mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 00:37:18 +00:00
[threat-actors] Add UNC1860
This commit is contained in:
parent
cbdca883d6
commit
aa21df1b3f
1 changed files with 11 additions and 0 deletions
|
@ -16907,6 +16907,17 @@
|
||||||
},
|
},
|
||||||
"uuid": "9686ff2b-01e0-46eb-9169-9e8d115be345",
|
"uuid": "9686ff2b-01e0-46eb-9169-9e8d115be345",
|
||||||
"value": "CosmicBeetle"
|
"value": "CosmicBeetle"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "UNC1860 is a persistent and opportunistic Iranian state-sponsored threat actor that is likely affiliated with Iran’s Ministry of Intelligence and Security (MOIS). A key feature of UNC1860 is its collection of specialized tooling and passive backdoors that Mandiant believes supports several objectives, including its role as a probable initial access provider and its ability to gain persistent access to high-priority networks, such as those in the government and telecommunications space throughout the Middle East.",
|
||||||
|
"meta": {
|
||||||
|
"country": "IR",
|
||||||
|
"refs": [
|
||||||
|
"https://cloud.google.com/blog/topics/threat-intelligence/unc1860-iran-middle-eastern-networks"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "80a874d5-0645-4245-aeb6-9b33a8689928",
|
||||||
|
"value": "UNC1860"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 315
|
"version": 315
|
||||||
|
|
Loading…
Reference in a new issue