MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-11-22 23:07:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

chg: [threat-actor] GhostEmperor updated

Browse source
This commit is contained in:
Rony 2024-09-26 17:12:54 +00:00 committed by GitHub
parent f6f6ab550f
commit aeab78b95e
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 12 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
clusters/threat-actor.json
View file

@ -15233,8 +15233,18 @@
"meta": {
"country": "CN",
"refs": [
"https://www.mandiant.com/resources/blog/unc4841-post-barracuda-zero-day-remediation",
"https://securelist.com/ghostemperor-from-proxylogon-to-kernel-mode/104407/"
"https://securelist.com/ghostemperor-from-proxylogon-to-kernel-mode/104407/",
"https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/09/30094337/GhostEmperor_technical-details_PDF_eng.pdf",
"https://www.welivesecurity.com/2021/09/23/famoussparrow-suspicious-hotel-guest/",
"https://www.ncsc.gov.uk/files/NCSC-MAR-SparrowDoor.pdf",
"https://cloud.google.com/blog/topics/threat-intelligence/unc4841-post-barracuda-zero-day-remediation",
"https://www.sygnia.co/blog/ghost-emperor-demodex-rootkit/",
"https://www.wsj.com/politics/national-security/china-cyberattack-internet-providers-260bd835"
],
"synonyms": [
"FamousSparrow",
"UNC2286",
"Salt Typhoon"
]
},
"uuid": "3c3ca8f3-c6ab-4c5d-9bd0-be6677d6cdeb",