mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 08:47:18 +00:00
Merge APT30 and Naikon
This commit is contained in:
parent
5e4a4c3453
commit
a046e8094d
3 changed files with 8 additions and 109 deletions
|
@ -1215,13 +1215,6 @@
|
||||||
],
|
],
|
||||||
"type": "similar"
|
"type": "similar"
|
||||||
},
|
},
|
||||||
{
|
|
||||||
"dest-uuid": "f26144c5-8593-4e78-831a-11f6452d809b",
|
|
||||||
"tags": [
|
|
||||||
"estimative-language:likelihood-probability=\"likely\""
|
|
||||||
],
|
|
||||||
"type": "similar"
|
|
||||||
},
|
|
||||||
{
|
{
|
||||||
"dest-uuid": "f047ee18-7985-4946-8bfb-4ed754d3a0dd",
|
"dest-uuid": "f047ee18-7985-4946-8bfb-4ed754d3a0dd",
|
||||||
"tags": [
|
"tags": [
|
||||||
|
@ -1414,13 +1407,6 @@
|
||||||
],
|
],
|
||||||
"type": "similar"
|
"type": "similar"
|
||||||
},
|
},
|
||||||
{
|
|
||||||
"dest-uuid": "f26144c5-8593-4e78-831a-11f6452d809b",
|
|
||||||
"tags": [
|
|
||||||
"estimative-language:likelihood-probability=\"likely\""
|
|
||||||
],
|
|
||||||
"type": "similar"
|
|
||||||
},
|
|
||||||
{
|
{
|
||||||
"dest-uuid": "fb261c56-b80e-43a9-8351-c84081e7213d",
|
"dest-uuid": "fb261c56-b80e-43a9-8351-c84081e7213d",
|
||||||
"tags": [
|
"tags": [
|
||||||
|
|
|
@ -9232,13 +9232,6 @@
|
||||||
],
|
],
|
||||||
"type": "uses"
|
"type": "uses"
|
||||||
},
|
},
|
||||||
{
|
|
||||||
"dest-uuid": "f26144c5-8593-4e78-831a-11f6452d809b",
|
|
||||||
"tags": [
|
|
||||||
"estimative-language:likelihood-probability=\"likely\""
|
|
||||||
],
|
|
||||||
"type": "similar"
|
|
||||||
},
|
|
||||||
{
|
{
|
||||||
"dest-uuid": "fb261c56-b80e-43a9-8351-c84081e7213d",
|
"dest-uuid": "fb261c56-b80e-43a9-8351-c84081e7213d",
|
||||||
"tags": [
|
"tags": [
|
||||||
|
@ -18420,13 +18413,6 @@
|
||||||
],
|
],
|
||||||
"type": "uses"
|
"type": "uses"
|
||||||
},
|
},
|
||||||
{
|
|
||||||
"dest-uuid": "f26144c5-8593-4e78-831a-11f6452d809b",
|
|
||||||
"tags": [
|
|
||||||
"estimative-language:likelihood-probability=\"likely\""
|
|
||||||
],
|
|
||||||
"type": "similar"
|
|
||||||
},
|
|
||||||
{
|
{
|
||||||
"dest-uuid": "ff6caf67-ea1f-4895-b80e-4bb0fc31c6db",
|
"dest-uuid": "ff6caf67-ea1f-4895-b80e-4bb0fc31c6db",
|
||||||
"tags": [
|
"tags": [
|
||||||
|
|
|
@ -812,7 +812,11 @@
|
||||||
"https://attack.mitre.org/groups/G0019/",
|
"https://attack.mitre.org/groups/G0019/",
|
||||||
"https://www.secureworks.com/research/threat-profiles/bronze-geneva",
|
"https://www.secureworks.com/research/threat-profiles/bronze-geneva",
|
||||||
"https://cyware.com/news/chinese-naikon-group-back-with-new-espionage-attack-66a8413d",
|
"https://cyware.com/news/chinese-naikon-group-back-with-new-espionage-attack-66a8413d",
|
||||||
"https://cluster25.io/2022/04/29/lotus-panda-awake-last-strike/"
|
"https://cluster25.io/2022/04/29/lotus-panda-awake-last-strike/",
|
||||||
|
"https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/eagle-eye-is-back-apt30/",
|
||||||
|
"https://www2.fireeye.com/rs/fireye/images/rpt-apt30.pdf",
|
||||||
|
"https://attack.mitre.org/wiki/Group/G0013",
|
||||||
|
"https://www.mandiant.com/sites/default/files/2021-09/rpt-apt30.pdf"
|
||||||
],
|
],
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
"PLA Unit 78020",
|
"PLA Unit 78020",
|
||||||
|
@ -820,7 +824,9 @@
|
||||||
"Camerashy",
|
"Camerashy",
|
||||||
"Lotus Panda",
|
"Lotus Panda",
|
||||||
"BRONZE GENEVA",
|
"BRONZE GENEVA",
|
||||||
"G0019"
|
"G0019",
|
||||||
|
"APT 30",
|
||||||
|
"G0013"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"related": [
|
"related": [
|
||||||
