabilities in how they operate on-network as well as the tools they utilize in their campaigns. UNC3886 has been observed targeting firewall and virtualization technologies which lack EDR support. Their ability to manipulate firewall firmware and exploit a zero-day indicates they have curated a deeper-level of understanding of such technologies. UNC3886 has modified publicly available malware, specifically targeting *nix operating systems.",
|
||||
"meta": {
|
||||
"country": "CN",
|
||||
"refs": [
|
||||
"https://www.mandiant.com/resources/blog/fortinet-malware-ecosystem",
|
||||
"https://www.mandiant.com/resources/blog/esxi-hypervisors-malware-persistence",
|
||||
"https://www.mandiant.com/resources/blog/vmware-esxi-zero-day-bypass",
|
||||
"https://www.mandiant.com/resources/blog/vmware-detection-containment-hardening"
|
||||
],
|
||||
"country": "CN"
|
||||
]
|
||||
},
|
||||
"uuid": "8c08dbe7-3ed0-4d7d-b315-22d8774a5bd9",
|
||||
"value": "UNC3886"
|
||||
|
|
Loading…
Reference in a new issue