mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-29 18:27:19 +00:00
chg: [threat-actor] version bump
This commit is contained in:
parent
db913e5ab4
commit
aea413cebf
1 changed files with 17 additions and 9 deletions
|
@ -838,7 +838,8 @@
|
||||||
"https://www.secureworks.com/research/threat-profiles/bronze-union",
|
"https://www.secureworks.com/research/threat-profiles/bronze-union",
|
||||||
"https://unit42.paloaltonetworks.com/atoms/iron-taurus/",
|
"https://unit42.paloaltonetworks.com/atoms/iron-taurus/",
|
||||||
"https://www.mandiant.com/resources/insights/apt-groups",
|
"https://www.mandiant.com/resources/insights/apt-groups",
|
||||||
"https://www.pwc.co.uk/cyber-security/pdf/pwc-cyber-threats-2020-a-year-in-retrospect.pdf"
|
"https://www.pwc.co.uk/cyber-security/pdf/pwc-cyber-threats-2020-a-year-in-retrospect.pdf",
|
||||||
|
"https://www.welivesecurity.com/2021/03/10/exchange-servers-under-siege-10-apt-groups/"
|
||||||
],
|
],
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
"GreedyTaotie",
|
"GreedyTaotie",
|
||||||
|
@ -4466,7 +4467,8 @@
|
||||||
"https://securelist.com/cactuspete-apt-groups-updated-bisonal-backdoor/97962/",
|
"https://securelist.com/cactuspete-apt-groups-updated-bisonal-backdoor/97962/",
|
||||||
"https://www.wsj.com/articles/chinas-secret-weapon-in-south-korea-missile-fight-hackers-1492766403",
|
"https://www.wsj.com/articles/chinas-secret-weapon-in-south-korea-missile-fight-hackers-1492766403",
|
||||||
"https://www.pwc.co.uk/cyber-security/pdf/pwc-cyber-threats-2020-a-year-in-retrospect.pdf",
|
"https://www.pwc.co.uk/cyber-security/pdf/pwc-cyber-threats-2020-a-year-in-retrospect.pdf",
|
||||||
"https://www.fireeye.com/content/dam/fireeye-www/summit/cds-2019/presentations/cds19-executive-s08-achievement-unlocked.pdf"
|
"https://www.fireeye.com/content/dam/fireeye-www/summit/cds-2019/presentations/cds19-executive-s08-achievement-unlocked.pdf",
|
||||||
|
"https://www.welivesecurity.com/2021/03/10/exchange-servers-under-siege-10-apt-groups/"
|
||||||
],
|
],
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
"CactusPete",
|
"CactusPete",
|
||||||
|
@ -4538,7 +4540,8 @@
|
||||||
"https://attack.mitre.org/groups/G0060/",
|
"https://attack.mitre.org/groups/G0060/",
|
||||||
"https://www.secureworks.com/research/threat-profiles/bronze-butler",
|
"https://www.secureworks.com/research/threat-profiles/bronze-butler",
|
||||||
"https://unit42.paloaltonetworks.com/atoms/stalkertaurus/",
|
"https://unit42.paloaltonetworks.com/atoms/stalkertaurus/",
|
||||||
"https://twitter.com/iiyonite/status/1384431491485155331"
|
"https://twitter.com/iiyonite/status/1384431491485155331",
|
||||||
|
"https://www.welivesecurity.com/2021/03/10/exchange-servers-under-siege-10-apt-groups/"
|
||||||
],
|
],
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
"Nian",
|
"Nian",
|
||||||
|
@ -7403,10 +7406,10 @@
|
||||||
"https://www.uscc.gov/sites/default/files/2022-02/Adam_Kozy_Testimony.pdf",
|
"https://www.uscc.gov/sites/default/files/2022-02/Adam_Kozy_Testimony.pdf",
|
||||||
"https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/cyber-year-in-retrospect/yir-cyber-threats-report-download.pdf",
|
"https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/cyber-year-in-retrospect/yir-cyber-threats-report-download.pdf",
|
||||||
"https://www.pwc.co.uk/cyber-security/pdf/pwc-cyber-threats-2020-a-year-in-retrospect.pdf",
|
"https://www.pwc.co.uk/cyber-security/pdf/pwc-cyber-threats-2020-a-year-in-retrospect.pdf",
|
||||||
"https://www.fireeye.com/content/dam/fireeye-www/summit/cds-2019/presentations/cds19-executive-s08-achievement-unlocked.pdf"
|
"https://www.fireeye.com/content/dam/fireeye-www/summit/cds-2019/presentations/cds19-executive-s08-achievement-unlocked.pdf",
|
||||||
|
"https://www.welivesecurity.com/2021/03/10/exchange-servers-under-siege-10-apt-groups/"
|
||||||
],
|
],
