[threat-actors] Add LightBasin

This commit is contained in:
Mathieu Beligon 2023-11-29 11:28:37 -08:00
parent 313dd82bb9
commit d4c2788b87

View file

@ -13553,6 +13553,22 @@
}, },
"uuid": "40375ed2-04ec-433f-969d-b9a004c0272e", "uuid": "40375ed2-04ec-433f-969d-b9a004c0272e",
"value": "DragonForce" "value": "DragonForce"
},
{
"description": "UNC1945 is an APT group that has been targeting telecommunications companies globally. They use Linux-based implants to maintain long-term access in compromised networks. UNC1945 has demonstrated advanced technical abilities, utilizing various tools and techniques to evade detection and move laterally through networks. They have also been observed targeting other industries, such as financial and professional consulting, and have been linked to other threat actors, including MustangPanada and RedDelta.",
"meta": {
"refs": [
"https://www.mandiant.com/resources/unc2891-overview",
"https://www.crowdstrike.com/blog/an-analysis-of-lightbasin-telecommunications-attacks/",
"https://blog.talosintelligence.com/introducing-shrouded-snooper/"
],
"synonyms": [
"UNC1945",
"CL-CRI-0025"
]
},
"uuid": "a1955738-563c-413c-8602-ea5b8c89ce21",
"value": "LightBasin"
} }
], ],
"version": 295 "version": 295