|
@ -838,13 +844,6 @@
|
||||||
],
|
],
|
||||||
"type": "similar"
|
"type": "similar"
|
||||||
},
|
},
|
||||||
{
|
|
||||||
"dest-uuid": "f26144c5-8593-4e78-831a-11f6452d809b",
|
|
||||||
"tags": [
|
|
||||||
"estimative-language:likelihood-probability=\"likely\""
|
|
||||||
],
|
|
||||||
"type": "similar"
|
|
||||||
},
|
|
||||||
{
|
{
|
||||||
"dest-uuid": "f047ee18-7985-4946-8bfb-4ed754d3a0dd",
|
"dest-uuid": "f047ee18-7985-4946-8bfb-4ed754d3a0dd",
|
||||||
"tags": [
|
"tags": [
|
||||||
|
@ -3486,78 +3485,6 @@
|
||||||
"uuid": "f3179cfb-9c86-4980-bd6b-e4fa74adaaa7",
|
"uuid": "f3179cfb-9c86-4980-bd6b-e4fa74adaaa7",
|
||||||
"value": "ProjectSauron"
|
"value": "ProjectSauron"
|
||||||
},
|
},
|
||||||
{
|
|
||||||
"description": "APT 30 is a threat group suspected to be associated with the Chinese government. While Naikon shares some characteristics with APT30, the two groups do not appear to be exact matches.",
|
|
||||||
"meta": {
|
|
||||||
"attribution-confidence": "50",
|
|
||||||
"cfr-suspected-state-sponsor": "China",
|
|
||||||
"cfr-suspected-victims": [
|
|
||||||
"India",
|
|
||||||
"Saudi Arabia",
|
|
||||||
"Vietnam",
|
|
||||||
"Myanmar",
|
|
||||||
"Singapore",
|
|
||||||
"Thailand",
|
|
||||||
"Malaysia",
|
|
||||||
"Cambodia",
|
|
||||||
"China",
|
|
||||||
"Phillipines",
|
|
||||||
"South Korea",
|
|
||||||
"United States",
|
|
||||||
"Indonesia",
|
|
||||||
"Laos"
|
|
||||||
],
|
|
||||||
"cfr-target-category": [
|
|
||||||
"Government",
|
|
||||||
"Private sector"
|
|
||||||
],
|
|
||||||
"cfr-type-of-incident": "Espionage",
|
|
||||||
"country": "CN",
|
|
||||||
"refs": [
|
|
||||||
"https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/eagle-eye-is-back-apt30/",
|
|
||||||
"https://www2.fireeye.com/rs/fireye/images/rpt-apt30.pdf",
|
|
||||||
"https://attack.mitre.org/wiki/Group/G0013",
|
|
||||||
"https://www.cfr.org/interactive/cyber-operations/apt-30",
|
|
||||||
"https://www.mandiant.com/sites/default/files/2021-09/rpt-apt30.pdf"
|
|
||||||
],
|
|
||||||
"synonyms": [
|
|
||||||
"APT30",
|
|
||||||
"G0013"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"related": [
|
|
||||||
{
|
|
||||||
"dest-uuid": "2a158b0a-7ef8-43cb-9985-bf34d1e12050",
|
|
||||||
"tags": [
|
|
||||||
"estimative-language:likelihood-probability=\"likely\""
|
|
||||||
],
|
|
||||||
"type": "similar"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"dest-uuid": "2f1fd017-9df6-4759-91fb-e7039609b5ff",
|
|
||||||
"tags": [
|
|
||||||
"estimative-language:likelihood-probability=\"likely\""
|
|
||||||
],
|
|
||||||
"type": "similar"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"dest-uuid": "5e0a7cf2-6107-4d5f-9dd0-9df38b1fcba8",
|
|
||||||
"tags": [
|
|
||||||
"estimative-language:likelihood-probability=\"likely\""
|
|
||||||
],
|
|
||||||
"type": "similar"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"dest-uuid": "f047ee18-7985-4946-8bfb-4ed754d3a0dd",
|
|
||||||
"tags": [
|
|
||||||
"estimative-language:likelihood-probability=\"likely\""
|
|
||||||
],
|
|
||||||
"type": "similar"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"uuid": "f26144c5-8593-4e78-831a-11f6452d809b",
|
|
||||||
"value": "APT 30"
|
|
||||||
},
|
|
||||||
{
|
{
|
||||||
"description": "TA530, who we previously examined in relation to large-scale personalized phishing campaigns",
|
"description": "TA530, who we previously examined in relation to large-scale personalized phishing campaigns",
|
||||||
"meta": {
|
"meta": {
|
||||||
|
|
Loading…
Reference in a new issue