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
"Double Dragon",
|
|
||||||
"G0096",
|
"G0096",
|
||||||
"TA415",
|
"TA415",
|
||||||
"Blackfly",
|
"Blackfly",
|
||||||
|
@ -7536,7 +7539,8 @@
|
||||||
"description": "For the first time, the activity of the Calypso group was detected by specialists of PT Expert Security Center in March 2019, during the work to detect cyber threats. As a result, many malware samples of this group were obtained, affected organizations and control servers of intruders were identified. According to our data, the group has been active since at least September 2016. The main goal of the group is to steal confidential data, the main victims are government agencies from Brazil, India, Kazakhstan, Russia, Thailand, Turkey. Our data suggest that the group has Asian roots. Description translated from Russian.",
|
"description": "For the first time, the activity of the Calypso group was detected by specialists of PT Expert Security Center in March 2019, during the work to detect cyber threats. As a result, many malware samples of this group were obtained, affected organizations and control servers of intruders were identified. According to our data, the group has been active since at least September 2016. The main goal of the group is to steal confidential data, the main victims are government agencies from Brazil, India, Kazakhstan, Russia, Thailand, Turkey. Our data suggest that the group has Asian roots. Description translated from Russian.",
|
||||||
"meta": {
|
"meta": {
|
||||||
"refs": [
|
"refs": [
|
||||||
"https://www.ptsecurity.com/upload/corporate/ru-ru/analytics/calypso-apt-2019-rus.pdf"
|
"https://www.ptsecurity.com/upload/corporate/ru-ru/analytics/calypso-apt-2019-rus.pdf",
|
||||||
|
"https://www.welivesecurity.com/2021/03/10/exchange-servers-under-siege-10-apt-groups/"
|
||||||
],
|
],
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
"BRONZE MEDLEY"
|
"BRONZE MEDLEY"
|
||||||
|
@ -9093,7 +9097,10 @@
|
||||||
"refs": [
|
"refs": [
|
||||||
"https://www.bleepingcomputer.com/news/security/new-toddycat-apt-group-targets-exchange-servers-in-asia-europe/",
|
"https://www.bleepingcomputer.com/news/security/new-toddycat-apt-group-targets-exchange-servers-in-asia-europe/",
|
||||||
"https://securelist.com/toddycat/106799/",
|
"https://securelist.com/toddycat/106799/",
|
||||||
"https://www.welivesecurity.com/2021/03/10/exchange-servers-under-siege-10-apt-groups/"
|
"https://www.welivesecurity.com/2021/03/10/exchange-servers-under-siege-10-apt-groups/",
|
||||||
|
"https://gteltsc.vn/blog/cap-nhat-nhe-ve-lo-hong-bao-mat-0day-microsoft-exchange-dang-duoc-su-dung-de-tan-cong-cac-to-chuc-tai-viet-nam-9685.html",
|
||||||
|
"https://community.riskiq.com/article/d8b749f2",
|
||||||
|
"https://teamt5.org/en/posts/assassinations-of-minininja-in-various-apac-countries/"
|
||||||
],
|
],
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
"Websiic"
|
"Websiic"
|
||||||
|
@ -9484,7 +9491,8 @@
|
||||||
"https://securelist.com/apt-trends-report-q2-2019/91897",
|
"https://securelist.com/apt-trends-report-q2-2019/91897",
|
||||||
"https://securelist.com/apt-trends-report-q2-2020/97937",
|
"https://securelist.com/apt-trends-report-q2-2020/97937",
|
||||||
"https://securelist.com/it-threat-evolution-q2-2020/98230",
|
"https://securelist.com/it-threat-evolution-q2-2020/98230",
|
||||||
"https://securelist.com/apt-trends-report-q3-2021/104708"
|
"https://securelist.com/apt-trends-report-q3-2021/104708",
|
||||||
|
"https://www.welivesecurity.com/2021/03/10/exchange-servers-under-siege-10-apt-groups/"
|
||||||
],
|
],
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
"SixLittleMonkeys"
|
"SixLittleMonkeys"
|
||||||
|
@ -9708,5 +9716,5 @@
|
||||||
"value": "Aoqin Dragon"
|
"value": "Aoqin Dragon"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 244
|
"version": 245
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue