This commit is contained in:
Delta-Sierra 2022-11-22 12:43:18 +01:00
commit c02b74f999
6 changed files with 62664 additions and 7 deletions

View file

@ -1392,6 +1392,16 @@
], ],
"uuid": "505c6a54-a701-4a4b-85d4-0f2038b7b46a", "uuid": "505c6a54-a701-4a4b-85d4-0f2038b7b46a",
"value": "Dark.IoT" "value": "Dark.IoT"
},
{
"description": "Akamai Security Research has observed a new golang malware which they named KmsdBot. The malware scans for open SSH ports and performs a simple dictionary attack against it. The researchers from Akamai monitored only DDoS activity, but discovered also the functionality to launch cryptomining. The malware has varied targets including the gaming industry, technology industry, and luxury car manufacturers.",
"meta": {
"refs": [
"https://www.akamai.com/blog/security-research/kmdsbot-the-attack-and-mine-malware"
]
},
"uuid": "b6919400-9b16-48ae-8379-fab26a506e32",
"value": "KmsdBot"
} }
], ],
"version": 29 "version": 29

View file

@ -5,9 +5,9 @@
], ],
"category": "med-bdm-it", "category": "med-bdm-it",
"description": "Liste des maladies invalidantes reconnues comme handicap", "description": "Liste des maladies invalidantes reconnues comme handicap",
"name": "handicap", "name": "Handicap",
"source": "MDPH /caf", "source": "MDPH /caf",
"type": "Handicap", "type": "handicap",
"uuid": "84310ba3-fa6a-44aa-b378-b9e3271c7777", "uuid": "84310ba3-fa6a-44aa-b378-b9e3271c7777",
"values": [ "values": [
{ {
@ -272,5 +272,5 @@
"value": "Tumeur maligne" "value": "Tumeur maligne"
} }
], ],
"version": 1 "version": 2
} }

62608
clusters/sigma-rules.json Normal file

File diff suppressed because it is too large Load diff

View file

@ -9911,6 +9911,36 @@
}, },
"uuid": "906e2091-cc32-499e-a799-2b9b15e45042", "uuid": "906e2091-cc32-499e-a799-2b9b15e45042",
"value": "BazarCall" "value": "BazarCall"
},
{
"description": "Evasive Panda is an APT group that has been active since at least 2012, conducting cyberespionage targeting individuals, government institutions and organizations.",
"meta": {
"attribution-confidence": "50",
"cfr-suspected-state-sponsor": "China",
"cfr-suspected-victims": [
"Hong Kong",
"India",
"Malaysia",
"Taiwan"
],
"cfr-target-category": [
"Government",
"Individuals",
"Universities"
],
"cfr-type-of-incident": "Espionage",
"country": "CN",
"refs": [
"https://blog.malwarebytes.com/threat-analysis/2020/07/chinese-apt-group-targets-india-and-hong-kong-using-new-variant-of-mgbot-malware/",
"https://vb2020.vblocalhost.com/uploads/VB2020-43.pdf",
"https://www.virusbulletin.com/virusbulletin/2014/02/needle-haystack"
],
"synonym": [
"BRONZE HIGHLAND"
]
},
"uuid": "171d0590-be92-443f-addb-af5dc2a8034d",
"value": "Evasive Panda"
} }
], ],
"version": 253 "version": 253

View file

@ -1,9 +1,9 @@
{ {
"description": "Handicap classifying", "description": "Handicap classifying",
"icon": "android", "icon": "wheelchair",
"name": "handicap", "name": "Handicap",
"namespace": "misp", "namespace": "misp",
"type": "Handi", "type": "handicap",
"uuid": "84310ba3-fa6a-44aa-b378-b9e3271c7777", "uuid": "84310ba3-fa6a-44aa-b378-b9e3271c7777",
"version": 1 "version": 2
} }

View file

@ -0,0 +1,9 @@
{
"description": "Sigma Rules are used to detect suspicious behaviors related to threat actors, malware and tools",
"icon": "link",
"name": "Sigma-Rules",
"namespace": "misp",
"type": "sigma-rules",
"uuid": "9cf7cd2e-d5f1-48c4-9909-7896ba1c96b2",
"version": 1
}