mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-30 02:37:17 +00:00
[threat-actors] Add Earth Longzhi
This commit is contained in:
parent
a91734af6c
commit
c9e85b4d16
1 changed files with 16 additions and 0 deletions
|
@ -12167,6 +12167,22 @@
|
||||||
},
|
},
|
||||||
"uuid": "8c08dbe7-3ed0-4d7d-b315-22d8774a5bd9",
|
"uuid": "8c08dbe7-3ed0-4d7d-b315-22d8774a5bd9",
|
||||||
"value": "UNC3886"
|
"value": "UNC3886"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Earth Longzhi is a subgroup of APT41 targeting organizations based in Taiwan, Thailand, the Philippines, and Fiji, and using “stack rumbling” via Image File Execution Options (IFEO), a new denial-of-service (DoS) technique to disable security software.",
|
||||||
|
"meta": {
|
||||||
|
"aliases": [
|
||||||
|
"SnakeCharmer"
|
||||||
|
],
|
||||||
|
"refs": [
|
||||||
|
"https://www.picussecurity.com/resource/blog/cyber-threat-intelligence-report-may-2023",
|
||||||
|
"https://www.trendmicro.com/en_us/research/23/e/attack-on-security-titans-earth-longzhi-returns-with-new-tricks.html",
|
||||||
|
"https://ics-cert.kaspersky.com/publications/reports/2023/03/24/apt-attacks-on-industrial-organizations-in-h2-2022/",
|
||||||
|
"https://www.trendmicro.com/en_us/research/22/k/hack-the-real-box-apt41-new-subgroup-earth-longzhi.html"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "b21dbf83-3459-44f4-b91b-6157379e430a",
|
||||||
|
"value": "Earth Longzhi"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 288
|
"version": 288
|
||||||
|
|
Loading…
Reference in a new issue