mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-30 02:37:17 +00:00
[threat-actors] Add Cotton Sandstorm
This commit is contained in:
parent
b61a0a60a2
commit
b8a504c174
1 changed files with 19 additions and 0 deletions
|
@ -14094,6 +14094,25 @@
|
||||||
},
|
},
|
||||||
"uuid": "6a77a337-bfa0-416c-8c06-1d489d0d6838",
|
"uuid": "6a77a337-bfa0-416c-8c06-1d489d0d6838",
|
||||||
"value": "Caliente Bandits"
|
"value": "Caliente Bandits"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Cotton Sandstorm is an Iranian threat actor involved in hack-and-leak operations. They have targeted various organizations, including the French satirical magazine Charlie Hebdo, where they obtained and leaked personal information of over 200,000 customers. The group has been linked to the Iranian government and has been sanctioned by the US Treasury",
|
||||||
|
"meta": {
|
||||||
|
"country": "IR",
|
||||||
|
"refs": [
|
||||||
|
"https://blog.sekoia.io/iran-cyber-threat-overview/",
|
||||||
|
"https://blogs.microsoft.com/on-the-issues/2023/02/03/dtac-charlie-hebdo-hack-iran-neptunium/",
|
||||||
|
"https://www.ic3.gov/Media/News/2022/220126.pdf",
|
||||||
|
"https://www.microsoft.com/en-us/security/business/security-insider/threat-briefs/iran-response-for-charlie-hebdo-attacks/"
|
||||||
|
],
|
||||||
|
"synonyms": [
|
||||||
|
"Emennet Pasargad",
|
||||||
|
"Holy Souls",
|
||||||
|
"NEPTUNIUM"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "bbb389f2-344f-4ca8-a9c9-902061f88deb",
|
||||||
|
"value": "Cotton Sandstorm"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 297
|
"version": 297
|
||||||
|
|
Loading…
Reference in a new issue